Ben & Ryan Show Episode 18

In this episode, your hosts, Ben Nadel and Ryan Brown, are joined by longtime ColdFusion developer James Moberg, CTO of Sunstar Media, for a deep-dive into the wild world of user-defined functions (UDFs) and decades of real-world development hacks. From building custom tools that bridge gaps in ColdFusion and Lucee, to mastering performance and security through clever abstraction, the crew shares a treasure trove of lessons learned from the trenches.

Key Points

• James shares his approach to building reusable ColdFusion UDFs that work across Adobe CF and Lucee.

• The crew explores performance wins using command-line tools versus built-in CF tags like CFZip and CFImage.

• Strategies are shared for data sanitization, accessibility, and obfuscation using tools like Jsoup and hashing functions.

• They discuss how caching, output buffering, and shadow DOM techniques can power dynamic web experiences and secure flows.

• Real talk on AI’s limits when it comes to ColdFusion code generation—and why real-world testing still matters.

Different kinds of UDFs and how naming collisions and platform differences have influenced his work.

• Three main categories of UDFs: logic abstraction, proxying functionality, and UI simplification.

• Discusses how CF versions and Lucee differ in function availability and behavior.

• Talks about CF Backport as a strategy for extending older ColdFusion versions.

A spirited discussion on real-world cross-platform quirks, unscoped variables, and strategies for HTML standardization.

• Importance of using scoped variables to prevent unexpected collisions in code.

• How ColdFusion's HTML output can be sanitized using Jsoup and AI-assisted validation.

• Real-world examples of legacy platform quirks that led to better testing and abstraction strategies.

They unpack the use of executables and CFExecute for performance-heavy tasks like PDF generation, image processing, and zipping files.

• CFZip and CFImage are shown to be slower than OS-level executables like 7-Zip or GhostScript.

• Explains how using external tools avoids Java heap memory issues.

• Highlights the benefits of file-based tools for consistency and speed across deployments.

James walks through some of his favorite UDFs

• hashID: CFML user-defined functions (UDFs) provide a simple mechanism for generating and validating hash-based identifiers.

• createShadowHtml: CFML user-defined function (UDF) generates HTML and inline JavaScript to create a dynamic, client-side preview of a given HTML document within a shadow DOM

• streamFindNoCase: user-defined function (UDF) searches the currently accumulated output buffer for the presence of a given string, performing a case-insensitive comparison.

• generateEmailHashCode: user-defined function (UDF) processes an email address by extracting the domain, sanitizing the username by removing periods (dots) and any part after the first "+", converting both parts to lowercase, and then returning a Java-generated integer hash code of the resulting string.

• enableWKHTMLTOPDFForms: user-defined function (UDF) modifies the binary of a non-Adobe-generated PDF file to enable the editing of form fields in Adobe Acrobat.

• tempCache: user-defined function (UDF) allows you to temporarily store data in the ColdFusion cache and retrieve it using a generated UUID.

• jreEscape: user-defined function (UDF) ensures strings can be safely used in regex patterns by preventing special characters from being interpreted as regex metacharacters.

• maskCC: user-defined function (UDF) takes a text string as input, searches for patterns that resemble credit card numbers, attempts to validate these potential numbers using ColdFusion's built-in credit card validation, and then masks the validated numbers by replacing all but the last four digits with asterisks.

Helpful Links

http://www.mycfml.com/ - James's website showing these functions and more.

Ben and Ryan Show Episode 17

In this episode, your hosts Ben Nadel and Ryan Brown are joined by Peter Amiri to share the gripping, real-world story of what it's like to experience—and recover from—a devastating ransomware attack. They dive deep into the technical and emotional toll of cyber extortion, walking through how it happened, what went wrong, and the long road to restoring operations while learning critical lessons along the way.

Key Points

• Peter recounts a ransomware attack that began with a zero-day exploit in their firewall and resulted in full encryption of their Windows-based infrastructure.

