Jared talks with Adam Tornhill, founder of CodeScene, about the psychology of programming and how understanding human cognitive limits leads to better software. Adam explains that since working memory can only juggle a few items at once, developers must rely on chunking and good abstractions to manage complexity. His Code Health metric, based on detecting āuglinessā like long functions and low cohesion, shows that healthy code enables teams to deliver features up to ten times faster with far fewer defects. They discuss how God classes become coordination bottlenecks, how behavioral code analysis reveals hotspots where improvement matters most, and why learning different programming paradigms sharpens thinking. Adam emphasizes that writing readable, well-named, modular code benefits both humans and AI toolsābecause clarity, consistency, and thoughtful naming make code easier to understand, maintain, and extend.Links:CodeSceneYour Code as a Crime SceneWorking MemoryGod Class / God ObjectDomain-Specific Languages (DSLs)Dead Code Podcast Links:MastodonXJaredās Links:MastodonXtwitch.tv/jardonamronJaredās Newsletter & WebsiteEpisode Transcript Hosted on Acast. See acast.com/privacy for more information.
-------- Ā
35:01
--------
35:01
Deserial Killer (with Matt Schwager)
Jared sits down with Trail of Bits security engineer Matt Schwager to discuss the persistent security risks of Rubyās Marshal library. Matt explains that while Marshal (and Pythonās Pickle) makes serialization simple and fast for tasks like caching, its āserialize anythingā design has led to over a decade of recurring vulnerabilities. Despite repeated patches, new bugs and exploitation gadgets keep surfacing, often hidden in defaults or legacy code, as seen in Rails caching and RubyGems.org. Matt argues that this reflects a fundamental trade-off between ergonomics and security, suggesting alternatives like JSON are safer, though less convenient. He highlights mitigation strategies such as documentation, static analysis, and fuzzing with his tool Ruzzy, while also pointing to broader Ruby risks like eval misuse, SSRF, and supply chain issues. Jared reflects on the cultural tension in Ruby between ease of use and security, wondering if safer defaults could help developers avoid these common pitfalls.Links:Trail of Bits BlogRuby Marshal documentationPython Pickle documentationJSONYAMLTOMLMessagePackRails Caching GuideRubyGems.orgRubyGems source on GitHubRuzzy on GitHubAFL on GitHubSemgrep RegistryBlack Hat USA 2017 TalkDead Code Podcast Links:MastodonXJaredās Links:MastodonXtwitch.tv/jardonamronJaredās Newsletter & WebsiteEpisode Transcript Hosted on Acast. See acast.com/privacy for more information.
-------- Ā
31:58
--------
31:58
Crushing Riffs (with Kasper Timm Hansen)
In this Dead Code episode, Jared talks with longtime Rubyist and former Rails Core member Kasper Timm Hansen about āriffing,ā a sketch-first approach to software design. Instead of jumping straight into migrations and production code, Kasper opens a scratch Ruby fileāmixing real and pseudo-code with short promptsāto explore names, relationships, and system flow without worrying about correctness. The practice surfaces unknowns early, conserves mental stamina, and produces lightweight artifacts that can guide teams or even become executable prototypes. Kasper shares stories from client work, a RailsConf demo, and workshops showing how riffing helps uncover design flaws, generate stronger options, and make domain modeling more collaborative. He encourages developers to treat code like sketches, be less precious about early ideas, and embrace riffing as a fun, low-cost way to boost creativity and resilience in software design.Links:Spinel CoopRailsConf 2024 Talk (YouTube)RailsConf 2024 Slides (Speaker Deck)Kasperās websiteKasperās GitHubDead Code Podcast Links:MastodonXJaredās Links:MastodonXtwitch.tv/jardonamronJaredās Newsletter & WebsiteEpisode Transcript Hosted on Acast. See acast.com/privacy for more information.
-------- Ā
41:27
--------
41:27
Fear-Driven Everything (with Justin Searls)
On this episode of Dead Code, Jared talks with Justin Searls, co-founder of Test Double, about programming workflows, decision-making, and the evolving role of developers. They explore how the order and tempo of thought matter more than static code, why tackling the riskiest problems first can shape better outcomes, and how Justinās idea of the āfull-breadth developerā expands a programmerās role to include product vision and context. The conversation touches on Agile and XP roots, consulting realities, and how AI coding agents can both accelerate and complicate work. The episode wraps with Justin encouraging blogging and direct connection, while Jared reflects on building a āgrand unified theoryā of how programmers decide their next step.Links:Sign up at jardo.dev/anarchyagile to enter the 50th episode giveaway!Test DoubleJustin Searls: Find his writing, projects, and podcast Breaking Change at justin.searls.coGrowing Object-Oriented Software, Guided by Tests by Steve Freeman & Nat PryceExtreme Programming Explained by Kent BeckThe Secrets of Consulting by Jerry WeinbergClojure REPLSolidusSwiftDataCloudKitCursorClaude CodeDead Code Podcast Links:MastodonXJaredās Links:MastodonXtwitch.tv/jardonamronJaredās Newsletter & WebsiteEpisode Transcript Hosted on Acast. See acast.com/privacy for more information.
-------- Ā
1:00:49
--------
1:00:49
Rage Quit Stamina Theory
The 50th episode of the Dead Code Podcast brought Karl Weber, Jared Norman, Benjamin Wil, Sofia Besenski, and Noah Silveira together to mark the milestone with sharp, funny, and critical takes on the state of tech. They skewered CEOs bragging about AI-driven layoffs as short-sighted profiteering, questioned the hype fueling the AI bubble, and praised Ruby and Rails for extending developersā ārage quit staminaā despite flaws in error reporting and dependency management. The group emphasized the importance of empathetic, fast code reviews and smaller PRs, arguing that culture and collaboration matter more than mythical ā10x developers.ā They also critiqued DHHās claim that executives should be the least busy, framing it as privilege disguised as wisdom, while pointing out that rest and balance benefit everyone. The episode captured their signature mix of humor, industry critique, and camaraderie, closing with gratitude for 50 episodes and excitement for whatās next.Links:Giveaway: Anarchy Agile hats ā enter at jardo.dev/anarchyagileāCEOs Are Publicly Boasting About Reducing Their Workforces With AIā ā FuturismThe Pragmatic Engineer 2025 Survey: Whatās in your tech stack? Part 1āTwo Simple Rules to Fix Code Reviewsā ā The Pragmatic EngineerāIn Praise of Normal Engineersā ā Charity Majors, HoneycombāExecutives Should Be the Least Busy Peopleā ā David Heinemeier HanssonDead Code Podcast Links:MastodonXJaredās Links:MastodonXtwitch.tv/jardonamronJaredās Newsletter & WebsiteEpisode Transcript Hosted on Acast. See acast.com/privacy for more information.
The software industry has a short memory. It warps good ideas, quickly obfuscating their context and intent. Dead Code seeks to extract the good ideas from the chaos of modern software development. Hosted on Acast. See acast.com/privacy for more information.
Ireland