Category: 3-SometimeTechTalk

Robert Brennan grew up in Boston and loved it so much that he ended up calling it home again. He spent time in New York between his bookend times, but he enjoys the chill pace and great music of Boston over the fast pace of the big apple. Outside of technology, he likes to read nonfiction and fiction, specifically science fiction. He loves music, and. Has been playing guitar for 25 years now. He frequents the live music scene around Boston, and even lives near a jazz club.

Robert observed the release of the first version of Devin a few years ago, which was very exciting to see agent driven development. But he and his co-founders were concerned with who was going to govern how this software was going to get written - and they hypothesized that it should be open source and community driven.

This is the creation story of OpenHands.

Sponsors

• Unblocked
• TECH Domains
• Mezmo
• Braingrid.ai

Links

• http://openhands.dev/
• https://www.linkedin.com/in/robert-a-brennan

Ryan hosts SmartBear’s VP of AI and Architecture Fitz Nowlan to explore how we’re moving away from old assumptions about software development, the challenges of testing MCP servers as LLM-driven agents introduce non-determinism that breaks tradition, and how data locality and data construction are becoming more valuable when source code is so easy to generate.

Episode notes: 

SmartBear gives devs tools for application performance monitoring, software development, software testing, and API management—all at AI speed and scale.

Connect with Fitz on LinkedIn and email him at FitzNowlan@SmartBear.com 

Congrats to Great Answer winner Alexander for winning the badge for their answer to Is there a way to make Runnable's run() throw an exception?.

TRANSCRIPT

See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

• Lock the Ghost
• Fence for Sandboxing
• MALUS: Liberate Open Source
• Harden your GitHub Actions Workflows with zizmor, dependency pinning, and dependency cooldowns
• Extras
• Joke

About the show

Sponsored by us! Support our work through:

• Our courses at Talk Python Training
• The Complete pytest Course
• **Patreon SupportersConnect with the hosts**
• Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)
• Brian: @brianokken@fosstodon.org / @brianokken.bsky.social
• Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky)

Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too.

Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it.

Michael #1: Lock the Ghost

• The five core takeaways:
  1. PyPI "removal" doesn't delete distribution files. When a package is removed from PyPI, it disappears from the index and project page, but the actual distribution files remain accessible if you have a direct URL to them.
  2. uv.lock uniquely preserves access to ghost packages. Because uv.lock stores direct URLs to distribution files rather than relying on the index API at install time, uv sync can successfully install packages that have already been removed, even with cache disabled. No other Python lock file implementation tested behaved this way.
  3. This creates a supply chain attack vector. An attacker could upload a malicious package, immediately remove it to dodge automated security scanning, and still have it installable via a uv.lock file, or combine this with the xz-style strategy of hiding malicious additions in large, auto-generated lock files that nobody reviews.
  4. Removed package names can be hijacked with version collisions. When an owner removes a package, the name can be reclaimed by someone else who can upload different distribution types under the same version number, as happened with "umap." Lock files help until you regenerate them, then you're exposed.
  5. Your dependency scanning needs to cover lock files, not just manifest files. Scanning only pyproject.toml or requirements.txt misses threats embedded in lock files, which is where the actual resolved URLs and hashes live.

Brian #2: Fence for Sandboxing

• Suggested by Martin Häcker
• “Some coding platforms have since integrated built-in sandboxing (e.g., Claude Code) to restrict write access to directories and/or network connectivity. However, these safeguards are typically optional and not enabled by default.”
• “JY Tan (on cc) has extracted the sandboxing logic from Claude Code and repackaged it into a standalone Go binary.”
• Source code on GitHub: https://github.com/Use-Tusk/fence
• Related:
  • Simon Willison lethal trifecta for AI agents article from June 2025
  • Claude Code Sandboxing

Michael #3: MALUS: Liberate Open Source

• via Paul Bauer
• The service will generate the specs of a library with one AI and build the newly licensed library using the specs with another AI circumventing the licensing and copyright rules.
• AI that has not been trained on open source reads the docs and API signature, creates a spec. Another AI processes that spec into working software.
• Is it a real site? Are they accepting real money, or are they just trying to cause a stir around copyright?

Brian #4: Harden your GitHub Actions Workflows with zizmor, dependency pinning, and dependency cooldowns

• Matthias Schoettle
• Avoid things like this: hackerbot-claw: An AI-Powered Bot Actively Exploiting GitHub Actions - Microsoft, DataDog, and CNCF Projects Hit So Far

Extras

Brian:

• GitHub is asking to spy on us, that’s nice

Michael:

• Michael’s new SaaS for podcasters: InterviewCue
• DigitalOcean’s Spaces cold storage for infrequently accessed data
• Minor issue about my fire and forget post, was a latent bug?
• Fire and Forget at Textual follow up article

Joke: Can you?