• Despite following industry best practices like 3-2-1 backups, cyber insurance, and EDR tools, the breach occurred due to overlooked alerts and underestimated risks.

• The team responded by cutting internet access, engaging incident response vendors, and rebuilding their environment from scratch in parallel with negotiating a ransom.

• Lessons include the critical need for MDR services, verified air-gapped backups, centralized SSO/MFA security, and proactive disaster recovery planning.

• Ultimately, the company recovered within 8 days, avoiding catastrophic data loss by leveraging unencrypted legacy copies and strategic capacity planning.

Peter discusses the company's security posture before the attack

• Cyber insurance renewals demanded increased security: MFA, then EDR, leading to major financial investment.

• EDR picked up early malicious activity, but alerts were missed due to noise and lack of security specialization.

• Overconfidence in lesser-used virtualization tools contributed to a false sense of security.

• Alarm fatigue contributed to overlooking early breach signals.

The breach was triggered by a zero-day exploit in their firewall

• The attackers deleted VM snapshots rapidly, prompting the team to disconnect internet access immediately.

• Analysis revealed the attackers were inside for 3-4 months.

• Compromised admin accounts were used to delete offsite backups.

• A seven-day-old backup and a three-month-old ERP copy survived due to architectural luck.

Peter explains how they recovered

• A three-tier recovery strategy began: rebuilding from scratch, retaining encrypted originals, and decrypting clone copies.

• FBI approval was needed for ransom payment, which was surprisingly low and flagged as a possible re-engagement tactic.

• A decryption test with non-critical files validated the attackers had access.

• The decryption key ultimately worked, restoring full operations just before their parallel recovery would have been completed.

Post-breach, Peter outlines the enhancements made to secure their environment and improve detection and response.

• A secondary DR site was implemented with air-gapped nightly snapshots.

• All systems moved to enterprise SSO with MFA and session timeouts.

• A managed MDR provider was retained to monitor and escalate potential threats in real time.

• Simulation phishing campaigns and employee security training were introduced to combat social engineering.

The conversation shifts to the importance of recovery readiness over prevention

• Emphasis is placed on headroom in infrastructure for recovery, especially in on-prem environments.

• Decision-making between "verify first" vs. "block first" policies is discussed based on system criticality and false positive rates.

• Real examples of phishing, supplier impersonation, and invoice fraud highlight human vulnerabilities in security.

Helpful Links

Arete (company that helped Peter and provides Managed Detection and Response services)

https://areteir.com/

SentinelOne (Incident Response Platform)

https://www.sentinelone.com/

Ben and Ryan Show Episode 16

In this episode of the Ben and Ryan Show, hosts Ben Nadel and Ryan Brown are joined by guest John Nessim to explore the evolving world of content management systems (CMS). With his deep development background and years of practical experience, John dives into everything from traditional platforms like WordPress to advanced headless CMS solutions, offering valuable insights into when and why to choose different tools for your website.

Key Points:

• CMS platforms have evolved to balance user-friendliness with developer control, from WYSIWYG editors to headless solutions.

• WordPress dominates the market but can be bloated and vulnerable if not managed properly.

• Headless CMS options like Strapi and Sanity allow for greater flexibility, scalability, and multi-platform content distribution.

• Accessibility enhancements not only improve user experience but also deliver measurable SEO benefits.

• Choosing the right CMS depends on business maturity, scalability needs, and how content is consumed and maintained.

Definition and purpose of a CMS

• The key function of CMS is to give control over content to non-developers.

• Static site generators may not qualify as CMS unless they include content creation tools.

• CMS evolved from managing unstructured text to structuring rich data like events and services.

• Headless CMS is described as content blocks managed separately from the front-end template.

Headless CMS

• Headless CMS organizes content in blocks delivered via APIs (usually JSON/XML).

• WordPress now supports headless modes using technologies like React or Next.js.

