Ep. #34, Technical Founders in the AI Era with Sunil Dhaliwal

Brian Douglas: Welcome to another installment of Open Source Ready. John, hello. How are you doing?

John McBride: Hey, Brian. I'm good. I just got done shoveling us out of another blizzard, which is great.

Brian: Oh amazing.

John: But here we are.

Brian: Wow. I'm actually not even wearing a sweater today because the sun's out, even though it's kind of cool outside in Oakland. Yeah, it's feeling good.

John: Oh, man, I'm jealous.

Brian: I don't even know what snow is at this point. But we're not here to talk about the weather. We're here to introduce our guest Sunil Dhaliwal. Sunil's from Amplify Partners. Sunil, you want to say hello?

Sunil Dhaliwal: Hey. Glad to be here, guys.

Brian: Yeah. Are you based on the East Coast? I didn't even ask that up front.

Sunil: I'm an East Coast guy who got tired of shoveling and so now I've been in the West Coast in California for 13, 14 years. I started Amplify. Funny enough, Amplify got started on the top floor of my house in Cambridge but I very quickly moved within the first year to be a Bay Area resident.

Brian: Excellent. Yeah. Left coast is the best coast.

John: Yeah. I've been very surprised, actually by the startup community. I'm down in New Haven, Connecticut, so halfway between New York and Boston. But the startup community in Boston is really excellent. Obviously New York is the city, so there's a lot there. How was it starting the fund in the Boston area?

Sunil: It was great. You know, Boston had been home for me for about 17 years at that point and I had been a partner at a large fund for almost a decade and a half. I was there at that fund before even starting Amplify, probably where I did my first open source investing, funny enough.

But it was a moment in time where all the people that I was really focused on were kind of coming out of the DevOps movement and the first iteration of, they weren't even called hyperscalers at that point. They were kind of big web companies and they were prolific in producing and releasing open source software. And those turned out to be a really core group of founders that I ended up backing. And so I just needed to be close to that group and that's what took me West.

Brian: Yeah, yeah, I've been out here for 11 years at this point, and not for the investing side, more for working at startups. And yeah, honestly, I feel like the vibes are immaculate, is I guess what the kids say.

But no, honestly, I'm about to go to a happy hour tonight. I've done two dinners in the last week with founders. You can't recreate this, the vibe that you have right now, this current iteration of startups and AI and open source.

But we wanted to talk about your background as well. So you started Amplify you moved to the west coast. You have quite the track record. And I say "you," but I know you have partners at the fund as well, and I've actually interacted with quite a few in the past years of my career. But there's some like really good names like within the PortCo.

So like Datadog, Runway. Actually I didn't even realize Runway, like Runway is something I've seen, but didn't know is one of your PortCos as well. But there's quite a few other ones like Fastly. DBT Labs as well. I'm a fan of what they've done with data and like streaming and stuff like that. So I'm curious, specifically, like how do you pick them? It's probably not an easy answer but I'm curious what your sort of formula is.

Sunil: Well.

We started Amplify really to do one thing which was to back technical founders and that seems like not that crazy of a statement at this point, but at the time it was a little bit unique because you tended to have people who were very strong in the business side of things and then the engineers were maybe the afterthought. But one of the great observations we had, particularly as cloud democratized the ability to start companies and build software, was just this idea that a technologist could go very, very far.

And that showed up in a bunch of different ways. In the open source world, it actually showed up slightly differently which was there was a big open source ethos that came out of a lot of the large web companies. And it was one part necessity but also one part culture where a lot of the hardest technical problems were being taken on by Facebook and Google and Amazon and Netflix and many other kind of large scaled web companies.

And to bring those people on, those people were inventing and building a lot of picks and shovels software and infrastructure software that in the past people had typically bought. So you had these pockets of people building for themselves and looking for ways to share and trade and to take advantage of best practices.

And in a world where IP mattered a ton, I think a lot of people were coming out of open source communities, were contributors to open source communities and had that ethos of we can both build to solve our needs, but we can also make this software available, our pieces of software available in an open source way that helped make some of the mission critical stuff they were now relying on in their day jobs actually more resilient and reliable, have bigger communities, give it a lifespan beyond just the couple people maintaining it internally.

So there were some cultural reasons and some practical reasons. And now I think if you fast forward 15 years you see open source is probably the default way to do so many different things in infrastructure. It's a reasonable way to do many things higher up the stack . But this kind of Cambrian explosion I think really came out of that era and that moment in time.

Brian: Yeah. So I'm curious, what are you seeing change in the last year to two years now with AI? So you laughed at the idea of technical founders because now we have folks that can do way more with less. We're having YC companies with two-person teams that are building a vertical SaaS and hitting market as fast as possible and hitting their $100 million run rate as soon as they're out of demo day.

Do you feel like the technical founders are still living in the heyday or has it shifted a little bit to like folks who are technical adjacent, like the product managers are now shifting left into like I can probably get further without even introducing an engineer too early?

Sunil: Yeah, I think they can get further but I don't think it changes the fact of what makes any company great is there's a moat, there's something that they do. And for a firm that focuses on technical founders, and that's really been the ethos of Amplify from the beginning is we help technical founders go build these game changing companies.

