Tweet
Tweet

Slide 1

Slide 1 text

THE SOCIAL CODING CONTRACT

Slide 2

Slide 2 text

My name is Justin Searls Please tweet me @searls & Say [email protected]

Slide 3

Slide 3 text

Open Source is Good!

Slide 4

Slide 4 text

!❤️!

Slide 5

Slide 5 text

$%

Slide 6

Slide 6 text

&'(

Slide 7

Slide 7 text

is Open Source Good?

Slide 8

Slide 8 text

!)

Slide 9

Slide 9 text

%⏰+

Slide 10

Slide 10 text

,'(

Slide 11

Slide 11 text

-

Slide 12

Slide 12 text

- . -- -

Slide 13

Slide 13 text

- . -- - / .

Slide 14

Slide 14 text

- . -- - / . . 0

Slide 15

Slide 15 text

- . -- - / . . 0 . 1

Slide 16

Slide 16 text

- . -- - / . . 0 . 2 . 1

Slide 17

Slide 17 text

- . -- - / . . 0 . 2 . 1 ✅

Slide 18

Slide 18 text

- . -- - / . . 0 . 2 . 1 ✅

Slide 19

Slide 19 text

No content

Slide 20

Slide 20 text

No content

Slide 21

Slide 21 text

No content

Slide 22

Slide 22 text

No content

Slide 23

Slide 23 text

No content

Slide 24

Slide 24 text

ideology, n. \ ˌˌ i-dē- ˈ ä-lƧ-jē\

Slide 25

Slide 25 text

ideology, n. \ ˌˌ i-dē- ˈ ä-lƧ-jē\ "They do not know it, but they are doing it"

Slide 26

Slide 26 text

ideology, n. \ ˌˌ i-dē- ˈ ä-lƧ-jē\ "They do not know it, but they are doing it" - Karl Marx

Slide 27

Slide 27 text

Open source fans are a bunch of hippies so I figured I'd start with a Marx quote

Slide 28

Slide 28 text

No content

Slide 29

Slide 29 text

philosophy

Slide 30

Slide 30 text

economics philosophy

Slide 31

Slide 31 text

economics philosophy

Slide 32

Slide 32 text

The march of progress & our false consciousness

Slide 33

Slide 33 text

IN THE BEGINNING

Slide 34

Slide 34 text

SPECIALIZATION

Slide 35

Slide 35 text

SPECIALIZATION veggies

Slide 36

Slide 36 text

SPECIALIZATION veggies meats

Slide 37

Slide 37 text

SPECIALIZATION veggies meats games

Slide 38

Slide 38 text

INDUSTRIALIZATION

Slide 39

Slide 39 text

INDUSTRIALIZATION

Slide 40

Slide 40 text

INDUSTRIALIZATION

Slide 41

Slide 41 text

INDUSTRIALIZATION

Slide 42

Slide 42 text

INTERNETIFICATION 1-Click

Slide 43

Slide 43 text

BIG DATAFICATION

Slide 44

Slide 44 text

BIG DATAFICATION ???

