Dead Code

Jared Norman

The software industry has a short memory. It warps good ideas, quickly obfuscating their context and intent. Dead Code seeks to extract the good ideas from the chaos of modern software development. Hosted on Acast. See acast.com/privacy for more information.

  1. 7 OCT

    Deserial Killer (with Matt Schwager)

    Jared sits down with Trail of Bits security engineer Matt Schwager to discuss the persistent security risks of Ruby’s Marshal library. Matt explains that while Marshal (and Python’s Pickle) makes serialization simple and fast for tasks like caching, its “serialize anything” design has led to over a decade of recurring vulnerabilities. Despite repeated patches, new bugs and exploitation gadgets keep surfacing, often hidden in defaults or legacy code, as seen in Rails caching and RubyGems.org. Matt argues that this reflects a fundamental trade-off between ergonomics and security, suggesting alternatives like JSON are safer, though less convenient. He highlights mitigation strategies such as documentation, static analysis, and fuzzing with his tool Ruzzy, while also pointing to broader Ruby risks like eval misuse, SSRF, and supply chain issues. Jared reflects on the cultural tension in Ruby between ease of use and security, wondering if safer defaults could help developers avoid these common pitfalls. Links: Trail of Bits Blog Ruby Marshal documentation Python Pickle documentation JSON YAML TOML MessagePack Rails Caching Guide RubyGems.org RubyGems source on GitHub Ruzzy on GitHub AFL on GitHub Semgrep Registry Black Hat USA 2017 Talk Dead Code Podcast Links: Mastodon X Jared’s Links: Mastodon X twitch.tv/jardonamron Jared’s Newsletter & Website Episode Transcript Hosted on Acast. See acast.com/privacy for more information.

    32 min

  2. 23 SEP

    Crushing Riffs (with Kasper Timm Hansen)

    In this Dead Code episode, Jared talks with longtime Rubyist and former Rails Core member Kasper Timm Hansen about “riffing,” a sketch-first approach to software design. Instead of jumping straight into migrations and production code, Kasper opens a scratch Ruby file—mixing real and pseudo-code with short prompts—to explore names, relationships, and system flow without worrying about correctness. The practice surfaces unknowns early, conserves mental stamina, and produces lightweight artifacts that can guide teams or even become executable prototypes. Kasper shares stories from client work, a RailsConf demo, and workshops showing how riffing helps uncover design flaws, generate stronger options, and make domain modeling more collaborative. He encourages developers to treat code like sketches, be less precious about early ideas, and embrace riffing as a fun, low-cost way to boost creativity and resilience in software design. Links: Spinel Coop RailsConf 2024 Talk (YouTube) RailsConf 2024 Slides (Speaker Deck) Kasper’s website Kasper’s GitHub Dead Code Podcast Links: Mastodon X Jared’s Links: Mastodon X twitch.tv/jardonamron Jared’s Newsletter & Website Episode Transcript Hosted on Acast. See acast.com/privacy for more information.

    41 min

  3. 9 SEP

    Fear-Driven Everything (with Justin Searls)

    On this episode of Dead Code, Jared talks with Justin Searls, co-founder of Test Double, about programming workflows, decision-making, and the evolving role of developers. They explore how the order and tempo of thought matter more than static code, why tackling the riskiest problems first can shape better outcomes, and how Justin’s idea of the “full-breadth developer” expands a programmer’s role to include product vision and context. The conversation touches on Agile and XP roots, consulting realities, and how AI coding agents can both accelerate and complicate work. The episode wraps with Justin encouraging blogging and direct connection, while Jared reflects on building a “grand unified theory” of how programmers decide their next step. Links: Sign up at jardo.dev/anarchyagile to enter the 50th episode giveaway! Test Double Justin Searls: Find his writing, projects, and podcast Breaking Change at justin.searls.co Growing Object-Oriented Software, Guided by Tests by Steve Freeman & Nat Pryce Extreme Programming Explained by Kent Beck The Secrets of Consulting by Jerry Weinberg Clojure REPL Solidus SwiftData CloudKit Cursor Claude Code Dead Code Podcast Links: Mastodon X Jared’s Links: Mastodon X twitch.tv/jardonamron Jared’s Newsletter & Website Episode Transcript Hosted on Acast. See acast.com/privacy for more information.

    1 h y 1 min

  4. 26 AGO

    Rage Quit Stamina Theory

    The 50th episode of the Dead Code Podcast brought Karl Weber, Jared Norman, Benjamin Wil, Sofia Besenski, and Noah Silveira together to mark the milestone with sharp, funny, and critical takes on the state of tech. They skewered CEOs bragging about AI-driven layoffs as short-sighted profiteering, questioned the hype fueling the AI bubble, and praised Ruby and Rails for extending developers’ “rage quit stamina” despite flaws in error reporting and dependency management. The group emphasized the importance of empathetic, fast code reviews and smaller PRs, arguing that culture and collaboration matter more than mythical “10x developers.” They also critiqued DHH’s claim that executives should be the least busy, framing it as privilege disguised as wisdom, while pointing out that rest and balance benefit everyone. The episode captured their signature mix of humor, industry critique, and camaraderie, closing with gratitude for 50 episodes and excitement for what’s next. Links: Giveaway: Anarchy Agile hats — enter at jardo.dev/anarchyagile “CEOs Are Publicly Boasting About Reducing Their Workforces With AI” – Futurism The Pragmatic Engineer 2025 Survey: What’s in your tech stack? Part 1 “Two Simple Rules to Fix Code Reviews” – The Pragmatic Engineer “In Praise of Normal Engineers” – Charity Majors, Honeycomb “Executives Should Be the Least Busy People” – David Heinemeier Hansson Dead Code Podcast Links: Mastodon X Jared’s Links: Mastodon X twitch.tv/jardonamron Jared’s Newsletter & Website Episode Transcript Hosted on Acast. See acast.com/privacy for more information.