If you gave me the choice between someone who really deeply understood technology and not as a founder, I'm going to take the one who does.

But I think what it comes down to is what you pointed out was this idea that in order to scale you do have different skill sets that you require. And some of them could be technical skill sets and others could be things like product sense or the ability to recruit or fundraise or market. You know all of those things go into making small companies get big fast.

And like most things, it's just really about raising the bar. Like the game gets harder every year. It's been harder every year out of the 28 years almost that I've been doing this. Like it's just harder. There are lower barriers to entry for people coming in. There's more capital, there's better tools, there's better distribution, visibility. Knowledge is democratized. AI is now a great equalizer.

So I don't think, to your question, it's a lot about how people replace. Technical out, non-technical in. It's more about like yeah, it's not just good enough to say like my engineering expertise keeps other people out of my discipline. Now it's like, "yes and my engineering expertise needs to be accompanied by these other expertises."

Brian: Yeah. And John, Sunil mentioned a trigger word with the Cambrian Explosion. You had wrote a blog post around this. I don't know if you had wanted to add your commentary to that.

John: You've activated me like a sleeper cell. I use those exact words. But I was referring to the Cambrian Explosion in that post around just the vast quantities of just software that's being produced. And this was in like November, December that I wrote this and you know just in the few months of 2026, the things that people are going and making.

I won't bury the lead on this. There was a post for the Reads that I had kept about somebody making and vibe coding software that their dog is actually somehow making and generating and is really hilarious to me but also kind of crazy that you know, a dog is interacting with Claude Code somehow to go and like make software and there's like a feedback loop, some weird Pavlovian thing that's going back and forth.

But that's the Cambrian Explosion of software. There's just so much out there. Most of it is probably just cruft, you know, nothing that anybody would actually have to maintain or look at or care about long term.

Sunil: So what do you think matters in a world where generating software, the marginal cost is minimal?

John: Yes, yes, that is exactly the question. For me I think it's security actually. I think one of the things around the reliability and the, I hesitate to use the word safety, but just the guardrails of where these things are, how they're deployed, the attack vectors that then come in.

You know, maybe we're not deploying the dog software but there's sure going to be some product managers at these big hyperscaler companies that are going to hit deploy on these one-off things that they went and built that maybe didn't get a red team to look at them, that maybe didn't get an engineering team to look at them. It's a little scary but as Brian knows, I'm a skeptic or at least I'm a little paranoid.

Sunil: Yeah.

Brian: Yeah, yeah, I mean everyone's been watching the OpenClaw saga in the like the last 60 days at this point, maybe in less. And like there was the article or the tweet where the AI safety person at Meta had ran this on a machine. I guess it came out that it was a test but it did delete a bunch of emails and the control and the safety of letting OpenClaw like run ham on like your personal tokens and everything like that.

John: Yeah.

Brian: It's concerning. I don't know, I'd be curious like what you're seeing, Sunil. But I feel like there's stuff that we did 10 years ago with Cloud Native. We have all this infrastructure to spin up Kubernetes, pods and run servers and have security. Chain guard's another one of your PortCos as well.

The opportunity is now that can translate into what we're seeing in AI. So we're moving past where everything was LangChain and SDKs, but now we're running on Mac Minis. Like this full exposure. So that world probably looks like we're containerizing or spinning up VMs or something to sort of like sandbox this world.

Sunil: Yeah.

I don't get too bent out of shape out of the particular security vulnerabilities. Not because they're unimportant. It's because it's kind of a predictable evolution. We move to new platforms and new platforms introduce new vulnerabilities.

When we move to the Internet, which is-- I'm old enough to remember the move from client server software to, you know, things that you access through a browser. And it was the least secure thing in the world. There was no SSL like you. You couldn't even trust that the packets going over the wire were yours alone. Let alone things like, you know, user authentication or firewalling or understanding if there's people within your network and data expo and all the things that are expensive and slow and crufty to get right and still decades later we're trying to do.

There's no reason for me to think that AI is going to be any different. It will have problems, those problems will get solved in sequence and some early adopters will go too far and they will get burned and some people will move too slow and they will not get the business opportunity. And people are going to have to balance that risk frontier and we're going to do attack defense improvements all the way up the curve.

People get paranoid and they, they get into their doom porn about how AI scale stuff is going to accelerate all of this to levels that we can't even comprehend. And they may be right, but it doesn't really change the fact that security, reliability, interoperability, all the things that people want out of software, you know, it doesn't really change. And what changes is the platform's changed.

We now have this kind of new medium to build and deploy that goes bigger and faster than anything we could have conceived of before. But the requirements that people have for the technology and what they want to use it for also hasn't changed. People don't vibe code apps and deploy them in an enterprise because it's cool or fun. They do it because there's some problem they're trying to solve.

And it all comes back to what is the core of the problem, what is the product market fit equivalent that you got to deliver? And in a world where you can generate insane amounts of slop, there are things that matter in terms of whether or not your slop actually becomes useful. Right? What are those things? Taste matters. Right? I think if we learned one thing from the previous Cambrian Explosion is like, everyone's got one of these, and now there's video everywhere and there's content everywhere, and the barriers to generating insane amounts of content have just drunk, gone to the floor.