Slide 45

Slide 45 text

Unintended Consequences

Slide 46

Slide 46 text

No content

Slide 47

Slide 47 text

FOR, LIKE, AT LEAST A MONTH

Slide 48

Slide 48 text

progress awfulness

Slide 49

Slide 49 text

progress awfulness

Slide 50

Slide 50 text

progress awfulness

Slide 51

Slide 51 text

No content

Slide 52

Slide 52 text

progress awfulness

Slide 53

Slide 53 text

progress awfulness

Slide 54

Slide 54 text

No content

Slide 55

Slide 55 text

No content

Slide 56

Slide 56 text

Open Source's Progress

Slide 57

Slide 57 text

.h & .c files

Slide 58

Slide 58 text

No content

Slide 59

Slide 59 text

No content

Slide 60

Slide 60 text

No content

Slide 61

Slide 61 text

No content

Slide 62

Slide 62 text

veggies Makefile

Slide 63

Slide 63 text

No content

Slide 64

Slide 64 text

No content

Slide 65

Slide 65 text

jar file

Slide 66

Slide 66 text

No content

Slide 67

Slide 67 text

No content

Slide 68

Slide 68 text

No content

Slide 69

Slide 69 text

1-Click Gemfile

Slide 70

Slide 70 text

No content

Slide 71

Slide 71 text

No content

Slide 72

Slide 72 text

No content

Slide 73

Slide 73 text

No content

Slide 74

Slide 74 text

package.json

Slide 75

Slide 75 text

No content

Slide 76

Slide 76 text

No content

Slide 77

Slide 77 text

No content

Slide 78

Slide 78 text

No content

Slide 79

Slide 79 text

No content

Slide 80

Slide 80 text

50ft

Slide 81

Slide 81 text

50ft 100ft

Slide 82

Slide 82 text

50ft 100ft windows max file path limit

Slide 83

Slide 83 text

short-term progress

Slide 84

Slide 84 text

short-term progress for the low, low price of

Slide 85

Slide 85 text

short-term progress for the low, low price of long-term fragility

Slide 86

Slide 86 text

No content

Slide 87

Slide 87 text

Build a small, but non-trivial, Rails app. An empty app has ~50 gem dependencies; yours will have 75-100. Go away for six months. Come back and update all of your dependencies. Your app no longer works.

Slide 88

Slide 88 text

It's easy to start a Jekyll blog, though. Easy to install sass. Easy to generate a Rails app. Always easy right now, never in a year.

Slide 89

Slide 89 text

No content

Slide 90

Slide 90 text

What we think our app is

Slide 91

Slide 91 text

What our app really is

Slide 92

Slide 92 text

easy, but not simple

Slide 93

Slide 93 text

We say "it's a Rails app"

Slide 94

Slide 94 text

We never say "and Rails depends on thor >= 0.18.1, < 2.0"

Slide 95

Slide 95 text

We never say "and Rails depends on thor >= 0.18.1, < 2.0" We don't even notice that!

Slide 96

Slide 96 text

Bundler could not find compatible versions for gem "thor": In Gemfile: ajax-cat (= 2.1.0) ruby depends on thor (~> 0.15.2) ruby rails (= 4.1.4) ruby depends on railties (= 4.1.4) ruby depends on thor (0.18.1) Even though 272 gems can no longer be installed!

Slide 97

Slide 97 text

What if Bundler told us more? ... Using unicorn 4.8.3 Using zurb-foundation 4.3.2 Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed.

Slide 98

Slide 98 text

What if Bundler told us more? ... Using unicorn 4.8.3 Using zurb-foundation 4.3.2 Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed. Your bundle has 10 direct dependencies and 43 transitive dependencies.

Slide 99

Slide 99 text

What if Bundler told us more? ... Using unicorn 4.8.3 Using zurb-foundation 4.3.2 Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed. Your bundle has 10 direct dependencies and 43 transitive dependencies. Your gems' version specifiers preclude the installation of 1300 gems.

Slide 100

Slide 100 text

What if Bundler told us more? ... Using unicorn 4.8.3 Using zurb-foundation 4.3.2 Your bundle is complete! Use `bundle show [gemname]` to see where a bundled gem is installed. Your bundle has 10 direct dependencies and 43 transitive dependencies. Your gems' version specifiers preclude the installation of 1300 gems. `bundle update` would be unable to update 5 gems to the latest version.

Slide 101

Slide 101 text

No content

Slide 102

Slide 102 text

No content

Slide 103

Slide 103 text

C

Slide 104

Slide 104 text

C B

Slide 105

Slide 105 text

C B A

Slide 106

Slide 106 text

C B A

Slide 107

Slide 107 text

C B A

Slide 108

Slide 108 text

C B A

Slide 109

Slide 109 text

C B A ???

Slide 110

Slide 110 text

C B A ???4?

Slide 111

Slide 111 text

C B A ???4?5?