    48 min

  5. 12 AGO

    Radiation Hardened (with Dave Gauer)

    In this episode of Dead Code, Jared interviews Dave Gauer, creator of the Ziglings project—a whimsical, hands-on tutorial for learning the Zig programming language. Dave shares how Ziglings began as a personal learning tool and grew into a widely loved resource, especially among younger developers. He emphasizes the value of learning in public, blending humor, accessibility, and bite-sized challenges to make complex systems programming concepts less intimidating. The conversation also explores Dave’s deep interest in the Forth language, the appeal of small, self-contained “microworlds” for learning, and his broader philosophy on sharing work, embracing whimsy, and building things that make programming joyful and approachable. Links: Ziglings Zig Rustlings Forth ColorForth Alpine Linux Lynx browser Why’s (Poignant) Guide to Ruby Learning Perl The Little Schemer Mindstorms by Seymour Papert Steal Like an Artist by Austin Kleon Ratfactor.com – Dave Gauer’s personal website and blog. Forth in Space (section on Ratfactor) – Dave’s notes on how Forth has been used in radiation-hardened chips and space tech. Dead Code Podcast Links: Mastodon X Jared’s Links: Mastodon X twitch.tv/jardonamron Jared’s Newsletter & Website Episode Transcript Hosted on Acast. See acast.com/privacy for more information.

    1 h y 3 min

  6. 29 JUL

    Epistemic Extinction (with Mond)

    In this episode of Dead Code, Jared and guest Mond explore how James C. Scott’s concepts of legibility, metis, and episteme apply to tech interviews, arguing that standardized hiring processes prioritize what’s easy to measure over what truly reflects engineering skill. They critique the over-reliance on algorithmic interviews, noting that senior engineering work often depends on tacit knowledge—metis—that can’t be captured in rubrics or LeetCode problems. The conversation touches on Goodhart’s Law, the risks of over-optimization, and how attempts to make human processes more legible through metrics can backfire. Jared shares how his company experiments with more realistic code assessments, though both acknowledge the challenges of scaling less standardized approaches. They conclude by warning that technological standardization of social systems, like hiring, can entrench flawed norms and obscure what actually matters. Links: James C. Scott Seeing Like a State Legibility (as a concept) Goodhart’s Law The Cobra Effect LeetCode YAML Mond’s Blog – Here Comes the Moon Dead Code Podcast Links: Mastodon X Jared’s Links: Mastodon X twitch.tv/jardonamron Jared’s Newsletter & Website Episode Transcript Hosted on Acast. See acast.com/privacy for more information.

    33 min

  7. 15 JUL

    Naked and Semantic (with Fabien Basmaison and Jens Oliver Meiert)

    In this episode of Dead Code, Jared speaks with Jens Oliver Meiert and Fabien Basmaison, co-maintainers of CSS Naked Day, a long-standing web tradition that invites developers to strip CSS from their websites for one day to emphasize semantic HTML, accessibility, and the separation of concerns in front-end development. Originally launched in 2006, the event encourages developers to reflect on the underlying structure of their sites and how well they function without styling. Meiert and Basmaison discuss how modern tools like Tailwind, CSS-in-JS, and component-based design both challenge and occasionally align with the event’s philosophy, and they explore reasons for the decline in participation, from increased reliance on frameworks to the rise of AI-assisted development. Looking ahead to the 20th anniversary in 2026, they hope to inspire more developers to join in, even in small ways, as a reminder of the enduring value of accessible, maintainable, and standards-based web design. Links: Jens' Blog CSS Naked Day CSS Zen Garden Frontend Dogma PandaDoc Dead Code Podcast Links: Mastodon X Jared’s Links: Mastodon X twitch.tv/jardonamron Jared’s Newsletter & Website Episode Transcript Hosted on Acast. See acast.com/privacy for more information.

    42 min

  8. 1 JUL

    Eat Your Greens (with Ivo Anjo)

    In this episode of Dead Code, Jared interviews Ivo Anjo, a Ruby performance expert at Datadog, about Ruby’s concurrency model and his work improving visibility into it. They discuss the Global VM Lock (GVL), which simplifies Ruby’s internals but hinders multithreading, and explore the promise and current limitations of M:N scheduling, now partially implemented via Ractors in Ruby 3.4. Ivo created the gvl-tracing gem to visualize thread behavior and uncover subtle bugs, advocating for a more intelligent, OS-like scheduler to improve performance fairness. He also shares insights from building Datadog’s always-on production profiler and his direct-bind gem, which allows low-level access to Ruby internals when official APIs fall short. Overall, the episode highlights a growing movement of developers modernizing Ruby’s internals and pushing past its reputation for being slow. Links: gvl-tracing direct-bind StackProf rbspy Ractors YJIT RubyConf RubyKaigi EuRuKo 2025 Dead Code Podcast Links: Mastodon X Jared’s Links: Mastodon X twitch.tv/jardonamron Jared’s Newsletter & Website Episode Transcript Hosted on Acast. See acast.com/privacy for more information.

    50 min
Ver todo (55)

Tráiler

Acerca de

The software industry has a short memory. It warps good ideas, quickly obfuscating their context and intent. Dead Code seeks to extract the good ideas from the chaos of modern software development. Hosted on Acast. See acast.com/privacy for more information.

Información

  • Creador
    Jared Norman
  • Años de actividad
    2024 - 2025
  • Episodios
    55
  • Clasificación
    Apto
  • Copyright
    © Jared Norman
  • Mostrar sitio web
    Dead Code

También te podría interesar