Well, what matters now? It's taste. It's curation. It's like what's good versus what's not good. You know, you mentioned Runway earlier, Brian, which is another Amplify portfolio company. We've known them from the very beginning, since Sarah Catanzaro met them at NYU. And I'm still on their board today. But, you know, that's a company that's inherently built around the idea of generating insane amounts of pixels.

You know, everything you can conceive of, you can generate. But why is that valuable? Well, it's really valuable in the hands of someone with taste and curation that can actually do something attractive and meaningful with it. I don't think software is going to be any different in the Cambrian Explosion that's happening right now.

So taste matters. Product-market fit's a version of taste. Does it do the thing that you need? Security matters.Reliability matters. Interoperability matters. Getting the business outcomes matters. People don't run code to run code. They run code to achieve outcomes.

So all of those things, I think, are going to become the new filters that are the "why" behind me saying that I don't think anyone's going to go vibe code away Cloudflare. No one's going to vibe code away Crowdstrike. No one's going to vibe code away Datadog. They do things and they give enterprises reliable services in certain ways that that vibe coding something isn't going to do.

John: Yeah, 100%. I think it's a little reactive how the market often waffles back and forth. Like you mentioned with CrowdStrike, you know, Anthropic releases Claude Code security or whatever. And I think it's a naive approach to say that that's all CrowdStrike does, which it's not. It's not just code scanning. It's not just vulnerability scanning.

They do so much with network defense in depth and all kinds of things. So I'd love to ask you, you know, what would you tell a technical founder today? You know, in that age of, like, it's so easy to generate a bunch of slop. How do you go find product-market fit?

And maybe it's just an age old question, but it seems like it'd be really easy to go down some like crazy rabbit holes if you're just building and building and building all this stuff and then you're getting a bunch of AI hype bros to tell you it's amazing on Twitter. How do you go and do that actual product-market fit today?

Sunil: Well, I don't have a great answer for everyone, but I can kind of answer the question in reverse, which is a little bit more of what do we look for? And I think we've routinely looked for founders that exhibit this idea of founder-market fit, which is, you know, you have to understand this problem, you have to appreciate it, have lived it, worked around it for a number of years, and by being close to problems, you're probably best positioned to deliver solutions.

The number of examples of this in our portfolio are countless. Olivier and Alexis, who started Datadog, built that company because they were responsible for scaling and standing up AWS infrastructure and realized there was no reliable way to understand, to monitor and do basic management of the things that they were standing up. They built for themselves and then realized what they were building for themselves had utility for others.

That was exactly how Artur Bergman started and built Fastly. He was at Wikia. There wasn't a way to reliably do small object refresh, small object caching, which was essential for Wiki platforms. You know, not hosting large video files, but hosting small objects. Like that's what Wikis were at the time.

And he's like, oh, I could use this open source project Varnish and I could rework Varnish into something that became a really strong foundation for a better distributed caching layer that I could run a CDN off of. And that was how Fastly got started. He knew that problem, he lived that problem.

A more current one, which I think a lot of people are just starting to appreciate the scale of their importance, is a company called Temporal. You know, at Temporal, Maxim and Samar, who started that company were engineers at Uber. They were previously at Microsoft. You know, they had worked together, actually it was like their third time working together.

And at each iteration of that, they had built an equivalent thing which was, you know, how do we make distributed systems work reliably, particularly when we need to hold state across sessions? And they coined the phrase durable execution, created this durable execution category. And Temporal as an open source project is massive.

But product-market fit for Temporal the company and dramatic revenue growth for temporal the company is entirely a function of these guys knowing exactly what the business problem that someone needs to solve, the technical issues that get in the way from roll your own and they just methodically build what's needed. And you know, that's not a thing that comes from anything other than taste and judgment and experience and being close to problems.

So to go back to your original question: What advice would I give to founders who are thinking about this? It's really about, if you don't know something really well or well enough to have some insight as to what the problem is, you might be behind the eight ball a little bit, at least as far as working with me. But that means get really good at understanding something, like really understand what the problems are, and I think you're going to be well positioned to understand what the solutions should be.

Brian: Yeah, this is great. John DM'd me and tells me that this is like a masterclass for DevTool founders to be listening to. I'm hoping that folks see we're getting a lot of good clips from you and we're sharing this with our listeners and our future listeners as well.

I did want to ask a question which is more of a, I think everyone's thinking this but you probably have a good answer or just a simple answer for this. But we talked about the AI part but also the hyperscalers, so a lot of folks are nervous around open sourcing parts of their tech. We can go all throughout conversation about like licensing and like what license to choose and how to protect yourself against AWS.

But I'm curious like for folks that you've worked with or even like folks that you're working with in the future, like is that something that folks should consider when preparing to open source or while they're sort of building something that's trying to get product market fit?

Sunil: Yeah, I think you should consider all that sort of stuff. And I think a lot of people should consider why open source to begin with for anything that they want to do, right? You know, open source solves some problem or you wouldn't do it. And for some people that problem is like, "I'm part of communities, I believe communities build better software. And so I think we're going to get better software by doing it this way."

