How do heavy metal songs teach us to be better programmers?

In most conferences, you see all the remarkable frameworks and the latest improvements that make your life easier. To be a better developer, you need more skills apart from pure technical ones.

This session challenges you to discover what else is needed from your side to become a better professional. It doesn't matter whether you work remotely, in an office, or part of a small startup or a huge company. Those skills are the same.

I am reviewing some heavy metal classics and sharing my view of what they can teach you.

Do you have an identity crisis at work? What does Arch Enemy have to say?
Do you need help with a problem? Pantera has the answer.
Do you want to go out of your comfort zone? Judas Priest has something to offer.
Do you need support with all the processes and automation? Black Sabbath to the rescue.

You will learn to be resilient, react to a change, fight for yourself, get back on your path when you lose it, and focus on things that make you happy at work!

We usually ignore the (soft) skills you need to help you work better with others. When you need them, it is too late. Come with me on the journey to listen to some heavy metal music, sing songs (if you feel like it), and be serious about your me(n)tal health.

Being an open source fan, I also have a section that focuses on the fact that sometimes contributing to a free (as in free beer) project helps you enrich your personality!

The talk contains a lot of heavy metal music, and it's interactive. You will learn a new skill that you could apply the next day. Being a heavy metal fan is not required!

The talk is based on my previous talk about Heavy Metal and Fun. https://vimeo.com/showcase/10782746

Build your brand using privacy-respecting services and approaches.

Working as a professional in the rapidly changing world means focusing on your day-to-day tasks **and** sharing your knowledge with others.

Most leaders I follow use services that do not respect customer privacy. The most AI prompts recommend the same services.

As a community, we are responsible for showing everyone the way and helping them build their online presence using tools and approaches that respect the values behind our movement.

I'll lead you through a journey of discovering tools, platforms, and ways of sharing your knowledge and content and positioning yourself as a leader in a way that focuses on privacy first.

Problems we currently face:
- Too much tracking: Our platforms serve cookies, embed trackers, and identify us with device fingerprints.
- They are all centralized - we depend on one authority.
- Shady algorithms - your content is used differently based on who reads it.
- Ads, ads, ads - your content is used to generate revenue for somebody else.

Is there a way to fix that? Yes, there is and I will show it to you!
Most leaders I follow use services that do not respect customer privacy. As a community, we are responsible for showing everyone the way and helping them build their online presence using tools and approaches that respect the values behind our movement.

I'll lead you through a journey of discovering tools, platforms, and ways of sharing your knowledge and content and positioning yourself as a leader in a way that focuses on privacy first.

Problems we currently face:
- Too much tracking: Our platforms serve cookies, embed trackers, and identify us with device fingerprints.
- They are all centralized - we depend on one authority.
- Shady algorithms - your content is used differently based on who reads it.
- Ads, ads, ads - your content is used to generate revenue for somebody else.

Is there a way to fix that? Yes, there is and I will show it to you!

Where did all the fun go and how to bring it back!

Elevator Pitch

After three days at a metal festival, I realized something sad. In the software world, we don’t have fun at work anymore. I am not talking about the HR-inspired fun; I am talking about the joy that comes from the inside. I want to change that and challenge you to bring back our fun.

(not so ) Abstract

My career in IT started as a servant to programmers: fixing a line or two in the code, and now I am a director in a vast international privacy company. If I look back, it was different. Oh gosh, we had so much fun in the past.

Do you remember the chair rowing? Do you remember how amazed we were to crash a keyboard or two on each other backs? Do you remember us singing songs about Java while writing fake protocols?

What happened to us?

I don't know when it happened, but it seems that at some point recently, most of the world decided that IT is an elite profession that needs to produce only value no matter what.

This is a great tragedy, and it must be rectified. Why do we have feelings, emotions, and personalities if we no longer have fun?

In this talk, I will take you on a retrospective journey through the years to what went wrong and how we fix it together. It's more like an art provocation than talk, so please keep your mind open to learn something new.

I will cover the epoch of the world before Agile to the era of the Artificial Immigrant (AI), who is here to take your jobs away.

Ideally, the talk comes with a lot of metal music, if the organizers are so good to allow that. I am not representing my current company but myself in this mission.

We are doing it wrong: Threat Modeling.

Threat modeling is one of the most critical activities if you release any software to the web. There are numerous tools, books (one of each is mine), and tutorials on making it suitable. My talk has a different intent - it walks you through bad practices. How the modeling is wrong, and how bad actors can exploit that.

Here is an example:
Only one person in the company does Threat modeling. On the surface, the "hero" approach might be a good use of someone's time, but in the end, the thread modeling attendees' diversity matters. I'll give you some statistics from an exercise where the group put their heads together to protect a beer tap and a dog.

I'll also focus on actual use cases like this:
We do it once a year as a "team building exercise."
We need to know a threat model before we use all the automated/helping tools.
We know everything, and our model is the best.

I've survived two breaches, and we could have prevented them using proper threat modeling.

The talk is interactive, full of fun stories and a bit of metal music. This talk aims to engage with anyone in the Secure Software development chain and encourage you to adapt your processes to secure your software by knowing and refusing those evil practices.