Skip to main content Search

Summer news roundup: AI bubbles, GitHub changes and saunas in Australia

In this summer catch-up episode of DevOps Sauna, Darren and Pinja dive into the biggest tech and culture stories of the past months. From OpenAI’s failed Windsurf deal and Google’s licensing swoops, to Sam Altman calling AI a bubble and GitHub’s leadership shake-up, they explore how AI, security, and open-source are reshaping the industry. They also unpack Nvidia’s $4 trillion milestone, US and EU AI regulation battles, and a surprising study on insecure code releases. And to close on a lighter note, they celebrate the global spread of Finnish sauna culture—now floating on rivers in Australia.

[Darren] (0:03 - 0:22)

The US decided to respond with “hold my beer” and they've just taken off all the brakes, plowing ahead as quickly as they can. 

 

Welcome to the DevOps Sauna, the podcast where we deep dive into the world of DevOps, platform engineering, security and more as we explore the future of development.

 

[Pinja] (0:22 - 0:32)

Join us as we dive into the heart of DevOps, one story at a time, whether you're a seasoned practitioner or only starting your DevOps journey, we're happy to welcome you into the DevOps Sauna.

 

[Darren] (0:38 - 0:43)

Welcome back to the DevOps Sauna. I'm here once again with Pinja. How are you doing, Pina?

 

[Pinja] (0:44 - 0:46)

I'm doing quite okay. How about you, Darren?

 

[Darren] (0:46 - 0:50)

I'm reasonably good. We haven't done this for a while because we've both been on vacation.

 

[Pinja] (0:51 - 0:51)

Correct.

 

[Darren] (0:51 - 0:52)

I just got back yesterday.

 

[Pinja] (0:52 - 1:17)

Yeah, it's been a while since we recorded and I think if we did our math correctly, we did not have a gap in our release schedule. So hopefully you did not miss any week without our lovely voices here. And we just had actually a conversation before we hit the record button with Darren, I guess.

 

Is this already autumn or are we still talking about summer? And it's debatable. But hey, we're back and a lot has happened during the summer months.

 

[Darren] (1:17 - 1:36)

Yeah, and this episode is actually mostly for me because during summer, I just disconnect from everything. So I have no idea what's happened over the last six weeks. So I'm eager to dive in and find out.

 

Last time I was paying attention, OpenAI was threatening to buy Windsurf. Let's look into what happened with that.

 

[Pinja] (1:36 - 1:47)

They were, but when I came back from vacation, I was starting to look into the news and I was like, hold on, wait, they didn't buy Windsurf after all? So the deal fell through? Didn't fall through?

 

[Darren] (1:47 - 1:55)

I believe the deal fell through, yes. And then Google came in not with a deal to buy the company, but to license its product.

 

[Pinja] (1:55 - 2:35)

Some of them, yeah. They made some really nice licensing deals. And I understood that they also swooped in on some of the key personnel, including the CEO of Windsurf.

 

Because the deal price was supposed to be $3 billion at the time and the exclusivity period ended. And now Windsurf is open to scan other options. But the key members of Windsurf indeed joined Google and some of the licenses were acquired by Google.

 

But what happened instead was that Cognition swooped in after Google had done its licensing deals and got on the key members. So now it was announced that Cognition is about to acquire Windsurf instead, but I don't think I've seen the deal price anywhere.

 

[Darren] (2:35 - 2:49)

Now it was kind of an unexpected twist, player three entering the chat and all of a sudden now Windsurf has been purchased after being pilfered by Google and the deal falling through with OpenAI. So kind of an interesting position they found themselves in.

 

[Pinja] (2:49 - 3:10)

It is and we've seen this before now that Alphabet, the parent company behind Google, is one of the key players who are acquiring the key AI talent and the key AI licenses. So it's not just Google and Alphabet who's doing this, but we're seeing the talent and the licensing being actually concentrating more to some of the few companies, the big companies that are out there.

 

[Darren] (3:11 - 3:32)

Yeah, Microsoft is doing the same. Basically anyone who can get their hands on, you know, the extremely skilled AI developers are being traded like football players at this point. And it's kind of interesting to watch.

 

I'm a little concerned after Sam Altman came out and basically said AI is a bubble. And so it will be interesting to watch that.

 

[Pinja] (3:32 - 3:44)

It was only a few days ago that we saw this. And of course, the wisdom, the hive mind of LinkedIn has already said this for a long time, as we know. But now hearing from Sam Altman is also kind of startling as well.

 

[Darren] (3:44 - 4:19)

I don't think it's a surprise to anyone, too, because one thing that happened over the vacation period that I did note was there was a breach in this one app. We were not going to get into it now. We might get into it later.