And that's a very rational thing to do. Other people view open source as distribution, right? If it's out there and it's available lots of people are going to try it. And lots of people view it as product development. If I can build and retain a community, I'm going to get commits from other people who are close to problems. They're going to do a lot of the work and we're going to build something more useful and more valuable together.

And other people do it a little bit out of maybe necessity. You know, I'm building a heart and lungs reliable thing that a large company isn't going to pick up if they know that I could go out of business and my source code would be gone forever and then they've made a terrible decision to rely on me. And maybe they feel less worried about that decision if in fact the core of it's open source and push comes to shove like they could have to take it over. They probably don't want to, but they could if they really needed to.

So all of those things are just versions of problems that people want to solve by doing open source. And I think for anyone that's going to launch a company or forget even a company, just say like here's software I want to build and that I want to put out into the open source domain. I think I'd always start with what problem do you think open source solves for you? You know, which of those things are you trying to get out of it? Is it altruistic, is it distribution, is it community building, is it to ease customer adoption and to soothe big companies who are worried?

And then I think based on those decisions you might have that second order effect, Brian, to the questions that you were asking is like, okay, well now I have to deal with some of the knock on effects of that. Right? If my project is successful, can a large company use that code and stand up an equivalent service?

Am I ultimately going to be competing with my paid version if I firewall some features and then five years down the road I have to go talk to Citibank who's really willing to pay me, but they're no longer willing to pay me a million dollars a year when the open source and one engineer to maintain it might only cost them 250.

You know, these are considerations that, that people have to come through. And that's not an academic example. I lived that example through one of the earliest open source infrastructure companies, a company called Chef, you know Ops code when I originally invested. And the Chef guys built a tremendous config management platform but you know, it ultimately was competing with its open source project amongst the largest users.

And Adam Jacob, who's still maintaining a lot of projects in the open source community, founder of System Initiative today. You know, Adam's manifestos on this topic are widely distributed and talks a lot about how to think about these decisions of what you open source and what you don't.

John: Yeah, Brian and I talk about this a lot actually. We had Adam on about a year ago now and I went to this pretty incredible talk at KubeCon in Salt Lake. It was like their Startup Fest where he gave a talk about like open source and your startup. And really the ethos was like, don't, don't give it away for free. Like you built it. Don't just give it away for free. There's so much more to that. But yeah, I think about that episode all the time.

Sunil: But there's a lot in there. There's a lot in there that's really relevant for today. Right? Cause when he talks about don't give it away for free, you know what he says is like, the code, anybody can have the code, but the code isn't the software. That's not the brand, that's not the packaging, that's not the runtime, that's not the delivery, that's not the support. You know, and people don't buy repos for the most part. People buy software.

And I think there's a interesting analog here in the AI world where you'd go, well, I can generate lines and lines of code for free. That's totally true. Now give me the bright line between code generation and software. And it starts coming down to things like trust, it comes down to support, it comes down to reliability, it comes down to security, it comes down to brand.

Brand matters a lot. All of those things are going to be hyper relevant. And I think people who have navigated open source software are going to probably have a clearer view of navigating the kind of AI software rebirth than people that can only look at this through the lens of like, I build code, I run a single shared instance in the cloud and I give you credentials and I charge you 99% margins for that. And that's a tough place to be right now.

Brian: Yeah, it's crazy because I was thinking as you were talking about this, then you mentioned Chef and like, yeah, I was going to interject and be like, "oh, yeah, Adam." And then you, you segued into mentioning Adam's journey and story. So yeah, super resonant for where me and John are at and the audience as we've been going down this path and telling these stories.

I did want to ask a question about the monetization part, which is like, we're in a world where with AI, like a lot of folks who were building like LLM wrappers or GPT wrappers, like, you can get pretty far with free credits. And I think that kind of ended last year, at least with OpenAI and their sort of like generous credit delivery for startups.

There's already a wave of folks that have to charge sooner. So like Perplexity is one. They ran through all their annual contracts that they gave for free and now they have like a product that you basically have to pay for to get any value out of. But for open source there was always this mantra of we'll build stuff and we'll figure out this sort of business model and the pricing later. And I'd love for your take on, in this current iteration of open source, with the AI movement, is that also a foot gun for folks if they don't think about this business model as soon as you incorporate and ready to go?

Sunil: Yeah, you have to have an understanding of it. Right? It depends on what open source means to you. If open source, again, is still like "the repos available, have fun," there's no marginal cost for you for someone to get that and to go run it. But if what open source means for you is "this software is available under open source and I'm actually going to host it and run it from a runtime perspective" or, you know, from an AI perspective, there's inference involved and each execution of the software, the thing that gives it value is this inference layer, and I'm going to run that inference for you," yeah, in both of those cases, cost comes way forward right into your face and you have to think about these things up front.

It's really difficult if you're not a funded company to think about handing out inference for free or runtime for free. Both because again, there's nothing nefarious about the use, well, there is something nefarious. Some users are spam, you know, crypto bots and, and DDoS, hosts and all sorts of other bad actors. But even putting those guys aside, and they're real, the average user shows up actually keen to try your product.