• Hosting implications include managing the CMS separately from front-end deployment.

• Businesses are leaning toward this model to support multiple front-ends like web, mobile, and embedded apps.

Traditional CMSs

• Website builders are constrained but easy-to-use tools for non-technical users.

• WordPress is a middle ground—flexible, extensible, but prone to bloat and plugin issues.

• Mura and its fork MASA are powerful ColdFusion-based CMSs used for multi-language and multi-site setups.

• Custom or niche CMSs still hold value in developer-friendly ecosystems.

Accessibility

• Structured content (headings, alt tags) improves screen reader compatibility and SEO.

• Color contrast and readability considerations enhance inclusivity and usability.

• SEO and accessibility goals often align, especially with structured markup.

• Tools and plugins can measure and enforce accessibility standards effectively.

WordPress

• WordPress’s popularity makes it a target for bots and DDoS attacks.

• CMS platforms can become resource-intensive without proper caching and security measures.

• Best practices include Cloudflare protection, selective plugin usage, and admin page hardening.

• WordPress was never intended for large-scale, mission-critical systems.

Picking a CMS

• Simpler businesses should stick with GoDaddy or WordPress for cost-effectiveness.

• Growing companies may outgrow WordPress and require more robust headless CMSs.

• Business use cases should dictate the CMS—static presence, lead generation, e-commerce, etc.

• Costs, flexibility, and developer availability all factor into CMS choice.

Final Thoughts

• AI-driven tools like Wix’s website generator disappoint in quality without developer oversight.

• Advanced AI tools can accelerate site creation when paired with knowledgeable devs.

• CMSs need to consider future-proofing against evolving SEO rules and AI-driven content indexing.

• John offers real-world examples of using simple tools effectively based on client needs.

Useful Links

https://nessimworks.com/

https://strapi.io/

https://www.sanity.io/

https://www.masacms.com/

https://www.murasoftware.com/

In this episode, your hosts Ben Nadel and Ryan Brown take a break from their usual guest interviews to reflect on their personal and professional journeys in the first months of 2025. They discuss major career transitions, the challenges of job hunting in today's market, and the evolving landscape of software development, all while sharing personal stories and insights on adapting to change.

Key Points:

• Ben shares his transition from co-founding Envision to joining a new company in a completely different industry, facing a steep learning curve.

• Ryan talks about how networking and content creation play a key role in career opportunities, and why developers should build a public presence.

• They discuss the struggles of job searching, from dealing with stress and rejection to navigating a shifting industry.

• The importance of continuous learning, including Ben’s deep dive into CF Wheels and Ryan’s exploration of AI tools for productivity.

• A surprising story about purchasing fake AirPods from a major retailer and the unexpected resolution.

Ben reflects on his career shift after Envision’s closure, now working with Peter Amiri in a company focused on truck parts manufacturing.

• He describes the shift from self-directed work to structured teamwork and ticket-based workflows.

• Adjusting to new processes, communication methods, and working with a small but growing development team.

• Learning CF Wheels as part of the new job and the challenges of adapting to a new framework.

• The difficulty of balancing personal projects with work and feeling mentally exhausted from constant adaptation.

Ryan discusses his experience with job hunting and how networking made all the difference.

• Instead of relying on traditional applications, he leveraged his contacts to land new opportunities.

• He highlights how producing content and engaging with the community helps people stay visible in their industry.

• They reflect on how technical interviews often fail to identify the best candidates.

• The importance of having a portfolio to showcase real-world skills rather than relying on resume claims.

The hosts talk about their growing podcast and their experiences connecting with industry leaders.

• The unexpected success of the show and the ease of booking high-profile guests.

• How structuring the podcast recording schedule helped them maintain consistency.

• The challenge of engaging with technical communities outside of developer circles, like sysadmins and DevOps professionals.

Ben shares his journey into learning CF Wheels and the challenges of adapting to a new development ecosystem.