Slide 112

Slide 112 text

C B A

Slide 113

Slide 113 text

C B A

Slide 114

Slide 114 text

C B A

Slide 115

Slide 115 text

C B A

Slide 116

Slide 116 text

C B A

Slide 117

Slide 117 text

One day, every new install started failing

Slide 118

Slide 118 text

B A C

Slide 119

Slide 119 text

B A C 4

Slide 120

Slide 120 text

myAC B A 4

Slide 121

Slide 121 text

myAC B A D 4

Slide 122

Slide 122 text

myAC B A D

Slide 123

Slide 123 text

Video of me that weekend

Slide 124

Slide 124 text

No content

Slide 125

Slide 125 text

No content

Slide 126

Slide 126 text

need

Slide 127

Slide 127 text

convenience need

Slide 128

Slide 128 text

convenience need complexity

Slide 129

Slide 129 text

convenience need complexity risk

Slide 130

Slide 130 text

convenience need complexity risk mystery

Slide 131

Slide 131 text

As painful as Makefiles are, they still work 30 years later

Slide 132

Slide 132 text

No content

Slide 133

Slide 133 text

No content

Slide 134

Slide 134 text

Open Source Maintainers are not Rockstars

Slide 135

Slide 135 text

Maintainers are just extra-early adopters

Slide 136

Slide 136 text

MAINTAINER EARLY ADOPTER

Slide 137

Slide 137 text

MAINTAINER EARLY ADOPTER soap for ruby

Slide 138

Slide 138 text

MAINTAINER EARLY ADOPTER soap for ruby No results found

Slide 139

Slide 139 text

MAINTAINER EARLY ADOPTER

Slide 140

Slide 140 text

MAINTAINER EARLY ADOPTER

Slide 141

Slide 141 text

MAINTAINER EARLY ADOPTER

Slide 142

Slide 142 text

MAINTAINER EARLY ADOPTER soap for ruby

Slide 143

Slide 143 text

MAINTAINER EARLY ADOPTER soap for ruby 1. soapy-ruby gem

Slide 144

Slide 144 text

MAINTAINER EARLY ADOPTER

Slide 145

Slide 145 text

MAINTAINER EARLY ADOPTER

Slide 146

Slide 146 text

MAINTAINER EARLY ADOPTER

Slide 147

Slide 147 text

MAINTAINER EARLY ADOPTER

Slide 148

Slide 148 text

MAINTAINER EARLY ADOPTER

Slide 149

Slide 149 text

MAINTAINER EARLY ADOPTER

Slide 150

Slide 150 text

SCRATCHING AN ITCH

Slide 151

Slide 151 text

SCRATCHING AN ITCH

Slide 152

Slide 152 text

SCRATCHING AN ITCH

Slide 153

Slide 153 text

SCRATCHING AN ITCH

Slide 154

Slide 154 text

SCRATCHING AN ITCH

Slide 155

Slide 155 text

SCRATCHING AN ITCH

Slide 156

Slide 156 text

SCRATCHING AN ITCH

Slide 157

Slide 157 text

MAINTAINER EARLY ADOPTER

Slide 158

Slide 158 text

MAINTAINER hey, let's own this together! EARLY ADOPTER

Slide 159

Slide 159 text

MAINTAINER hey, let's own this together! EARLY ADOPTER wow, me? let's do this!

Slide 160

Slide 160 text

MAINTAINER EARLY ADOPTER

Slide 161

Slide 161 text

MAINTAINER hey, let's make you a committer! EARLY ADOPTER

Slide 162

Slide 162 text

MAINTAINER hey, let's make you a committer! EARLY ADOPTER awesome, i will help sometimes!

Slide 163

Slide 163 text

MAINTAINER EARLY ADOPTER

Slide 164

Slide 164 text

MAINTAINER hey, let's never communicate again! EARLY ADOPTER

Slide 165

Slide 165 text

MAINTAINER hey, let's never communicate again! EARLY ADOPTER sounds good, bye forever!

Slide 166

Slide 166 text

MAINTAINER hey, let's never communicate again! EARLY ADOPTER

Slide 167

Slide 167 text

Why don't maintainers just share control?

Slide 168

Slide 168 text

time happiness

Slide 169

Slide 169 text

time happiness

Slide 170

Slide 170 text

time happiness

Slide 171

Slide 171 text

time happiness

Slide 172

Slide 172 text

time happiness

Slide 173

Slide 173 text

Late adopters will disabuse them of this happiness

Slide 174

Slide 174 text

MAINTAINER LATE ADOPTER

Slide 175

Slide 175 text

MAINTAINER LATE ADOPTER 0 commits this week

Slide 176

Slide 176 text

MAINTAINER LATE ADOPTER 0 commits this week

Slide 177

Slide 177 text

MAINTAINER LATE ADOPTER 0 commits this week

Slide 178

Slide 178 text

MAINTAINER LATE ADOPTER 0 commits this week

Slide 179

Slide 179 text

MAINTAINER LATE ADOPTER 0 commits this week

Slide 180

Slide 180 text

MAINTAINER LATE ADOPTER 0 commits this week

Slide 181

Slide 181 text

MAINTAINER no recent commits? sounds stable! LATE ADOPTER 0 commits this week

Slide 182

Slide 182 text

MAINTAINER LATE ADOPTER 800 stars? sounds safe! 0 commits this week

Slide 183

Slide 183 text

MAINTAINER LATE ADOPTER open source? sounds free! 0 commits this week

Slide 184

Slide 184 text

maintainer' s needs

Slide 185

Slide 185 text

maintainer & early adopters' needs

Slide 186

Slide 186 text

No content

Slide 187

Slide 187 text

user needs

Slide 188

Slide 188 text

user needs a negotiation

Slide 189

Slide 189 text

Literally, like, two days later

Slide 190

Slide 190 text

MAINTAINER LATE ADOPTER

Slide 191

Slide 191 text

MAINTAINER LATE ADOPTER

Slide 192

Slide 192 text

MAINTAINER what?! it doesn't [enterprise] my [enterprise] at all! LATE ADOPTER

Slide 193

Slide 193 text

MAINTAINER LATE ADOPTER how could they ignore such an important use case?!