And if you don't have guardrails that say, "yeah, I know you're doing useful work, but I'm not going to let you go burn $500 worth of compute credits this month just because you're playing around with it," like that has real economic impact for an open source project.

So I don't think it changes too much other than I think what you alluded to in the Perplexity example and the OpenAI and the credits getting tapered example all point to the same thing, which is like there is a cost of inference that for all but the largest of players who have business models that can support handing out some level of inference for free, small companies are going to need to understand how to at least recover the cost of inference as part of people trialing or using their product early.

Or they're going to have to get really, really good at showing people value from a product in a fixed amount of time and a fixed amount of inference slash runtime costs so that that user can make a decision of "okay, I'm interested and I'm willing to buy something" and therefore recover some of that cost or "I'm moving on and I'm not going to burn any more your credits.""

You can't have those be open ended explorations on behalf of a user that just burn a company's money. That's, I think, going to come to the forefront for a lot of people very quickly.

Brian: Yeah, yeah. So I want to transition to Reads, but before I transition, John, did you have any other questions you wanted to ask for this part of the conversation?

John: I do actually, yes. So I'm curious your take on just like the general vibes in the open source ecosystem with interest rates being really high and open source program offices closing and you know, VMware going away, which was dumping all these engineering resources into cloud native. I'm curious your perspective on that, if you see a maintainer burnout problem, you know, are there new companies that you're funding or that the developers and founders that you're working with are interested in pouring engineering resources into?

Like what's your general take on just the ethos and the state of the open source ecosystem today?

Sunil: It's not monolithic and so I'm very hesitant to give you a take on the state of the open source ecosystem because that's going to change project by project and it's going to change company by company and person by person.

John: Yeah, that's fair.

Sunil: But there are some things you touched on that I do think are threads that run through it all.

Maintainer burnout is so real. So real. I'm sure you guys know this personally or amongst people in your inner circle. It's always been a thankless job. But now in the world where AI and bots and agents can even further take at massive scale and contribute very little, I think the reward for being a maintainer is low.

You mentioned Chainguard is one of our portfolio companies earlier, Brian. Chainguard exists in a large part because of this. Right? There's just too much open source software that we rely on and will continue to rely on. It should be open source for reasons of transparency and for community ownership. But that doesn't change the fact that this is critical security supply chain stuff that we have to understand.

And so having somebody like Chainguard step in and provide secure builds for critical packages even above and beyond which you're going to trust for a single maintainer to have to manage, assuming that Maintainer is a good actor and 99 point X percent of them are. But even beyond that, like you have to have somebody stepping in between to say we can, you know, maintain this to a standard where you should be relying on this software. And that's in direct relation to something like maintainer burnout.

I know people talk about things like which companies are in on open source or out on open source and you know, Mongo changes a license or Confluent changes a license and people kind of take that as a bellwether for something. Or Broadcom buys VMware and shoots a bunch of work that they've done. On a company by company basis, this stuff is going to rise and it's going to fall.

I think you got to start with again what I said: Why is some software open source to begin with? You know, who does that serve and why? And so I think it's very natural that as companies and commercial organizations exist, it's very possible that their motivations deviate from the initial motivations of the project. Some people in the open source community, the purists, are like, "See? Haha! Like the companies will always screw it up." Maybe. But did you get 10 great years in a project that you could fork anytime you wanted to along the way? You sure did.

So does the benefit far outweigh the cost? It's not even close. It's not utopian. But I do think that that core promise really hasn't changed. Right?

When people want to get together and build a community and create libraries and repos that are available for community use, that serves a purpose. And I don't really see that stopping. I don't see that slowing down. There's a whole class of things that are still far better to build in public than to build in private. And I expect that to continue to grow.

John: Yeah, that's incredible advice. I couldn't agree more. As a VMware refugee, it's definitely a wild world with the open source ecosystem and burn out. So, yeah, it's great advice.

Sunil: Yeah. When you guys think about how this stuff starts to intersect with the AI world and changing how software's produced and changing how software is consumed, I'm very curious from your perspective, what you've already seen how happening at the edges of open source projects and how maintainers or even would-be contributors think about things differently in the age of AI generated code?

John: That's a good question. I've been thinking about this a lot recently on the podcast the last episode from this we had on the maintainers of Ingress NGINX in Kubernetes, which recently is totally getting sunset and it's probably going to leave a lot of companies in clusters in a very weird state without security patches.

And I think there's a cynical take where I could say like, oh, Isovalent and Cisco don't want to support that or provide engineering resources. But at the same time it was a sobering conversation because it was one of those things that I think they needed to really pull the plug on. Maybe they'd kept it going too long even. So it's good to see some action there from that.

But I think I'm nervous overall. Like, I feel like there's this incoming wave of a lot of software that we're going to need things like a Chainguard to continue to support or keep those guardrails and insurances that things aren't going to, you know, fall over or get nation state attacked one way or another. But again, it's hard to not have a cynical take. I'm curious what Brian would say.