• How CF Wheels compares to Ruby on Rails and its "convention over configuration" approach.

• The struggle of learning a new problem domain while adjusting to a new job environment.

• Dealing with imposter syndrome and the pressure to adapt quickly.

Ryan recounts his bizarre experience buying fake AirPods from Walmart.

• The troubleshooting process, multiple failed attempts to connect them, and Apple's confirmation that they were counterfeit.

• How Walmart ultimately resolved the issue after several attempts at customer service.

• A lesson in checking serial numbers when purchasing electronics from big retailers.

The hosts wrap up with a look ahead at upcoming episodes, including more Adobe-focused discussions and AI developments.

In this episode, your hosts, Ben Nadel and Ryan Brown, sit down with Steve Leve from ShareASale to dive into the challenges and lessons learned from navigating an acquisition, managing technical debt, and executing large-scale migrations. They explore the impact of legacy systems, the balance between maintaining old infrastructure and innovating new solutions, and the role of AI in modern software development.

Key Points:

• Steve shares his journey from a small-town coder to a principal architect at ShareASale.

• The team discusses the challenges of merging companies post-acquisition, including business model differences and technical debt.

• Lessons from large-scale infrastructure migrations, including moving from ColdFusion monoliths to modern architectures.

• The importance of balancing innovation with maintaining existing systems and the trade-offs of cloud computing.

• How AI is reshaping development practices, from documentation to automated testing.

Migrating an entire business platform brings its share of surprises and roadblocks.

• Steve shares his experience of being acquired by AWIN and the growing pains that followed.

• The team discusses the complexities of merging different operational and technological approaches.

• They reflect on the unexpected technical challenges, including a looming data center shutdown and hardcoded infrastructure dependencies.

• The importance of knowledge sharing within a team to prevent reliance on a single expert.

Navigating technical debt is all about prioritization and timing.

• The group explores the idea that not all technical debt needs to be fixed—only what blocks innovation or scaling.

• Steve emphasizes "tidy first" as an approach to incrementally improving code rather than massive rewrites.

• Real-world examples of how debt manifests in migrations and why some old code surprisingly holds up.

• The discussion touches on key strategies for managing technical debt within an evolving business landscape.

Migrating to AWS and cloud adoption brings new efficiencies but also new constraints.

• Steve and Ben share stories of migrating to AWS, the surprises along the way, and the need for expert help.

• Lessons on the hidden costs of cloud adoption and why simply lifting and shifting to the cloud isn't always the best strategy.

• The team debates the trade-offs between autoscaling, managed services, and maintaining on-premise solutions.

• Real-world examples of cost-efficient cloud migration strategies.

Strangler patterns, AI-driven documentation, and the future of software development.

• The team discusses the strangler pattern as a way to incrementally transition from legacy systems to modern platforms.

• Steve shares insights on how AI is being used for documentation, testing, and even code analysis.

• The group speculates on how AI-driven tools can improve developer efficiency and streamline migrations.

• They reflect on the importance of keeping up with evolving tech while maintaining a pragmatic approach to change.

This episode is packed with practical insights, real-world experiences, and candid discussions about the messy, challenging, and ultimately rewarding process of managing technical debt, cloud migration, and acquisitions. Whether you're a developer, architect, or IT leader, there's something valuable here for you!

In this episode, your hosts, Ben Nadel and Ryan Brown, sit down with Andrew Pendleton, Senior Director of Design Systems at Verizon, to discuss the role of design systems in driving consistency, accessibility, and innovation. They explore how Verizon’s approach to accessibility goes beyond compliance, how design systems empower both designers and engineers, and the challenges of maintaining a unified system in a vast enterprise.

Key Points:

• Verizon’s Design System centralizes design and engineering decisions to create scalable frameworks for digital experiences.

• Accessibility at Verizon is treated as a driver of innovation, not just compliance, influencing best practices and component design.