Slide 194

Slide 194 text

No content

Slide 195

Slide 195 text

No content

Slide 196

Slide 196 text

No content

Slide 197

Slide 197 text

No content

Slide 198

Slide 198 text

No content

Slide 199

Slide 199 text

No content

Slide 200

Slide 200 text

No content

Slide 201

Slide 201 text

No content

Slide 202

Slide 202 text

No content

Slide 203

Slide 203 text

time happiness

Slide 204

Slide 204 text

time happiness

Slide 205

Slide 205 text

time happiness

Slide 206

Slide 206 text

Late adopters expect more niche features than early adopters

Slide 207

Slide 207 text

Late adopters make better customers than users

Slide 208

Slide 208 text

Late adopters make better customers than users

Slide 209

Slide 209 text

Late adopters make better customers than users Dual-license

Slide 210

Slide 210 text

Late adopters make better customers than users Dual-license "Pro™" features

Slide 211

Slide 211 text

Late adopters make better customers than users Dual-license "Pro™" features Paid support

Slide 212

Slide 212 text

Late adopters make better customers than users Dual-license "Pro™" features Paid support ¯\_(π)_/¯

Slide 213

Slide 213 text

Maintainers should feel free to say "No"

Slide 214

Slide 214 text

No content

Slide 215

Slide 215 text

MAINTAINER TROLLS

Slide 216

Slide 216 text

[HATE] MAINTAINER TROLLS

Slide 217

Slide 217 text

plz stahp [HATE] MAINTAINER TROLLS

Slide 218

Slide 218 text

plz stahp [THREATS] MAINTAINER TROLLS

Slide 219

Slide 219 text

woah! not cool! [THREATS] MAINTAINER TROLLS

Slide 220

Slide 220 text

woah! not cool! [REDACTED] MAINTAINER TROLLS

Slide 221

Slide 221 text

(›°□°ʣ›ớ ᵲᴸᵲ [REDACTED] MAINTAINER TROLLS

Slide 222

Slide 222 text

No content

Slide 223

Slide 223 text

No content

Slide 224

Slide 224 text

No content

Slide 225

Slide 225 text

ASYMMETRIC POWER maintainer users

Slide 226

Slide 226 text

ASYMMETRIC POWER maintainer users

Slide 227

Slide 227 text

ASYMMETRIC POWER maintainer users

Slide 228

Slide 228 text

ASYMMETRIC POWER maintainer users

Slide 229

Slide 229 text

ASYMMETRIC POWER maintainer users

Slide 230

Slide 230 text

ASYMMETRIC POWER maintainer users

Slide 231

Slide 231 text

No content

Slide 232

Slide 232 text

time happiness

Slide 233

Slide 233 text

time happiness

Slide 234

Slide 234 text

MAINTAINER ANYBODY

Slide 235

Slide 235 text

MAINTAINER i'm burnt out can someone help me maintain this? ANYBODY

Slide 236

Slide 236 text

hello? MAINTAINER ANYBODY

Slide 237

Slide 237 text

anybody? MAINTAINER ANYBODY

Slide 238

Slide 238 text

time happiness

Slide 239

Slide 239 text

time happiness

Slide 240

Slide 240 text

No Maintainer is Forever

Slide 241

Slide 241 text

No content

Slide 242

Slide 242 text

<_why disappears>

Slide 243

Slide 243 text

What if there were an app for this?

Slide 244

Slide 244 text

PRO %QPPGEVVQ5GTXKEGU 4WD[)GOU )KVJWD UGVWR

Slide 245

Slide 245 text

;QWT2TQLGEVU NKPGOCPLUNKPGOCP ;'5 ;'5 01 01 UGCTNULCUOKPGTCKNU ;'5 01 VGUVFQWDNGRTGUGPV 0GGF*GNR!