Brian: John and I both worked at OpenSauced, which is the last thing we did before our current thing. But we ended up identifying a bunch of data like the JiaT75/jia-tan, like that sort of Postgres thing at Microsoft. And I have a similar take, but on the opposite end of we're now getting a bunch of stuff that's either vibe coded or Zero to Tech Debt so fast that you're not even sure where the stuff's coming from, like who these folks are.

Now we've got this article around the OpenClaw contributor that wrote a blog post for the maintainer that was like, hey, this maintainer doesn't care about open source and had like a, basically a slur campaign. It's like stuff that you'd see in slow motion. Because I worked at GitHub for five years, we'd see this on the other end and be like, oh yeah, we kind of identified these folks and there was like security to identify IP addresses and et cetera. Not to divulge too much of what GitHub's doing.

But now you're seeing it so fast of like, okay, like we're all depending on this like brand new thing because it's an MCP or even worse Skills. Like now you have the idea of Skills which is just markdown docs. So, so now we have to have another tool to like go through Skills or Socket Security and Snyk and a bunch of other folks are now scanning skills to identify for sanitation for prompts.

Things are moving so fast. But also in the same vein, I think we're now seeing a resurgence of open source and I think we're seeing it currently with like OpenClaw where OpenClaw is just like zero to fast track to like whether this is a hype train or whatever. What we're seeing is the actual sustainability of AI-first open source maintenance. And it helps that Peter just has nothing else to give. He's already sold the company. He just did this for a fun thing that he's kind of working on since last summer, but really in the last two months and we're now seeing the validation of community coming around that and sort of insulating and protecting the sort of benevolent dictator because I think that's what he's going to be taking over for the foundation.

So yeah, we're just kind of seeing like zero to foundation critical part of the infrastructure at least for OpenAI in the future. It's interesting to say the least. I think more people getting wise to open source for good or for ill. And it's really because the way I came into open source was because I had a problem I wanted to solve. I Googled it, found a GitHub repo, worked through it, built the thing and then I became an open source contributor, eventually maintainer of future things.

And it was basically I was just trying to scratch an itch. And I think you're gonna see a bunch of people scratching itches even faster and like viciously.

Sunil: I think that's a really great point. Right? Cause I think if you, as you get down the rabbit hole of building, and whether building is your fingers on a keyboard or an agent's fingers on the keyboard, proverbially scratching the itch is what you're actually gonna be doing. And once you do scratch that itch and once you do build things, there's a small group of people who want to do that and hold it to themselves and say, "this is entirely mine. I hope no one ever replicates it because my goal is to use it to profit asymmetrically at everyone else's expense."

I think there's a far larger group of people that say, "hey, check out what I built. Has anyone else done something like this? How could we make this better? You know? Oh yes, I think about extending it in that way," and all the things that seem very natural if you're a open source contributor or member of an open source community.

I think you now have a really powerful tool to expand what those communities can do and what those communities can become. I do think that overall the problem you described and I think your analogy to how GitHub handled certain elements of security is fascinating and really apt because, again, in a world where there's no barriers to the scale of authorship and contribution, where that's the marginally low cost thing to do, curation matters a lot. Taste matters a lot.

Being able to steer a project from point A to point B and not get pulled in the direction of what 20 slop agent submissions came in this week versus what two really good submissions came in the week before, you know, that requires taste and care and a point of view that I think very technical founders, very technical people can bring to communities.

And I don't think that that's going to be decreasing in value. I think it's only going to increase in value for the health of a community and a project and for the viability of if that could be a company or something more commercially minded on top of it.

Brian: Yeah, indeed. Well, I want to transition us to Reads. I did want to thank you for the conversation that we just had about Amplify and open source. Folks, definitely check out the website, the companies, the PortCos. But I'm going to ask you the question: Sunil, are you ready to read?

Sunil: Let's go.

Brian: Excellent. So I'll jump in first, John, because I think I have a quick one. We kind of touched all this already. I kind of alluded to it already which is, one, Anthropic is definitely gearing up for an IPO. I think everyone's sort of targeting for Q4, obviously, like TBD when that happens. But what's interesting one, yes, IPO is happening, but it feels as if, like, they're expanding their use cases.

So, like, where there are a bunch of AI researchers and all focused on safety, you saw the sort of takeover with the AI coding space. So I love this. I spent the last year sort of exploring with Continue.dev, the AI coding agent. They've sort of pivoted to something a bit broader now, but I got to learn the space really quickly. And this is also scratching my itch. I built a bunch of AI tools and then fell into this team and then started working with them.

But with Claude Code, that became a space that they're leading right now at this point. Like, I don't think I have to like mince words at this point, but there was a tweet, actually an article about measuring agent autonomy, and they were identifying a bunch of verticals or where agents are deployed.

And aside from software engineering, there's like, a huge opportunity for almost every other vertical through, like, education or back office. I hear a bunch of stories of folks like, deploying agents for, like, plumbing invoices and like, stuff that, like, a plumber wouldn't go to a QuickBooks directly, but would need, like, some sort of man in the middle to interact with that. They're like, super ripe for agents.

The other thing I'll mention is I have a twin brother. I mentioned this to you, John. And maybe I mentioned it on the podcast. I have a twin brother. He works in marketing for music producers out in Nashville. And he's always done the marketing and the ad stuff, but he got super into Replit about a year ago. And then over Christmas break, I was at his house and I was showing him Claude Code.

