Loris Degioanni of Sysdig

    I'm Chris Chinchilla. Welcome to my podcast, an enthusiastic ramble through whatever has taken my interest the past week or so. Expect technology, games, history, travel, geekery, and as always, much, much more.

    Welcome to another Chinchilla Squeaks with me, Chris Chinchilla, back after a little bit of a holiday. I was in Austin. I spent most of my time in Cambridge, actually. Harvard and MIT area. Very nice area, actually, and Harvard was very pretty. MIT gave me this kind of feeling of, of awe, actually, you know, probably the same at Stanford, just one of these places where, you know, so many things have been invented and discovered and et cetera, et cetera.

    It didn't look as pretty as Harvard, but it had more impact on me. And I felt slightly nerdy and nervous. But enough of that. I am back with another interview with Loris of Sysdig. Sysdig are another company in the cloud container asset infrastructure security and observability ecosystem, but have actually been around it for some time, so bring a different perspective.

    to what has increasingly become a busy space, but they have been there since the very early days. So we talk about all sorts of things around their journey and the journey of that ecosystem. But first I am going to start with a few links. I've got quite a few from Wired for some reason today. I think I resubscribed to the newsletters.

    That might be why. But hey, it's good to know that Wired is still ticking along, putting out a good quality content anyway. And this is something from Carrie McCannon about the GitHub black market helps coders cheat the popularity contest. This actually relates very nicely. It's a shame it didn't come out two weeks ago.

    Back to my interview with Donna. On the last episode from the Chaos Project about metrics and how GitHub metrics are not particularly reliable, or to be precise, GitHub vanity metrics like forks and pull requests and likes and stars and things like that. This is gamed way more than you might think.

    There's literally websites called buygithub. com where people, I don't know who would do this, but I guess people do, can pay mostly. Crypto tokens, unsurprisingly, to get stars on projects and 6 can get you 50. I don't know if I don't find it hard to know if that's worth it. 6 seems kind of high for 50 stars.

    And how do they do it? Is it with people or is it automated? I'm not sure, but this whole wide and it's part of a whole wider black market of online engagement. She also mentions upvotes on product hunt, followers and views on. Kaggle and all sorts of things. And I think where this really relates is that for years, many people, including myself, have been telling people, you know, you need to have a community profile, an open source profile, that kind of thing.

    And as everybody does that, how do you stand out? Well, you have to have a better looking profile. So is it worth you paying to have a better looking profile? If everybody now has a better looking profile, what's next, et cetera, et cetera. I've heard many people saying that now these online profiles that used to differentiate you from everybody else also are not enough anymore.

    So what is next, I suppose, is the conversation. And this article really digs into how. It's actually become the one it mentions here. Cryptocurrency. It's seems to be unfortunate. Okay. Cash or cash. I don't know. It was the worst offender. 97 percent of it's 759 stars, which actually. isn't a tremendous amount were flagged as fake.

      0:00 / 51:40