Slide 246

Slide 246 text

2TQLGEVU;QW7UG UGCTNULCUOKPGTCKNU OKMGCNTGSWGUV npm %QPVCEV %QPVCEV 1HHGT*GNR

Slide 247

Slide 247 text

No content

Slide 248

Slide 248 text

$GPGHKEKCTKGU VMCWHOCP DMGGRGTU npm npm 4GOQXG 4GOQXG +HCHVGTFC[U[QWFQPQVTGURQPFVQCEJGEMKPGOCKN[QWT TGRQUKVQTKGU QYPGTUJKRYKNNDGVTCPUHGTTGFVQVJGUGRGQRNG

Slide 249

Slide 249 text

61UGCTNU 57$,'%6%JGEMKP *KUGCTNU 2NGCUGXGTKH[[QW TGUVKNNCDNGVQ OCKPVCKP[QWTQRGPUQWTEGD[ TGRN[KPIVQVJKUGOCKNQTENKEMKPI VJKUNKPM

Slide 250

Slide 250 text

I like to call this app:

Slide 251

Slide 251 text

I like to call this app: SomebodyPleaseMakeThis

Slide 252

Slide 252 text

I like to call this app: SomebodyPleaseMakeThis.io

Slide 253

Slide 253 text

What about the ☁️?

Slide 254

Slide 254 text

No content

Slide 255

Slide 255 text

Can any centralized service be open?

Slide 256

Slide 256 text

I ask, because most open source infrastructure is centralized

Slide 257

Slide 257 text

What if RubyGems disappears?

Slide 258

Slide 258 text

What if npm fails and loses a month of backups?

Slide 259

Slide 259 text

What might a decentralized dependency service look like?

Slide 260

Slide 260 text

No content

Slide 261

Slide 261 text

OH NO! GITHUB WENT DOWN!

Slide 262

Slide 262 text

No content

Slide 263

Slide 263 text

GOOD THING THAT' S ALL WE USE GITHUB FOR!

Slide 264

Slide 264 text

No content

Slide 265

Slide 265 text

No content

Slide 266

Slide 266 text

No content

Slide 267

Slide 267 text

No content

Slide 268

Slide 268 text

No content

Slide 269

Slide 269 text

How can we connect numerous services while avoiding single points of failure?

Slide 270

Slide 270 text

No content

Slide 271

Slide 271 text

No content

Slide 272

Slide 272 text

Open Source requires adoption

Slide 273

Slide 273 text

Adoption requires trust

Slide 274

Slide 274 text

No content

Slide 275

Slide 275 text

explicit trust

Slide 276

Slide 276 text

explicit trust implicit trust

Slide 277

Slide 277 text

How do we get people to trust us?

Slide 278

Slide 278 text

Marketing!

Slide 279

Slide 279 text

Consider Linus Torvalds' 1991 announcement of Linux

Slide 280

Slide 280 text

No content

Slide 281

Slide 281 text

No Catchy Name!

Slide 282

Slide 282 text

No Catchy Name! Self deprecation!

Slide 283

Slide 283 text

No Catchy Name! Self deprecation! Off-message!

Slide 284

Slide 284 text

Linux wouldn't have made the front page of Hacker News!

Slide 285

Slide 285 text

No content

Slide 286

Slide 286 text

Logo!

Slide 287

Slide 287 text

Logo! Web-site stuff!

Slide 288

Slide 288 text

Logo! Foundation Affiliation! Web-site stuff!

Slide 289

Slide 289 text

More dependencies means less time to vet them

Slide 290

Slide 290 text

No content

Slide 291

Slide 291 text

Quick intro!

Slide 292

Slide 292 text

Quick intro! Easy steps!

Slide 293

Slide 293 text

Quick intro! Easy steps! Mostly green badges!

Slide 294

Slide 294 text

It's an arms race %

Slide 295

Slide 295 text

No content

Slide 296

Slide 296 text

gradients!

Slide 297

Slide 297 text

gradients! Authoritative Tagline!

Slide 298

Slide 298 text

gradients! One-liner! Authoritative Tagline!

Slide 299

Slide 299 text

gradients! 1000 things! One-liner! Authoritative Tagline!

Slide 300

Slide 300 text

Optimized for adoption

Slide 301

Slide 301 text

Optimized for adoption

Slide 302

Slide 302 text

Optimized for adoption

Slide 303

Slide 303 text

Optimized for adoption

Slide 304

Slide 304 text

Optimized for adoption

Slide 305

Slide 305 text

Optimized for adoption

Slide 306

Slide 306 text

Optimized for adoption

Slide 307

Slide 307 text

Who's got time to vet transitive dependencies?

Slide 308

Slide 308 text

The more people you trust, the more people you don't realize you trust

Slide 309

Slide 309 text

Recognize when projects are marketing to you

Slide 310

Slide 310 text

Open Security

Slide 311

Slide 311 text

You can do worse than security through obscurity

Slide 312

Slide 312 text

"Open source code is accessible to everyone!"