So now he's super into Claude Code and that he just recently started shipping OpenClaw, basically bots because of a blog post I wrote about Extdev and shipping OpenClaw in sandboxes or really in VMs. So now he's like, building an entire business plan of shipping bots for his clientele, which is like, unreal to see him sort of accelerate in less than a year. Now he's like a technical person building technical things. We both were copy-pasters of JavaScript in college and I went down this road and he's now getting to this road, eventually.

Sunil: Wow. Yeah.

The speed at which things are happening outside of software development is actually some of the most impressive stuff. And the number of builders that don't come from a traditional engineering background I think is really compelling.

Do you look at that and think that that's Anthropic taking over the world, or do you kind of think about Anthropic as an enabler of this? I'm curious where you are.

Brian: Yeah, that's a good question to follow up my Read, which I honestly think that what Anthropic is doing is they're kind of raising the bar a bit where like, I don't need another $20 a month plan to like, you know, manage my legal services for like doing my taxes in April. What I want to do is be being able to like go do that myself. And I think where I sort of like, I was all bought it on GitHub.

Like the next billion developers are basically coming from like places like this where you have an itch you need to scratch and you have an MCP server or a skill or like you have Claude Coworker or whatever you're able to do, like get dangerous with like whatever you need to get accomplished. And I think that's what's kind of opening up.

And I think what we're now seeing is like, me personally, I'm not running one of these vertical SaaSes and trying to raise money on it, but like, I wouldn't be building one of those. I build that as like a lifestyle business to scratch an itch to then like build some lifestyle money. What I'm personally interested is the stuff underneath, all this sort of infrastructure side. But I'm curious, John, like, how many services are you paying that look in these verticals?

John: Not a lot. I mean, there's the streaming services, I guess, which I don't know if I'm gonna ever pay for a streaming service that, you know, there is a world where maybe I could just prompt my Apple TV to give me the Spider-Man meets Lord of the Rings show that I really want. I don't know. Haha.

Sunil: It could.

John: That's the future. Yeah. Could be. Otherwise, I pretty much plug everything just into the connectors with the max plan and it can do just quite a bit. Brian, had you posted something about the editor for kids that Anthropic was building? Basically it looks like Scratch, right?

Brian: Basically, yeah. So they built a new code.org meets ScratchJr thing. Funny enough, my son, so I have a 12-year-old that's in the Bay Area, Bay Area schools and he's doing computer science in middle school and he's basically using code.org or Scratch to build subliminal programs like every-- I think a lot of people are familiar with this concept.

Sunil: Sure.

Brian: But what someone did on the Anthropic hackathon is like build a new language that's promptable to build something very similar to that where you're getting the same interaction. And I think where he struggles with a lot of the stuff I've been helping his homework on is like, I don't know, like when to put the stuff like the if and the else statement and all this other stuff. Like his brain kind of gets a little boggled around that.

And I remember back in the day when I just did algebra. Yeah. I'd get confused on some of the sort of basic things. But Bay Area schools, like we're going straight to computer science in sixth grade, so here we are.

John: Yeah, well it's the funny like evolution of things. Cause I remember in my high school computer class, whatever, writing a little bit of BASIC. And I just thought it was the worst. I was like, I'm not doing computers and all that and it wasn't really until I discovered the web and JavaScript and like I built all these stupid little websites. I built one for my band called Punching Pandas that was a bunch of just JavaScript moving, you know, these pandas around.

It was like, oh my gosh, I could actually program and like build stuff. So it's like that Next Billion Developers.

Sunil: Oh, it's gone full circle like.

John: Yeah, exactly.

Sunil: I've had a couple people that I've talked to over the years and they said, "yeah, I didn't go to college," or "I was a sociology major and, and how I got into programming, well, I took Harvard CS50 online and it was available and I did it."

John: Yeah.

Sunil: And I'm relaying this story to, trying to imagine that I'm being like all inspirational to my kids. I got three kids, the younger two of which did CS in high school, one's doing and one did. And I was telling them, I was like, yeah, the CS50 thing, it's available online. It's really powerful. And they're like, "Dad, what do you think our freshman CS class is?"

I'm like, what do you mean? They're like, our freshman CS in high school is CS50. Like we take CS50. That's why they make you take it pass-fail as a freshman. It's because it's kind of hard. But like, that's what you teach. I'm like, wait a second. Your introduction to Computer science is doing CS50, like taught in a school setting like that curriculum.

And they're like, yeah, like how would you think we would learn it? And I was like, I didn't really think how you would learn it, but that seems pretty awesome and very different from me, like working on BASIC programs in the back of a computer classroom on Apple IIe way back when. You know, it's a different world.

John: I'm convinced. This is a great time to be a builder and it's a great time to be an open source builder. I mean, it's very exciting.

Sunil: It really is. And I think it's kind of, it's wild to see the uncertainty at the moment, but I think what's more important than the uncertainty is that the tools get more powerful and the tools lower the barrier to entry. And I think a lot of people are spending maybe a bit too much time trying to look at and define the entrails, to understand exactly what the future holds of, like, is it going to be this shape or that form, you know, this shape of it or that shape of it.

