Open Source

Naomi Ceder, Lynn Root and Tracy Osborn on Diversity in the Python Community - Episode 11

Listen to past episodes, read about the show and check out our donations section at podcastinit.com

Brief Introduction

  • Date of recording – Jun-10th, 2015
  • Hosts Macey and Chris Patti
  • Follow us on iTunes, Stitcher or TuneIn
  • Give us feedback! (iTunes, Twitter, email, Disqus comments)
  • You can donate (if you want)!
  • Overview – Interview with Tracy Osborn, Naomi Ceder, Lynn Root

Interview with Prominent PyLadies

  • Introductions
    • Tracy Osborn
    • Naomi Ceder
    • Lynn Root
  • How did you get introduced to Python?
  • In what ways do you think the Python community has succeeded in making itself more friendly and welcoming to women and other under represented minorities, and where could it do better?
    • Python community leadership takes a positive stance on diversity
    • Codes of conduct are taken very seriously
    • Financial diversity needs more focus
  • What can you tell us about PyLadies and DJango Girls?
    • PyLadies
      • started in a coffee shop in LA
      • pip install PyLadies
      • Over 70 locations on almost every continent – half on meetup.com
  • What are some of the challenges you still face in being a part of the Python community, and how can our listeners help?
    • Don’t be disparaging about women-focused events
  • I had to read up to page 17 of the top authors list on PyPi to find a woman. Can you provide some insight into what may be contributing to this state of affairs and how we can help to improve it?
    • pypi is confusing and intimidating
    • Process and tools are tough to use
    • Maybe Pyladies should host a “make your own package” night
    • Mentorship and easy HOWTOs are needed
  • You have all gained some notoriety in the Python community through work that you have done. Do you feel that you were faced with greater adversity than your peers in the course of your careers?
    • Startup community more hostile than Python community
  • We are talking to each of you because of your involvement in the Python community. Have you worked with and been involved in other language communities? If so, can you provide some comparisons between that and Python in how they manage the subject of diversity, gender and otherwise?
    • Design community – lots of conferences with “all dude” conference speaker line up
    • Startups very focused on males for employees and customers
  • What effect do you think job descriptions play in excluding women and other minorities from roles in development positions? (In reference to https://blog.safaribooksonline.com/2015/06/08/on-recruiting-inclusiveness-and-crafting-better-job-descriptions/)
    • Discourage more appropriate term than exclude
    • Women less likely to apply for roles that they are not completely qualified for
    • Spotify experimenting with blind resume review and cross-checking of job descriptions
      • Result is more women applying and having better results
  • For any women and young girls who may be considering a career in technology, do you have any words of advice?
    • Go for it, but be aware that it’s hard
  • Do you have any advice for the men in the Python community and technology as a whole?
    • Actually listen when somebody tells you that it’s not the same for them (race, economics, gender)
    • Have some compassion and empathy
    • Men should educate themselves
    • Old habits die hard but getting over them is important
  • Is there anything we haven’t discussed that any of you would like to bring up?

    Picks

  • Tobias
  • Chris
  • Naomi Ceder
  • Lynn Root
  • Tracy Osborn
    • EasyPost – Simplifies generating shipping labels for USPS

      Keep in Touch

  • Naomi Ceder
  • Lynn Root
  • Tracy Osborn

The intro and outro music is from Requiem for a Fish The Freak Fandango Orchestra / CC BY-SA

Brian Granger and Fernando Perez of the IPython Project - Episode 10

You can find past episodes and other information about the show at podcastinit.com

Brief Introduction

  • Date of recording – June 3rd, 2015
  • Hosts – Tobias Macey and Chris Patti
  • Overview – Interview with Fernando Perez and Brian Granger, core developers of IPython/Project Jupyter
  • Follow us on iTunes, Stitcher or TuneIn
  • Give us feedback! (iTunes, Twitter, email, Disqus comments)
  • You can donate (if you want)!

Interview with Brian Granger and Fernando Perez

Picks

Keep in Touch

The intro and outro music is from Requiem for a Fish The Freak Fandango
Orchestra

/ CC BY-SA

David Baumgold on Flask-Dance, WebhookDB and Open EdX - Episode 9

You can find out more about us and view previous episodes at podcastinit.com.

Brief Introduction

Interview with David Baumgold

  • Introduction
  • How did you get introduced to Python?
  • What problem does Flask-Dance solve that wasn’t covered by other libraries?
  • What were some of the technical issues that you encountered while building Flask-Dance?
  • What are some of the design considerations that you had when building Flask-Dance?
  • You also built webhookdb for replicating GitHub’s information to be queryable. What are some use cases for which you would want to do that?
  • What is Open EdX and what is its intended audience?
  • What are some of the challenges implementing a system like Open EdX, and what can Python developers learn from the implementation of the project?

Picks

Keep in touch

Mark Baggett on Python for InfoSec - Episode 8

Read all of our show notes and find more information about us at Beautiful Soup

Brief Introduction

  • Date of recording – May 28th, 2015
  • Hosts – Tobias Macey and Chris Patti
  • Overview – Interview with Mark Bagett
  • Follow us on iTunes, Stitcher or TuneIn
  • Give us feedback! (iTunes, Twitter, email, Disqus comments)
  • You can donate (if you want)!