 

But everyone was quick to blame vibe coding, quick to blame AI assisted coding. And it turns out that it was just natural human stupidity that caused that problem. So we have this issue where people are already starting to develop this negative bias towards AI, even when it has nothing to do with AI.

 

So maybe Sam Altman's right.

 

[Pinja] (4:19 - 4:35)

Maybe there are many sides to this. Why it actually might be a bubble. But as I say, falsely accusing vibe coding and use of AI for something that happened way before turning to AI raises its head a couple of years ago is one symptom of this.

 

[Darren] (4:35 - 4:53)

Yeah, it actually kind of echoes. I was in Edinburgh before the holiday, giving a talk on how the Internet's becoming hostile because of AI and how we need to avoid it. And then I go on holiday for six weeks and I come back and all of this is happening.

 

So yes, I guess I called it. Shall we talk about GitHub?

 

[Pinja] (4:53 - 4:54)

Let's do that.

 

[Darren] (4:54 - 4:56)

More specifically, copilot chat.

 

[Pinja] (4:56 - 5:25)

Yeah, we're already talking about AI. We're trying to cover something else today as well, like before, but we were so sorry. AI is happening.

 

We cannot help it. But GitHub announced that the copilot chat is about to go open source. And this was announced at the Microsoft Build 2025 conference.

 

And the intention is to open source the code that is behind the copilot chat extension. There are some other plans to also refactor some of the cork AI capabilities so that it would actually go directly into the main VS Code code base as well.

 

[Darren] (5:25 - 6:28)

Yep. It's going to be an interesting change. I'm generally all for anyone opening any kind of AI.

 

The interesting part is it's not open. Like we've had this discussion before where any time a large company uses the word open or open source, you have to look at the part they're actually hiding. And when we had Henri Terho on the podcast, we were talking about how open rarely means open and how nothing is open with regard to AI unless you're open sourcing the model, the training data, the training weights, and all the requisite metadata to actually build those models yourself.

 

And as far as I'm aware, no one's doing that. And based on my reading of this, Microsoft is likely not doing that. They will open the code, but it will still have massive lacks of transparency across various different areas.

 

So I'm just, Microsoft said open and I'm not convinced.

 

[Pinja] (6:28 - 7:05)

Yeah, there were so many questions around this. It was around the DeepSeek conversation that we had with Henro Terho here on the podcast roughly six months ago or something like that. If the training data is not open, what are they actually hiding by saying that now this code is open?

 

But there are also these debates that whether this change will, of course, impact others who are having their co-pilot chat functionalities. Let's say we have GitLab's Duo. Will it have an effect on the ability of the current for-pay AI code editors to compete only on features in the future?

 

Because this is something that might change something in the market as well.

 

[Darren] (7:05 - 7:45)

It also changes the competitors because basically a lot of the competitors, I think like Cursor, were using these forks of Visual Studio Code. And basically it meant that a lot of the heavy lifting had been done by Microsoft. And it obviously caused various issues.

 

But the idea that now they'll have, well, I guess this is the alternative is they maybe could have licensed the extensions so they couldn't pull them through. But I think we'd need to look a little bit more into this. I think it's better that, I don't know, I just maybe I'm not trusting enough of the large tech when someone says open.

 

Maybe I should just take them at their word for once.

 

[Pinja] (7:45 - 8:39)

So Microsoft and GitHub reasoned this change by their significant advancements in the LLMs. And they said that this reduces the need for and value of the proprietary prompting strategies as well. So this was from their reasoning why they were doing this and moving open source. Let's have more AI.

 

Let's talk about more AI, I guess. We don't often talk about what the US government is doing, but let's briefly touch upon this. So it was not that long ago when we got the news that the Trump administration unveiled the AI plan.

 

It's called the AI Action Plan, which is built upon three strategic pillars. So this is the news from last month. So it's the end of July here.

 

So the three pillars that they're building upon on this strategic action plan is that they want to accelerate AI innovation. They want to build American AI infrastructure, but also lead in international AI diplomacy and security.

 

[Darren] (8:39 - 9:35)

Yep, they do. There has been some criticism, of course, it seems that a lot of actually technically inclined people just suggest that the action plan was written for tech billionaires to serve their purposes of continuing to invest government funds into various data manipulation techniques. And that sounds wrong data transference techniques, perhaps, and just ways of feeding the AI machine.

 

There are some thoughts that it's actually going to make things worse for people already affected negatively by AI through things like job losses. So it might be. Well, one thing that we like to talk about Eficode is having guardrails on AI, the idea of responsible AI development.

 

And instead, what this seems to suggest is dismantling guardrails and just full speed ahead on AI development, which is what is a stance.

 

[Pinja] (9:35 - 9:56)

It's a very interesting take, as we've seen this too, we've seen AI when it comes to regulation in the IT industry right now. So this is also accompanied by I think there were over 90 federal policy actions and three supporting executive orders with this AI action plan. So we shall see actually in the near future how this plays out.