• The impact of constraints in design systems, allowing teams to move faster and focus on complex problems.

• The importance of cross-team communication and standardized language in improving adoption and efficiency.

• Strategies for starting a design system and integrating accessibility in an organization.

Andrew shares how his background in digital art, development, and management uniquely positioned him to lead Verizon’s Design System team.

• He discusses the importance of bridging the gap between designers, engineers, and product teams through shared terminology and best practices.

• The conversation covers how accessibility has led to innovations like responsive web design, captioning, and high-contrast modes.

• Verizon’s approach to user testing includes an accessibility lab where customers with disabilities provide direct feedback on digital and physical product experiences.

The team dives into how Verizon builds and maintains accessible components for its design system, including an advanced video player with baked-in accessibility features.

• Andrew explains how they studied platforms like YouTube, Adobe, and native HTML elements to build an optimized solution.

• The importance of leveraging the platform but extending it where necessary to maintain accessibility.

• The balance between stability and flexibility in design systems to allow innovation while maintaining consistency.

The discussion shifts to the challenges of adoption within a large enterprise and strategies to encourage engineers and designers to embrace the design system.

• Architectural misalignment and legacy technologies present obstacles to adoption, requiring phased transitions.

• Design tokens help standardize visual elements even in non-React environments.

• The role of accountability in ensuring accessibility and quality standards are maintained, even when teams customize components.

Andrew and the hosts close the episode by discussing how individuals and organizations can begin implementing accessibility in their work.

• Recommended resources for learning about accessibility, including books and online tools.

• The importance of having an accessibility champion within a company to drive awareness and adoption.

• Practical steps developers and designers can take to improve their accessibility practices, even in organizations without formal accessibility initiatives.

This episode is packed with insights on design systems, accessibility, and the intersection of technology and user experience. Whether you’re a developer, designer, or product leader, there’s something here for you!

Ben and Ryan Show Episode 12

In this episode, your hosts Ben Nadel and Ryan Brown sit down with security expert Brian Riley, author of the HoyaHaxa blog, to discuss ColdFusion security vulnerabilities and best practices for mitigating risks. The conversation dives into recent ColdFusion exploits, how security patches impact developers, and the broader implications of securing applications beyond just ColdFusion itself.

Key Points:

• ColdFusion has been targeted by multiple 0-day vulnerabilities, highlighting its continued presence in critical systems.

• Adobe's recent security updates introduce breaking changes, forcing developers to make necessary adjustments.

• Security is a multi-layered approach—application security is just one part of a larger ecosystem that includes OS, networking, and cloud infrastructure.

• The trade-off between convenience and security often leads to vulnerabilities, especially with features like remote CFC access.

• Managed hosting providers and security tools like HackMyCF can help developers stay ahead of emerging threats.

Discussion Highlights:

ColdFusion Security Landscape

• ColdFusion is still actively targeted by attackers, despite debates over its relevance.

• Government and financial institutions heavily rely on ColdFusion, making it a high-value target.

Adobe's Recent Security Updates

• Adobe is pushing security patches that enforce stricter security measures, sometimes breaking legacy applications.

• The variable scoping issue is a major focus—forcing developers to fix long-standing bad practices.

• Deprecated encryption methods are being phased out for stronger security.

Common Security Best Practices

• Regularly update ColdFusion and all associated components like Java and Tomcat.

• Restrict access to CFIDE and ColdFusion Administrator to prevent common exploits.

• Use a multi-layered defense strategy, including web application firewalls (WAFs), OS-level security, and network protections.

Challenges of Security in Hosting and DevOps

• Managed hosting providers must balance security with not breaking customer applications.

• Attackers often leverage vulnerabilities beyond just the ColdFusion layer, including database, OS, and network weaknesses.

• Cloudflare and similar services help block DDoS attacks but aren't always sufficient in real-time scenarios.

The Convenience vs. Security Tradeoff

• Many vulnerabilities exist because developers prioritize ease of use over security.