Slide 313

Slide 313 text

"Open source code is accessible to everyone!"

Slide 314

Slide 314 text

WHO READS THE SOURCE?

Slide 315

Slide 315 text

WHO READS THE SOURCE? People who claim to

Slide 316

Slide 316 text

WHO READS THE SOURCE? People who claim to People who actually do

Slide 317

Slide 317 text

WHO READS THE SOURCE? People who fork

Slide 318

Slide 318 text

WHO READS THE SOURCE? People who fork Forkers who do anything

Slide 319

Slide 319 text

WHO READS THE SOURCE? People with Commit rights

Slide 320

Slide 320 text

WHO READS THE SOURCE? People with Commit rights Committers

Slide 321

Slide 321 text

WHO READS THE SOURCE? People that send a pull request

Slide 322

Slide 322 text

WHO READS THE SOURCE? People that send a pull request Not just drive-by PRs

Slide 323

Slide 323 text

WHO READS THE SOURCE? People hunting for exploits

Slide 324

Slide 324 text

WHO READS THE SOURCE? People hunting for exploits

Slide 325

Slide 325 text

/bin/bash

Slide 326

Slide 326 text

No content

Slide 327

Slide 327 text

Global variables everywhere extern int posixly_correct; extern int line_number, line_number_base; extern int subshell_environment, indirection_level; extern int build_version, patch_level; extern int expanding_redir; extern int last_command_exit_value; extern char *dist_version, *release_status; extern char *shell_name; extern char *primary_prompt, *secondary_prompt; extern char *current_host_name; extern sh_builtin_func_t *this_shell_builtin; extern SHELL_VAR *this_shell_function; extern char *the_printed_command_except_trap; extern char *this_command_name; extern char *command_execution_string; extern time_t shell_start_time; extern int assigning_in_environment; extern int executing_builtin; extern int funcnest_max;

Slide 328

Slide 328 text

Side-effects everywhere static void create_variable_tables ()

Slide 329

Slide 329 text

The vulnerable function for (string_index = 0; string = env[string_index++]; ) { char_index = 0; name = string; while ((c = *string++) && c != '=') ; if (string[-1] == '=') char_index = string - name - 1; /* If there are weird things in the environment, like `=xxx' or a string without an `=', just skip them. */ if (char_index == 0) continue; /* ASSERT(name[char_index] == '=') */ name[char_index] = '\0'; /* Now, name = env variable name, string = env variable value, and char_index == strlen (name) */ temp_var = (SHELL_VAR *)NULL; /* If exported function, define it now. Don't import functions from the environment in privileged mode. */ if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4)) {

Slide 330

Slide 330 text

The vulnerable function for (string_index = 0; string = env[string_index++]; ) {

Slide 331

Slide 331 text

As a rubyist I don't spend a lot of time with for loops, but...

Slide 332

Slide 332 text

The vulnerable function for (string_index = 0; string = env[string_index++]; ) {

Slide 333

Slide 333 text

The vulnerable function for (i = 0; env[i] != NULL; i++) {

Slide 334

Slide 334 text

"The solution is not...proprietary software—the solution is to put energy and resources into auditing and improving free programs." - Free Software Foundation

Slide 335

Slide 335 text

Who wants to audit the quality of code that literally everyone depends on?

Slide 336

Slide 336 text

No content

Slide 337

Slide 337 text

popular adoption

Slide 338

Slide 338 text

popular adoption importance of audit

Slide 339

Slide 339 text

popular adoption importance of audit motivation to audit

Slide 340

Slide 340 text

Tragedy of the Commons:

Slide 341

Slide 341 text

Tragedy of the Commons: It's nobody's problem until it's everybody's problem

Slide 342

Slide 342 text

text text text text text

Slide 343

Slide 343 text

Don't let your business believe open source is a free lunch

Slide 344

Slide 344 text

No content

Slide 345

Slide 345 text

No content

Slide 346

Slide 346 text

THESE STICK FIGURES WERE A LIE

Slide 347

Slide 347 text

How we communicate

Slide 348

Slide 348 text

How we communicate

Slide 349

Slide 349 text

How we communicate

Slide 350

Slide 350 text

How we communicate

Slide 351

Slide 351 text

How we communicate Asynchronous text

Slide 352

Slide 352 text

We are no more than:

Slide 353

Slide 353 text

We are no more than: an avatar

Slide 354

Slide 354 text

We are no more than: a user @name an avatar

Slide 355

Slide 355 text

We are no more than: a user @name an avatar some emoji 78

Slide 356

Slide 356 text

We are no more than: a user @name an avatar some emoji 78 text on a screen

Slide 357

Slide 357 text

In open source, no one can hear you scream

Slide 358

Slide 358 text

In open source, no one can hear you scream (And that's a problem.)