 

[Darren] (9:56 - 10:14)

It's kind of interesting, as you say, we in the EU have seen this too in the EU AI Act, like attempts to regulate these things. And the US decided to respond by hold my beer. And they've, they've just taken off all the brakes plowing ahead as quickly as they can.

 

So.

 

[Pinja] (10:14 - 10:26)

Correct. This is the if in the 60s, 70s, and 80s, the race was who can conquer the space. So now is who's conquering the AI world and full speed ahead.

 

As you say, yeah.

 

[Darren] (10:26 - 10:36)

Okay, let's talk about GitHub. GitHub seems to have had some mysterious disappearance. I came back and no one seems to be in charge of GitHub.

 

What's happening there?

 

[Pinja] (10:36 - 11:15)

Yeah. So there was a blog post from roughly a week ago, just before mid August from Thomas Dohmke, who was the CEO of GitHub. And there was a blog post called Auf Wiedersehen GitHub.

 

And the TLDR of things was that he's stepping down as a GitHub CEO to go towards his next adventures. He's, of course, mentioning that GitHub is now thriving, and he sees a bright future ahead. So he wrote a blog post internally, but it was also published for the company news site that he's not departing the company.

 

But the funny thing is, like, we did not hear who's, who's actually following him, who's the successor. So I guess there's none.

 

[Darren] (11:15 - 11:51)

Yeah, I think there was also talk about rolling GitHub more closely into Microsoft. So GitHub as a thing, I'm not even sure how that's going to occur, because GitHub is like such an embedded name in the development industry. But I guess it will be rolled more into Microsoft.

 

So will it become Microsoft GitHub, and then Microsoft version control and Octocat will disappear completely? I'm not sure about that. Or maybe they're just going to have an AI acting as CEO for a while and see how successful that is.

 

That might be an interesting experiment, though I suspect it's been done before.

 

[Pinja] (12:10 - 12:12)

I guess not.

 

[Darren] (12:13 - 12:22)

I think my favorite takeaway from this particular blog is the fact that internal Microsoft workers are calling themselves Microsofties. And that, that pleases me.

 

[Pinja] (12:22 - 12:28)

But did you see that it was in the TLDR that he wrote, what is the name for the GitHub employees?

 

[Darren] (12:28 - 12:29)

Are they Hubbers?

 

[Pinja] (12:29 - 12:31)

They're Hubbers. Yes.

 

[Darren] (12:31 - 12:49)

Hubbers is good, but Microsofties is… It pleases me on a certain level. But yeah, so GitHub, I imagine it's going forward with its development.

 

We're not going to see co-pilots slowing down. We're not going to see advanced security slowing down. We just, we don't know who's at the helm of that particular ship for the time being.

 

[Pinja] (12:49 - 13:19)

Now you mentioned security. So we've talked about some DevSecOps challenges lately in the podcast as well, especially during the springtime. We mentioned a couple of surveys.

 

So hey, here's another survey. The survey was done on 250 senior IT and security leaders that are based in North America. They said 62% of those people say that they work for organizations that knowingly release insecure code to meet delivery deadlines.

 

And I'm not sure this is actually surprising anybody here.

 

[Darren] (13:19 - 14:04)

I don't think so. So this study was conducted by Cypress Data Defense and a company called Tech Studio. Yeah, they interviewed 250 and they were senior IT staff.

 

It's not a huge sample size, but it's not exactly going against the data we already know. We understand that business drives development and security is often left behind. I don't think 62% of companies knowingly releasing insecure code is surprising, especially as there's no context to that.

 

Like what is insecure code? Are we talking about things with low level CVEs, which are probably not exploitable. So there's a bit of room for interpretation there.

 

[Pinja] (14:04 - 14:32)

That's true. We don't have the exact data here, but it makes a really nice clickbaitable headline as well. But then again, as mentioned, this is not a surprise that not every single time, not every company is taking security risks in earnest.

 

And I guess this is also something that we might see in the future. The study showed that some of the companies are now also outsourcing the security functions, which sounds kind of cool, quotemarks slash sarcasm.

 

[Darren] (14:32 - 15:30)

Yeah, it's unfortunate. I mean, it's kind of how the world is going in the direction of persistent outsourcing. There's this typical cycle that happens with tech where some things are outsourced and then they're pulled back in.

 

And that's what we're seeing with platform engineering. DevOps was outsourced a lot of the time and now platform teams are pulling it back in. The problem is security hasn't gotten there yet.

 

So security is still in the outsourcing phase. So yeah, they're saying 80% said they're open to outside help due to talent shortages. Then there are, you know, all these new requirements.

