logo
episode-header-image
Mar 2025
1h 5m

Securing ecommerce: "It's complicated" (...

CHANGELOG MEDIA
About this episode

Ilya Grigorik and his team at Shopify has been hard at work securing ecommerce checkouts from sophisticated news attacks (such as digital skimming) and he’s here to share all the technical intricacies and far-reaching implications of this work.

Join the discussion

Changelog++ members save 7 minutes on this episode because they made the ads disappear. Join today!

Sponsors:

  • RetoolThe low-code platform for developers to build internal tools — Some of the best teams out there trust Retool…Brex, Coinbase, Plaid, Doordash, LegalGenius, Amazon, Allbirds, Peloton, and so many more – the developers at these teams trust Retool as the platform to build their internal tools. Try it free at retool.com/changelog
  • Augment Code – Developer AI that uses deep understanding of your large codebase and how you build software to deliver personalized code suggestions and insights. Augment provides relevant, contextualized code right in your IDE or Slack. It transforms scattered knowledge into code or answers, eliminating time spent searching docs or interrupting teammates.

Featuring:

Show Notes:

Something missing or broken? PRs welcome!

Up next
Aug 22
Git with your friends (remastered) (Changelog & Friends #107)
Our Changelog & Friends proof-of-concept with Mat Ryer has been remastered! Now with full-length video on YouTube. Originally recorded: 2023-02-08 Mat joins us for some good conversation about some Git tooling that's been on our radar. We speculate, we discuss, we laugh, and Mat ... Show More
1h 47m
Aug 21
From Chef to System Initiative (remastered) (Changelog Interviews #655)
The epic show with Adam Jacob has been remastered! Now with full-length video on YouTube. Adam goes solo with Adam Jacob for an epic pod into his journey to get to System Initiative. From SysAdmin at 8 years old, to discovering Linux and working for Mom-and-pop ISPs, to open sour ... Show More
2h 22m
Aug 18
Cursor’s problem isn't just Cursor's problem (Changelog News #157)
Cursor has a big problem, Alireza Bashiri thinks plaintext beats todo apps, Manish built an offline AI workspace, OverType is a WYSIWYG markdown editor that's just a textarea, and sshrc lets you bring your config with you to remote machines. 
7m 37s
Recommended Episodes
Feb 2025
Build software that lasts! (Interview)
After 30+ years in the software industry, Bert Hubert has experienced a lot. He founded PowerDNS, published articles for places like IETF / IEEE, and built his own parliament monitoring system. That just scratches the surface. Recently, Bert wrote about what it takes to build sof ... Show More
1h 27m
May 28
This AI Tool Can Build Any SaaS App in Minutes
Episode 60: Can you really build an $8 billion SaaS startup by yourself using AI agents? Nathan Lands (https://x.com/NathanLands) sits down with Matan Grinberg (https://x.com/matansf), a physicist, AI founder, and creator of Factory AI—one of Silicon Valley’s best-kept secrets. M ... Show More
40m 47s
Jan 2022
What's in your package.json?
Tobie Langel, Open source strategist and Principal at UnlockOpen, joins Chris, Feross, and Amal to discuss recent widespread incidents affecting the JavaScript community (and breaking CI builds) around the globe. Two widely used npm libraries were self-sabotaged by their single m ... Show More
1h 9m
Nov 2024
Behind the product: Replit | Amjad Masad (co-founder and CEO)
Amjad Masad is the co-founder and CEO of Replit, a browser-based coding environment that allows anyone to write and deploy code. Replit has 34 million users globally and is one of the fastest-growing developer communities in the world. Prior to Replit, Amjad worked at Facebook, w ... Show More
1h 4m
Nov 2024
Clones, commerce & campaigns
Chris and Daniel dive into what Trump’s impending second term could mean for AI companies, model developers, and regulators, unpacking the potential shifts in policy and innovation. Next, they discuss the latest models, like Qwen, that blur the performance gap between open and cl ... Show More
53m 11s
Aug 2024
Battling ticket bots and untangling taxes at the frontiers of e-commerce
You can find Ilya on LinkedIn here.You can listen to Ilya talk about Commerce Components here, a system he describes as a "modern way to approach your commerce architecture without reducing it to a (false) binary choice between microservices and monoliths."As Ilya notes, “there a ... Show More
30m 52s
Aug 12
Confident, strategic AI leadership
Allegra Guinan of Lumiera helps leaders turn uncertainty about AI into confident, strategic leadership. In this conversation, she brings some actionable insights for navigating the hype and complexity of AI. The discussion covers challenges with implementing responsible AI practi ... Show More
47m 40s
Oct 2024
150: mobman 2
In Episode 20 of Darknet Diaries, we heard from Greg aka “mobman” who said he created the sub7 malware. Something didn’t sit right with a lot of people about that episode. It’s time to revisit that episode and get to the bottom of things.SponsorsThis show is sponsored by Shopify. ... Show More
43m 10s
Jun 30
Achieving Seamless Integration Through User Co-Design
Savannah Kunovsky and Jenna Fizel, co-managing directors of IDEO’s Emerging Technology division, talk about the future of technology in general and how we can work with our users to build the most impactful product. They explore prototyping and co-design techniques, as well as ho ... Show More
58m 53s
Listen to millions of songs and podcasts on Anghami