Slide 359

Slide 359 text

No content

Slide 360

Slide 360 text

UNCERTAINTY?

Slide 361

Slide 361 text

AMBIGUITY?

Slide 362

Slide 362 text

DISAGREEMENT?

Slide 363

Slide 363 text

SIMMERING DISDAIN?

Slide 364

Slide 364 text

SIMMERING DISDAIN?

Slide 365

Slide 365 text

SIMMERING DISDAIN?

Slide 366

Slide 366 text

SIMMERING DISDAIN?

Slide 367

Slide 367 text

SIMMERING DISDAIN?

Slide 368

Slide 368 text

SIMMERING DISDAIN?

Slide 369

Slide 369 text

This strategy can be great troll repellant

Slide 370

Slide 370 text

What if we could do this:

Slide 371

Slide 371 text

What if we could do this:

Slide 372

Slide 372 text

What if we could do this:

Slide 373

Slide 373 text

What if we could do this:

Slide 374

Slide 374 text

What if we could do this:

Slide 375

Slide 375 text

What does the future hold?

Slide 376

Slide 376 text

progress awfulness

Slide 377

Slide 377 text

progress awfulness we are here

Slide 378

Slide 378 text

progress awfulness we are here

Slide 379

Slide 379 text

progress awfulness we are here what happens here?

Slide 380

Slide 380 text

Extrapolating from our culture of dependence

Slide 381

Slide 381 text

No content

Slide 382

Slide 382 text

No content

Slide 383

Slide 383 text

No content

Slide 384

Slide 384 text

time high level low level Innovation ' s

Slide 385

Slide 385 text

time high level low level Innovation ' s

Slide 386

Slide 386 text

time high level low level Innovation ' s

Slide 387

Slide 387 text

time high level low level Innovation ' s

Slide 388

Slide 388 text

time high level low level Innovation ' s

Slide 389

Slide 389 text

time high level low level Innovation ' s

Slide 390

Slide 390 text

time high level low level Today' s dependency "culture" Innovation ' s

Slide 391

Slide 391 text

time high level low level Today' s dependency "culture" Innovation ' s

Slide 392

Slide 392 text

time high level low level Today' s dependency "culture" How will it translate? Innovation ' s

Slide 393

Slide 393 text

Systems programmers tend to be conservative, cautious

Slide 394

Slide 394 text

No content

Slide 395

Slide 395 text

Isolated from innovation

Slide 396

Slide 396 text

Isolated from innovation curmudgeonly disposition

Slide 397

Slide 397 text

curmudgeonly disposition Accidental cautiousness

Slide 398

Slide 398 text

Accidental cautiousness Intentional cautiousness

Slide 399

Slide 399 text

Embedded & real-time failures may have grave consequences

Slide 400

Slide 400 text

high level low level

Slide 401

Slide 401 text

high level low level HealthCare.gov

Slide 402

Slide 402 text

high level low level HealthCare.gov

Slide 403

Slide 403 text

high level low level HealthCare.gov

Slide 404

Slide 404 text

Adopting a dependency outsources our understanding of how to do something

Slide 405

Slide 405 text

Dependency Our app

Slide 406

Slide 406 text

Dependency Our app

Slide 407

Slide 407 text

Dependency Our app Understanding debt

Slide 408

Slide 408 text

"Understanding debt" can be paid down by iterating

Slide 409

Slide 409 text

If iterative releases aren't possible, don't outsource understanding

Slide 410

Slide 410 text

high level low level

Slide 411

Slide 411 text

high level low level

Slide 412

Slide 412 text

high level low level

Slide 413

Slide 413 text

high level low level 5-years

Slide 414

Slide 414 text

high level low level 5-years 30-years

Slide 415

Slide 415 text

high level low level 5-years 30-years

Slide 416

Slide 416 text

high level low level 5-years 30-years

Slide 417

Slide 417 text

high level low level 5-years 30-years

Slide 418

Slide 418 text

high level low level 5-years 30-years

Slide 419

Slide 419 text

high level low level 5-years 30-years

Slide 420

Slide 420 text

high level low level 5-years 30-years

Slide 421

Slide 421 text

easy to iterate high level low level 5-years 30-years

Slide 422

Slide 422 text

easy to iterate high level low level 5-years 30-years hard to iterate

Slide 423

Slide 423 text

These concerns require deeper up-front understanding of low-level systems

Slide 424

Slide 424 text

DEPTH OF UNDERSTANDING High level web app Low level plane control

Slide 425

Slide 425 text

DEPTH OF UNDERSTANDING High level web app Low level plane control

Slide 426

Slide 426 text

DEPTH OF UNDERSTANDING High level web app Low level plane control

Slide 427

Slide 427 text

DEPTH OF UNDERSTANDING High level web app Low level plane control Needs to know how browsers work