Ranjan Roy from Margins is back for our weekly discussion of the latest tech news. We cover: 1) Why AI-video didn't take off 2) Who wins now that OpenAI is shutting down Sora 3) The real reason OpenAI shut down Sora 4) What happens now that OpenAI and Anthropic are competing for similar AI assistant customers 5) Anthropic's new 'Capybara' model class is coming 6) OpenAI has a big new model called Spud in the works 7) Apple's Siri fix isn't much of a fix at all 8) Meta and Youtube lose a precedent-setting court case 9) Should Big Tech be liable for teen mental health? 10) Tech stocks tank 11) OpenAI shelves ChatGPT adult mode, probably forever

---

Enjoying Big Technology Podcast? Please rate us five stars ⭐⭐⭐⭐⭐ in your podcast app of choice.

Want a discount for Big Technology on Substack + Discord? Here’s 25% off for the first year: https://www.bigtechnology.com/subscribe?coupon=0843016b

Learn more about your ad choices. Visit megaphone.fm/adchoices

Ryan is joined by Nancy Wang, CTO of 1Password, to discuss the security challenges local agents present, how enterprises can create robust governance of credentials through zero-knowledge architecture, and the implications of agent intent and misuse in a world where AI agents are becoming more and more integrated into everyday applications.

Episode notes: 

1Password keeps your credentials secure through end-to-end encryption, zero-knowledge architecture, and more. Read their latest white paper on security design. 

Connect with Nancy on LinkedIn or email her at nancy.wang@1password.com. 

Congratulations to user Binita Bharati for winning a Populist badge for their answer to How to know the version of currently installed package from yarn.lock.

TRANSCRIPT

See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Tobi Konitzer was born in Germany, and studied cultural studies as an undergraduate student. Eventually, he went to Duke to get a PhD in political science. And that eventually changed to be a PhD in computational social science at Stanford - which is basically writing code to answer social science questions. After graduating in 2017, he joined Facebook Research for a year, then founded two AI startups. Outside of tech, he has 2 young daughters, who he likes to spend time with and take to the park. He used to be an avid trail runner, but his favorite to do is think... and to do so as often as possible.

For the last 10 years of his career, Tobi has been chasing optimized decisioning and outcomes using AI. Five months ago, he decided to join his current venture, and use AI to shift the conversation from "tooling for marketers" to using AI to build an autonomous decisioning system, that learns and improves over time.

This is Tobi's creation story at Growthloop.

Sponsors

• Unblocked
• TECH Domains
• Mezmo
• Braingrid.ai

Links

• https://www.growthloop.com/
• https://www.linkedin.com/in/tobias-konitzer-phd-65984454/

U.S. Senator Mark Warner is a three-term Virginia senator and vice chair of the Senate Intelligence Committee. Senator Warner joins Big Technology to discuss whether Washington is prepared for the economic and societal disruptions of rapidly advancing AI. Tune in to hear why Warner believes recent college graduate unemployment could surge from 9% to 30% and why he's more frightened than reassured about Congress's ability to respond at speed. We also cover the Anthropic-Pentagon relationship, AI romantic relationships, data center opposition polling, and the ongoing battle over congressional stock trading. Hit play for a rare conversation with one of the few senators who actually understands what's at stake.

---

Enjoying Big Technology Podcast? Please rate us five stars ⭐⭐⭐⭐⭐ in your podcast app of choice.

Want a discount for Big Technology on Substack + Discord? Here’s 25% off for the first year: https://www.bigtechnology.com/subscribe?coupon=0843016b

Learn more about your ad choices. Visit megaphone.fm/adchoices

Brian Carbaugh has a non-standard path to being a CEO in the startup world. He was in the marine core for 5-6 years in active duty, before attending Georgetown for school. Eventually, he joined the CIA and spent 23 years, serving the country in multiple different roles and facets, primarily in para military and covert operations. While he was there, he also started to see areas where the agency could innovate, and got curious about how they could partner with private companies. Outside of tech, he is a father of 3 girls and a boy. He enjoys working out, skiing and riding on road bikes. He used to do triathlons in the past, but startup life has taken up any time he could dedicate to that.

Shortly after he retired from the CIA, Brian got a call from some prior folks he knew still in the industry. He started digging into the cybersecurity world, specifically into why there was so much attrition amongst the employees themselves. He was asked the question about how he could 10x this workers, and optimize these individuals using the latest tech?

This is the creation story of Andesite.

Sponsors

• Unblocked
• TECH Domains
• Mezmo
• Braingrid.ai

Links

• https://andesite.ai/
• https://www.linkedin.com/in/brian-carbaugh-38b339243/

Ryan welcomes Gee Rittenhouse, VP of Security at AWS, to the show to discuss the complexities of multi-stage attacks in cybersecurity and how these attacks unfold, the challenges in detecting them, and the evolving role of AI in both enhancing security and creating new vulnerabilities. 

Episode notes: 

AWS Security Hub is expanding to unify your cloud security options. Learn more about how AWS is keeping your cloud safe on their website. 

Connect with Gee on LinkedIn. 

Shoutout to user James Kanze for winning a Populist badge for their answer to The spiral rule about declarations — when is it in error?.

TRANSCRIPT

See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.