Interview with Mark Bagett

  • Introductions
  • How were you first introduced to Python? – Chris
    • Started using it for automating tasks while working as a sysadmin
    • Found code that launched an attack on FTP server – in Python
  • What are some of the tasks in your job that you use Python for? -Tobias
    • Trusted command & control backdoor for Windows
      • Mostly not used by malware authors – thus far (at least Mark hasn’t seen it used that way)
      • Flame virus – 5MB payload – incredibly advanced
        • Lua interpreter bundled along with the scripts
      • Vale framework – Python framework that takes payloads out of penetration testing executables
  • What is it about Python that makes it useful for penetration testing and other information security tasks?
    • Same thing that makes it useful for anything else
    • mpacket from core security
  • What are some of the more useful Python penetration testing tools?
  • We’ve noticed that a lot of the literature around information security and penetration testing focuses on targeting Windows. Can you enlighten us as to why that is?
    • Windows event tracing
      • logman
      • event trace providers – implement packet sniffing (Can turn every browser into a key logger)
    • Primary attack surface – Where most attacks are targeted
    • Fewer purely Linux systems
      • Very few ports open – maybe 80, 22
      • Very likely no user just sitting there waiting to run an executable you send
    • More freedom on Linux – less formalized patching process, more variable tools = more exploits
    • Will write code to only use built in modules for Python that will run in customer target environments
  • What are some of the legal considerations that you have to deal with on a regular basis as a penetration tester?
  • There have recently been a number of attacks based on hijacking the TCP/IP stack. Is Python being used for any of these exploits or tools to defend against them?
    • Data analytics
    • Detect repeated sequence numbers – Man in the Middle Attack
      • As simple as 5 lines of Python code
      • import scapy, start sniffing packets, pull together all packets – make list of associated packets
      • Can pull together all packets inside of stream
      • Time spefic source communicates with specific destination
      • Bro – intrusion detection suite
        • Built into Security Onion – Doug Berks
        • FLOSS Weekly episode 296 with Bro developers
  • What are some activities that you do on a regular basis for which you would turn to another language or toolchain, rather than using Python?
    • Powershell – The Python of windows
      • Whitelisted and ubiquitous
    • Password cracking – compiled language like C or assembly
  • For anyone who is interested in getting involved in the security industry, and penetration testing in particular, what resources or tools would you recommend?
    • Developers make the best InfoSec professionals
      • Lots of jobs and opportunities
    • Developer -> Systems Administration -> Information Security
    • Security conferences – BSides, Defcon, Black Hat
    • Online capture the flag challenges (google it) – good practice for critical thinking and using code for security exercises
    • Get involved in the industry – Meetups, etc.
    • SANS institute course, Python for Penetration Testers, SEC573 by Mark Baggett – sans.org
    • Lots of free online resources
    • Violent Python
    • PicoCTF
    • Counter Hack Challenges

Picks

Keep in Touch

The intro and outro music is from Requiem for a Fish The Freak Fandango Orchestra / CC BY-SA

Jacob Kaplan-Moss on Addressing Cultural Issues in Tech - Episode 7

Read all of our show notes and find more information about us at podcastinit.com

Brief Introduction

  • Date of recording – May 18th, 2015
  • Hosts – Tobias Macey and Chris Patti
  • Follow us on iTunes, Stitcher or TuneIn
  • Give us feedback! (iTunes, Twitter, email, Disqus comments)
  • Overview – Interview with Jacob Kaplan-Moss

Interview with Jacob Kaplan-Moss

  • Introductions
  • How were you first introduced to Python?
  • So, we wanted to invite you on the show to discuss the keynote that you gave at this years PyCon. Can you tell us what you mean when you say that you’re a mediocre programmer and why that is such an important admission to make?
  • What are some ways that we can change the tone of the conversation around programming skill?
  • What do we gain by admitting to ourselves and others that we are not all phenomenal engineers?
  • Where does the myth of exceptional vs terrible programmers come from? Can you provide some examples of times that you came in contact with this narrative?
  • How do you think hiring tactics in technology companies contribute to this misconception and how can they be more accepting of average programmers?
  • What are some ways that we can work toward eradicating the myth of the 10x programmer?
  • Thinking about our industry’s problems retaining women and other undervalued groups, do you think the way many managers do performance reviews play a role? If so, how can we do better?
  • Can you tell us about some other ongoing narratives in the technology industry that you find equally as damaging as our misconceptions around skills and knowledge? – Tobias

Picks

Keep In Touch

Jonathan Slenders Talks About Prompt Toolkit - Episode 6

Visit our site at podcastinit.com for more show notes and news.

Brief Introduction

  • Date of recording – May 17th, 2015
  • Hosts – Tobias Macey and Chris Patti
  • Follow us on iTunes, Stitcher or TuneIn
  • Give us feedback! (iTunes, Twitter, email, Disqus comments)
  • Overview – Interview with Jonathan Slenders

    Interview with Jonathan Slenders

  • Introductions
  • How were you first introduced to Python? -Chris
  • What inspired you to create the python-prompt-toolkit?
  • What are some design considerations that you made when building prompt-toolkit?
    • Make minimal use of inheritance
      • Overly strong coupling
      • Better clarity for the API of your library
      • Completely event driven / asynchronous
      • No global state
    • ptpython completion benefits from asynchrony – The jedi completion library is too slow – completion happens in its own thread
  • You have built a number of projects that use the prompt-toolkit as a core component, did you have them in mind from the beginning, or are they experiments to test the capabilities of the toolkit?
  • Do you intend to bring PyVim to feature parity with Vim, or is it just intended for experimentation?
    • Short answer: Don’t know – but will probably never be in full parity with Vim
  • What inspired you to create ptpython and why did you choose to make it a stand-along project rather than extending iPython?
  • How difficult was it to integrate with IPython and what were the benefits?
    • IPython has its own event loop – this presented difficulties as prompt-toolkit has its own as well
  • What are some of the most interesting uses that you have seen of the prompt-toolkit?
    • PyVim – really challenged the design
    • pgcli

      Picks

  • Tobias
  • Chris
  • Jonathan Slenders
    • Belgian Beer
      • Rochefort
    • Western European Folk Dancing

      Keep in touch

  • Twitter – @jonathan_s
  • GitHub – jonathanslenders