Slide 428

Slide 428 text

DEPTH OF UNDERSTANDING High level web app Low level plane control Needs to know how browsers work Needs to know how planes work

Slide 429

Slide 429 text

DEPTH OF UNDERSTANDING High level web app Low level plane control Needs to know how browsers work Needs to know how planes work

Slide 430

Slide 430 text

DEPTH OF UNDERSTANDING High level web app Low level plane control Needs to know how browsers work Needs to know how planes work

Slide 431

Slide 431 text

DEPTH OF UNDERSTANDING High level web app Low level plane control Needs to know how browsers work Needs to know how planes work ⚠️

Slide 432

Slide 432 text

DEPTH OF UNDERSTANDING High level web app Low level plane control Needs to know how browsers work Needs to know how planes work

Slide 433

Slide 433 text

"Modern" tooling is a product of high-level web development

Slide 434

Slide 434 text

time Innovation ' s high level low level

Slide 435

Slide 435 text

time Today' s perspective Innovation ' s high level low level

Slide 436

Slide 436 text

time Today' s perspective Innovation ' s high level low level

Slide 437

Slide 437 text

time Innovation ' s high level low level

Slide 438

Slide 438 text

time Innovation ' s New, broader perspective high level low level

Slide 439

Slide 439 text

Systems innovations may reciprocate some cautiousness & understanding

Slide 440

Slide 440 text

No content

Slide 441

Slide 441 text

Open Source can be better!

Slide 442

Slide 442 text

!:;

Slide 443

Slide 443 text

!<=

Slide 444

Slide 444 text

%>

Slide 445

Slide 445 text

%> %?

Slide 446

Slide 446 text

%> %? %4

Slide 447

Slide 447 text

%> %? %4 @A

Slide 448

Slide 448 text

&'(

Slide 449

Slide 449 text

&'( &'

Slide 450

Slide 450 text

&'( &' &'

Slide 451

Slide 451 text

My name is Justin Searls Please tweet me @searls & Say [email protected]

Slide 452

Slide 452 text

Please say hello if your team could use our team's help B

Slide 453

Slide 453 text

Like everyone, we're hiring! Just [email protected]

Slide 454

Slide 454 text

Find me during a break to chat or to grab a sticker!

Slide 455

Slide 455 text

My name is Justin Searls Please tweet me @searls & Say [email protected]

Slide 456

Slide 456 text

Attribution: Lock designed by Sam Smith from the thenounproject.com Shower Curtain designed by Rohan Gupta from the thenounproject.com Campfire designed by VALÈRE DAYAN from the thenounproject.com Stand designed by Evan Travelstead from the thenounproject.com Shopping Cart designed by Renee Ramsey-Passmore from the thenounproject.com Milk designed by Jeff Seevers from the thenounproject.com Milk designed by NAS from the thenounproject.com Breakfast designed by Konrad Michalik from the thenounproject.com Tablet designed by Pham Thi Dieu Linh from the thenounproject.com Can designed by Blaise Sewell from the thenounproject.com Door designed by Olaus Linn from the thenounproject.com Door designed by Sebastian Langer from the thenounproject.com Box designed by David Waschbüsch from the thenounproject.com Tomato designed by Nana Faisal from the thenounproject.com Keyboard designed by misirlou from the thenounproject.com Computer designed by Edward Boatman from the thenounproject.com Hammer designed by John Caserta from the thenounproject.com Star designed by Edward Boatman from the thenounproject.com Puzzle Piece designed by Roberto Chiaveri from the thenounproject.com Mail designed by Anas Ramadan from the thenounproject.com Text designed by Christopher Holm-Hansen from the thenounproject.com Phone designed by Tom Walsh from the thenounproject.com Video designed by useiconic.com from the thenounproject.com Cocktail designed by Okan Benn from the thenounproject.com Laptop designed by Olivier Guin from the thenounproject.com Laptop designed by Michael Loupos from the thenounproject.com Airplane designed by Andrew Fortnum from the thenounproject.com Coupon designed by Scott Lewis from the thenounproject.com Database designed by Shmidt Sergey from the thenounproject.com Microchip designed by Martin Vanco from the thenounproject.com Speedometer designed by Olly Banham from the thenounproject.com