Joshua Drake
Partner, Father, Founder, Explorer, Entrepreneur. Open Source and Postgres Expert. An off-grid aficionado who spends his time on projects, leadership and podcasting.
Missoula, Montana, United States
Actions
Joshua (JD) is a long time Open Source advocate and entrepreneur dating back to the early days of Professional Open Source. From the valleys of Usenet he sold custom Linux servers with a whopping 16 MB of ram and 1GB SCSI drives. These were the days of SLS and many, many floppy disks. Through the years he has help found multiple Internet Service Providers as well as eventually launching his own firm, Command Prompt, Inc.. Command Prompt has over the years become one of the predominant privately owned PostgreSQL support and Consulting firms.
An avid public speaker and writer, he is also the founder of United States PostgreSQL, PgConf (PostgresConf) and More than a Refresh: A podcast about the most interesting people you haven't met. He currently resides off-grid in Montana.
He divides his time between Command Prompt, off-grid projects, mentoring/leadership roles and helping those who wish to become successful, define what that means for them.
Area of Expertise
Topics
Open Source Survival in the Age of AI
Open Source software has thrived on a simple, revolutionary premise: code is a valuable, scarce resource that is best built, maintained, and shared collaboratively. However, the rise of AI is challenging this foundation. When AI can clone, rewrite, or reverse-engineer complex codebases in a matter of days—often bypassing traditional licensing and attribution—the rules of open source are being rewritten.
This presentation explores the crisis facing open source communities and maintainers in the AI era. As AI agents increasingly consume OSS to train models and generate code, the traditional incentives for open source contribution are shifting. We will examine the core threats to the ecosystem—ranging from "shadow AI" to the erosion of traditional software licenses—while offering a pragmatic blueprint for how open source can adapt and survive.
# Key themes to be covered include:
* The Death of Traditional Licensing?
* The Contribution Crisis: Managing the influx of AI-generated pull requests and low-quality code "slop" without burning out human maintainers.
* Redefining Value: Shifting the focus of open source from the raw code itself to the unique value of human-curated communities, domain expertise, and rigorous security validation.
* The Rise of Open Source AI: How open models and tools are counterbalancing proprietary AI monopolies, and how developers can leverage them strategically.
Attendees will leave this session with a clear understanding of the evolving legal, ethical, and technical landscape of open source. By adopting new strategies for governance, community building, and licensing, open source can ensure that the movement remains the bedrock of software innovation in an AI-dominated world.
On Whose Authority? Durable Logging and Notary Action for AI Agents
We are handing authority to systems that act faster than we can watch, on credentials we hand them, and that forget their own reasoning the moment a task ends. When an agent does something that matters, moves money, changes a record, acts on behalf of an agent acting on behalf of a person, the questions show up after the fact: what happened, who is accountable, and on whose authority. Most agent stacks answer with application logs. Those logs are mutable, reconstructed later, and only as trustworthy as whoever owns the server. That is not good enough.
This talk argues that durable, tamper-evident logging is not a governance checkbox you bolt on at the end. It is a precondition for shipping agents you can stand behind. I separate logging from notary action: sign and hash-chain every consequential step the instant it happens, bind it to the responsible agent or person, and chain delegated authority all the way up so every entry resolves to its origin. A record built this way verifies offline for anyone holding the public keys. You do not have to trust the operator, the vendor, or the model provider.
I walk through the moving parts in plain terms: append-only chains, signing keys, and the choice to gate high-consequence actions while simply recording the routine ones. Then the part people miss. When the controlled path takes away the agent's guesswork about what each step requires, safety and governance stop fighting capability and become the fast path. Regulatory expectations like the EU AI Act's logging requirements fall out as a byproduct of building it right, not as a separate compliance project.
You will leave with a framework for deciding what to record, what to gate, and how to produce an account of agent behavior that holds up when someone finally asks what happened.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top