• Features like remote CFC access, while convenient, often introduce security risks.

• Security teams and developers must collaborate to strike the right balance between usability and protection.

Final Thoughts and Resources

• Brian Riley's blog HoyaHaxa provides deep dives into ColdFusion security issues.

• OWASP’s Top Ten is a great resource for understanding common security vulnerabilities.

• Developers should engage in proactive security practices rather than waiting for the next 0-day exploit.

Recent ColdFusion Related HoyaHaxa Blogs

• https://www.hoyahaxa.com/2024/12/an-initial-analysis-of-cve-2024-53961.html

• https://www.hoyahaxa.com/2024/08/bsideslv-2024-slides-modern-coldfusion.html

• https://www.hoyahaxa.com/2024/07/on-coldfusion-administrator-access.html

Ben and Ryan Show Episode 11

In this episode, hosts Ben Nadel and Ryan Brown interview Grant Powell, founder of Curios. Grant shares his journey in the Web3 and NFT space, detailing how Curios started as a licensable NFT platform and successfully pivoted after the NFT bubble burst. The discussion dives deep into digital ownership, blockchain challenges, and how Curios is revolutionizing digital content distribution for creators.

Key Points:

• Curios' Evolution – Originally an NFT licensing platform, Curios pivoted to focus on digital content ownership after the market downturn.

• Blockchain & ColdFusion – The role of ColdFusion in building Curios' rapid development and API-driven platform.

• NFTs Beyond Art – Real-world applications for NFTs in digital ownership, including music, books, and event ticketing.

• Decentralization – The benefits and challenges of decentralized platforms compared to centralized ones like Ticketmaster.

• AI in Collectibles – Grant’s work with collectibles.com and AI-driven identification and valuation of collectibles.

Episode Breakdown:

Curios' Origin and Pivot

• Curios started as a platform to help businesses create and manage NFTs.

• The NFT craze led to unrealistic expectations, and as the hype collapsed, Curios pivoted to a broader digital ownership platform.

• ColdFusion played a key role in the flexibility and speed of their platform’s development.

Real Use Cases for NFTs

• NFTs are more than just overpriced JPEGs—they serve as proof of ownership for digital content like eBooks, music, and videos.

• Grant highlights how digital ownership differs from physical ownership and why secondary markets for digital goods are still developing.

• Ticketing is a strong use case, especially for VIP passes and exclusive access to events.

Challenges of Web3 and Blockchain Scalability

• Many blockchains create “walled gardens” that limit interoperability.

• Curios was among the first platforms to support multiple blockchains.

• Scalability issues in blockchain transactions require additional abstraction layers to ensure speed and efficiency.

Digital Rights and Ownership Protection

• Blockchain technology ensures proof of ownership, but enforcement remains an issue.

• The right to access content is separate from hosting the content itself, allowing removal when necessary.

AI and the Future of Collectibles

• Grant discusses collectibles.com and how AI is transforming the world of collecting.

• AI can help identify, grade, and value physical collectibles like coins, comics, and trading cards.

• The future of AI-driven marketplaces and its impact on the secondary market for rare items.

The Balance Between Work, Entrepreneurship, and Life

• Grant and Ben share insights on time management and balancing multiple projects.

• The importance of structuring schedules to maintain productivity without burnout.

• Investors’ perspectives on serial entrepreneurship and the fine line between focus and diversification.

Ben and Ryan Show Episode 10

In this episode of the Ben and Ryan Show, hosts Ben Nadel and Ryan Brown are joined by Dan Short, the Director of Engineering at Virtuous Software, to explore the dynamics of career paths in software engineering, particularly the transition from individual contributor to management. The conversation dives deep into personal experiences, practical advice, and insightful reflections on leadership, motivation, and the evolving role of technology in the workplace.

Key Points:

• The transition from individual contributor to management and the challenges of developing management skills

• Understanding personal "why" and aligning career choices with motivation and joy.