I don't think you have to look too hard to understand that the tools are going to get more powerful and they're going to be way more accessible. And a lot of the cruft that you have to deal with just to think about building is going to get continually abstracted and what you're going to be left with is powerful primitives to turn ideas into value.

And like, that just is not slowing down. And I think that's the stuff that I'm probably most excited about this moment in time is it's coming from everywhere and it's coming so much faster.

Brian: Yeah, very cool. John, you have a Read. You mentioned that dogs are vibe coding already, but you had another Read as well.

John: Yeah, we'll put that one in the notes. That's a very fun Read. The other one was quite shocking to me actually, where Ladybird, the browser is adopting Rust all through, again, like we've been talking about it, AI. Just kind of crazy that they pointed this thing to their JavaScript engine which is written in C++ and were like, "write it in Rust." You know, obviously agentically going back and forth with the engineers.

I mean they said that they did this in two weeks and they have this huge internal suite of tests and rendering tests and all that that it's passing now. That's just crazy to me. Like if you told me even just before Opus 4.6 that it could reliably write good Rust, that would get something like that to that place, obviously with some like very skilled and talented backend engineers, browser engineers behind it. But it's just nuts to me. It's just crazy. Again, the world is moving very quickly and it's exciting stuff.

Brian: Yeah, that's crazy because I remember trying to Write Rust like 10 years ago, like super early. I lived down the street from Berkeley so like they had an event early, early days, small Rust community. Went to the workshop, hung out with Steve Klabnik and Yehuda Katz who I think Yehuda just joined Cursor of all places, which is pretty random but early early open source people within the Ruby and the Rust space.

And yeah, to hear that you could write type safe Rust using AI, that's amazing because I tried a year ago with Copilot and it wasn't worth the time. So yeah, we're very fast approaching that these things are going to be super useful in writing some serious system engineering stuff.

Sunil: Yeah, probably a Read that I'd say is worth, and I'll expand the horizon maybe of the audience a little bit, but it's in open source so I think it's really powerful, is one of the areas that I think we think is kind of dramatically underexplored is what's happening when you start to point AI at biology.

Funny enough there's a lot of it that looks very much like software engineering and code. There are primitives. Those primitives are relied upon to build things that are higher level abstractions and higher level abstractions. But the ultimate output is, you know, what can a cell do, what can an organism do to you know, hopefully cure disease or, or improve function in some way?

And AlphaFold was probably the most seminal thing that kind of came out of Google DeepMind and being a model that could like accurately start making these predictions of, of how we thought proteins could fold and molecules could be built.

The thing that's happened really recently, which is really cool, is the project out of MIT that is open sourced under the MIT license, is a project called Boltz, B-O-L-T-Z, and Boltz, if you kind of caught, if maybe people in the audience have caught what's happening around Boltz, it's hyper significant because everything that's happened so far has existed kind of in some proprietary models.

You know, people have started off down the OpenAI or Anthropic version of like we're going to try and gather data and we're going to train and we're going to build these things that sit behind the four walls. But Boltz is really meaningful because there aren't too many disciplines where the open source models are actually leading the way in terms of usage and power and the breadth of the problems they can solve and the willingness of users to support them from a data generation perspective.

You know, unlike OpenAI and Anthropic and others and Gemini who had the corpus of the Internet to train on, in biology you need proprietary experimental data. You need to have access to things that are, you know, that will really tell you about binding affinity and protein folding and you know, the shapes of antibodies and things that are really specific to building medicines. And that data just doesn't exist. Like you can't go Google search it there.

There is public information, that literature that's available to everyone but a lot of the next generation stuff really has to come from people who are willing to contribute and what contribution looks like in that version of open source or this version of open source is not people writing code as much as it is people talking about models and talking about data and talking about problems.

So you know, Boltz is really cool because not only do they have this MIT license of what you can do with it, everything in the pipeline, the code, the weights, the data sets are all public and any researcher who wants to work with it, any developer wants to work with it, can look under the hood and see all of those things as to how predictions got made.

And it's been a really interesting I think application of what a future of open source looks like in the world of foundation models because it has these really unique characteristics of where the data comes from, of the license that people pursued out of the gate, and then also just delivered some amazing speed, amazing, some performance, amazing usability.

And I think it's a really cool way for people to think about building models right now. I don't think models have to run behind a couple big titans or the duopoly or an oligopoly of large players. I think there are ways for meaningful open source models to actually make an impact.

Brian: Yeah, this speaks to my read earlier which was the sort of verticals that have opportunity for growth, especially in this AI race. But yeah, biology is definitely a world that I don't have a lot of context in. But I've got a couple articles I'll be reading after this and catching up because it's super fascinating stuff. I think for good or for ill, I feel like AI is here to stay and what we're having is a sort of opportunity for, again, the Cambrian Explosion, but also in other different places like biology. So definitely places to keep tabs on.

Sunil: For sure.

Brian: Cool. All right, well Sunil, thanks so much for the conversation.

Sunil: John and Brian, it's great being here. Thank you so much for having me.

John: Thank you.

Brian: And listeners, stay ready.