 

So 30% of respondents expect to be piloting software bill of materials initiatives in the next two years, which is frightening because why haven't they done it up to now? Why are they in 2025 talking about software bills of materials when it should have been in place for five years? It's an interesting situation to find yourself in, I guess.

 

[Pinja] (15:30 - 15:44)

It is. And we hope that now people are actually starting to pay more attention since all these survey results are coming up. But maybe we need to see the bottom of the iceberg as well before we see the actions.

 

[Darren] (15:44 - 16:10)

The problem is with security things, they are kind of self-fulfilling prophecies in a way, which is either you fix the problem before it's exploited and then you have to explain why it needed to be fixed in the first place or the problem gets exploited and you cease to exist as a company. So there's no one left to be accountable. So it's a bit of an unfortunate catch 22 where no one can really push it in the correct direction.

 

[Pinja] (16:10 - 16:30)

Okay, enough of anything else but AI. So back to that. Nvidia, they became the first company to hit the $4 trillion in market value during the summer time.

 

And maybe enough of that devaluation itself, but maybe something around that. So this is something very interesting, a monopoly effect that we see here happening.

 

[Darren] (16:30 - 17:28)

Basically Nvidia supplies, I don't know the numbers, but I want to say most, if not all of the high-end GPUs required for machine learning for artificial intelligence. And they, as far as I'm aware, make most of these cards out of a single set of factories in Taiwan. So you have this interesting effect where no one else in the world is making these specific cards because of the level of engineering accuracy required.

 

It's only been developed in that one area and getting there for everyone else seems difficult. It's kind of an interesting topic and I think we'll have to dig more into it because it shows that the choke point for AI is not actually one of these large American companies like everyone would like to believe, but it's the output of a single company based in Taiwan. So I think that's what we'd find if we looked into it.

 

[Pinja] (17:28 - 17:45)

And going back to what was mentioned, what you mentioned before, Darren, in this episode, that Sam Altman himself saying that this is, we're at an AI bubble right now. So in light of that, that quote, for example, having the $4 trillion market value is also very interesting.

 

[Darren] (17:45 - 18:05)

Yeah. Alongside the 800 different new AI tools that pop up every day coded in 12 minutes by AI. It's not going to be surprising if a lot of them stop or don't even start turning a profit and then collapses happen.

 

But I think we should maybe pivot to the most important part of the news.

 

[Pinja] (18:05 - 18:34)

Yeah, we left the best for last, obviously, just to keep the anticipation alive. But previously in this podcast, we have already mentioned that we have influenced the world from our small podcast here. And previously, we have talked about saunas and what is the significance of those to culture, to health.

 

And previously, we also mentioned that the BBC had already reported that there are significant health benefits when you go to a sauna.

 

[Darren] (18:34 - 18:52)

Yep. Shortly after our extremely sensible piece on sauna, the BBC picked up something very similar that we're pretty sure they copied from our podcast because we don't know what their other sources could be. But now we're actually starting to see influences across the other side of the world in Australia.

 

[Pinja] (18:52 - 19:06)

Out of all the places, they are now installing saunas more and more. Okay, fine, they're infrared. And if you go and ask a fan if an infrared sauna is the correct one, we know that's wrong.

 

But hey, yay, we also won. So we don't care so much about it.

 

[Darren] (19:06 - 19:23)

Not only are they having their own infrared saunas, but in Perth, there is on the Swan River, a floating sauna. And those have been a mainstay in Finnish culture for decades already. So I'm glad to see Finnish culture spreading out to Australia.

 

[Pinja] (19:23 - 19:30)

You're doing the best part. So Australia, you're welcome. We're happy to influence you more.

 

If you have any questions, you're more than welcome to ask Darren and myself.

 

[Darren] (19:30 - 19:43)

We're happy to educate on any issues about sauna. And I guess if we have to, we can talk about DevOps too. So yeah, that's all we have for you today.

 

We will be back next week. Thank you for joining me again, Pinja.

 

[Pinja] (19:43 - 19:44)

Thank you, Darren. It was fun.

 

[Darren] (19:45 - 19:46)

We hope you join us next time.

 

[Pinja] (19:50 - 19:53)

We'll now tell you a little bit about who we are.

 

[Darren] (19:53 - 19:56)

I'm Darren Richardson, security consultant at Eficode.

 

[Pinja] (19:56 - 20:00)

I'm Pinja Kujala. I specialize in actual and portfolio management topics at Eficode.

 

[Darren] (20:01 - 20:03)

Thanks for tuning in. We'll catch you next time.

 

[Pinja] (20:03 - 20:11)

And remember, if you like what you hear, please like, rate and subscribe on your favorite podcast platform. It means the world to us.

Published:

DevOpsAtlassianSauna SessionsAI