• Can you do both - balancing technical expertise with managerial responsibilities (or not).

• Addressing the role of AI as a supportive tool rather than a replacement for engineering roles.

• Strategies for fostering team motivation and achieving organizational goals effectively.

Dan’s Introduction and Career Path

Dan shares his journey from the Army to becoming the Director of Engineering at Virtuous Software, highlighting his transition from administrative tasks to technical and managerial roles.

• Early career in automating processes using Microsoft tools.

• Progression from IT management to web development during the early 2000s.

• Moving into management out of necessity and adapting through trial and error.

• Building and leading teams at companies like CoStar and Virtuous Software.

The Reluctant Manager Transition

Dan discusses the challenges of moving from an individual contributor to management, focusing on the struggle to find new ways to measure success and the initial reluctance to take on leadership responsibilities.

• Discovering satisfaction in mentoring and enabling team success.

• Differences between technical wins and people-oriented victories.

• Importance of defining clear roles and responsibilities.

• Lessons learned from managing through uncertainty and resistance.

Navigating Career Path Options

The team debates whether to grow into management within an existing company or seek leadership roles elsewhere, emphasizing the importance of mentorship and personal alignment.

• Balancing technical and managerial responsibilities effectively.

• Challenges of transitioning into management in familiar versus new environments.

• The value of mentorship and support systems in career growth.

• Recognizing when management might not align with personal goals.

The Role of AI and Technology in Engineering

Exploring the evolving role of AI in software development, Dan highlights its potential as a tool for enhancing productivity rather than replacing engineers.

• Practical applications of AI, like automating repetitive tasks and generating ideas.

• Addressing concerns about AI replacing human creativity and problem-solving.

• The importance of maintaining a people-centric approach in technology roles.

• Using AI for brainstorming and augmenting decision-making processes.

Advice for Aspiring Managers

Dan offers advice for those curious about management, stressing the importance of aligning career choices with personal joy and motivations.

• Trying out mentorship and team lead roles before committing to management.

• Leveraging books, podcasts, and thought leaders for continuous learning.

• Staying curious and focusing on people-centric problem-solving.

• Cultivating a supportive workplace that values both management and IC career paths.

Ben and Ryan Show Episode 9

Key points:

• AI as a spectrum: Some embrace it as life-changing, while others fear its implications.

• Early AI exploration focused on ethics and societal impacts.

• Ethical frameworks often lag behind technological advancements.

AI's practical applications, such as automating tedious tasks, were highlighted, with Shawn discussing potential benefits for developers:

• Automating unit testing could save time and increase efficiency.

• AI's role as an assistant or "intern" to augment but not replace human expertise.

• Validation remains critical to ensure output reliability.

Shawn emphasized the importance of prompts and domain knowledge for effective AI use.

They explored organizational and individual growth, discussing how to create meaningful work environments:

• Helping others achieve goals can foster personal growth.

• Transparency in team dynamics, such as working agreements, improves collaboration.

• Intentionality in interactions, especially in remote or hybrid work setups, enhances effectiveness.

The ethics of AI, especially in decision-making, was examined:

• Past AI missteps, like biased hiring algorithms, underscore the need for accountability.

• Predictive policing and crime data illustrate potential for reinforcing systemic biases.

• Informing consent and transparency in algorithms are vital to building trust.

Shawn shared insights on soft skills and people management:

• People skills are a key differentiator for success in technology roles.

• The balance between technical expertise and empathy fosters better teams and outcomes.

• Team exercises, like identifying unnecessary tasks, can drive efficiency and morale.

The episode closes with reflections on creativity, evolving frameworks, and career motivations.

• Technology should alleviate mundane tasks, enabling more focus on innovation and enjoyment.

• Tools like AI can aid creativity but should complement, not replace, human ingenuity.

• Keeping foundational skills while adapting to tools like GPT ensures long-term success.