The Changelog The Changelog #353  – Pinned

The war for the soul of open source

Adam Jacob (co-founder and board member of Chef) joins the show to talk about the keynote he’s giving at OSCON this week. The keynote is titled “The war for the soul of open source.” We talked about what made open source great in the first place, what went wrong, the pitfalls of open core models, licensing, and more. By the way, we’re at OSCON this week so if you make your way to the expo hall, make sure you come by our booth and say hi.

read more

project Icon github.com

Source code for the command and lunar modules of Apollo 11 🌔

Original Apollo 11 guidance computer (AGC) source code for Command Module (Comanche055) and Lunar Module (Luminary099). Digitized by the folks at Virtual AGC and MIT Museum. The goal is to be a repo for the original Apollo 11 source code. As such, PRs are welcome for any issues identified between the transcriptions in this repository and the original source scans for Luminary 099 and Comanche 055, as well as any files I may have missed. A nice bit of history to peruse in honor of the flight’s recent 50th anniversary. 100% Assembly tho 😱

read more

Opensource.com Icon Opensource.com

What is POSIX? Richard Stallman explains

It’s great to read RMS and other GNU developer’s perspective on how we got past the UNIX days. I’m particularly interested in a conversation around this statement from the author: Open source discourse typically encourages certain practices for the sake of practical advantages, not as a moral imperative. I’m fascinated by the different perspectives. There’s one where F/OSS is a human right, and another where it’s a business opportunity. They’re not mutually exclusive, but which is more prevalent these days? My thought is that we wouldn’t be where we are today if the former didn’t dominate in the ‘90s, but we’re significantly more capitalistic with our OSS these days. What’s your take on it?

read more

DigitalOcean Icon DigitalOcean – Sponsored

Free Python machine learning projects ebook

To commemorate the 2019 PyCon conference and the worldwide Python community, Lisa Tagliaferri and Brian Boucheron from DigitalOcean have put together a free eBook of Python machine learning projects! As machine learning is increasingly leveraged to find patterns, conduct analysis, and make decisions — sometimes without final input from humans who may be impacted by these findings — it is crucial to invest in bringing more stakeholders into the fold. This book of Python projects in machine learning tries to do just that: to equip the developers of today and tomorrow with tools they can use to better understand, evaluate, and shape machine learning to help ensure that it is serving us all.

read more

logged by @logbot permalink

Tierney Cyren 1x.engineer

What is a 1x Engineer?

Fun little site poking fun at the 10x engineer meme. Here’s a sampler of things a 1x engineer does: Writes code that &emdash; gasp &emdash; has bugs. Writes code that others can read. Is a team player that goes to the same meetings their co-workers are required to go to. If you’re wondering whether the &emdash;es are intentional… yes and no. Bonus points for NES.css 👌

read more

Thoughtbot Icon Thoughtbot

Profiling Vim

Chris Thorn writing for Thoughtbot: Lately, I’ve noticed that opening Markdown files in Vim is slow. I don’t know exactly how slow, but slow enough that I notice a pause after opening the file before I can edit it. I’m not sure why or when it started, but it’s painful enough that I want to track down and alleviate it. I, too, have felt this pain, which is one of the reasons I no longer use Vim as my full-time coding editor. I still use it enough for its sluggishness to bug me, but not quite enough to go chasing down why it’s sluggish. This article might change my calculus on that decision.

read more

Strange Loop Icon Strange Loop – Sponsored

Observability is SUPERPOWERS for developers

Christine Yen, cofounder of Honeycomb.io, is giving a talk at Strange Loop 2019 on “Observability: Superpowers for developers.” When observability is folded into the development process itself, it represents the potential for a beautifully virtuous cycle: production stops being just where our development code runs into issues, and it becomes where part of our development process lives.

read more

logged by @logbot permalink

Forbes Icon Forbes

Developers don't understand CORS

Fascinating look at the underpinnings of the big Zoom vulnerability announced last week, including an excellent discussion of how a lack of understanding may have led to this huge fiasco. Author Chris Foster: What this says to me is that Zoom may have needed to get this feature out and did not understand CORS. They couldn’t make the AJAX requests without the browser disallowing the attempt. Instead, they built this image hack to work around CORS. By doing this, they opened Zoom up to a big vulnerability because not only can the Zoom website trigger operations in the native client and access the response, but every other website on the internet can too.

read more

The Changelog The Changelog #352

The Pragmatic Programmers

Dave Thomas and Andy Hunt, best known as the authors of The Pragmatic Programmer and founders of The Pragmatic Bookshelf, joined the show today to talk about the 20th anniversary edition of The Pragmatic Programmer. This is a beloved book to software developers all over the world, so we wanted to catch up with Andy and Dave to talk about how this book came to be, some of the wisdom shared in its contents, as well as the impact it’s had on the world of software. Also, the beta book is now “fully content complete” and is going to production. If you decide to pick up the ebook, you’ll get a coupon for 50% off the hardcover when it comes out this fall.

read more

Tobias van Schneider vanschneider.com

Content or design first?

This is a thoughtful look at the relationship between content and design, and some steps that designers can take to better work with copywriters. We all know designers and copywriters should not work in silos. We know design and copy should inform each other, rather than one being retrofitted to the other. This is especially true for UX writing, which must work in tandem with design to do its job well. Effective collaboration between design and content, however, is easier said than done. The author goes on to lay out some ideas to improve collaboration, mostly from the standpoint of the designer, but honestly I think a lot of these same ideas are important for developers. And you can extend it further by saying “don’t use placeholder copy for user generated content”.

read more

Michael del Castillo forbes.com

Shell invests in Ethereum

This is a really interesting usage of blockchain technology to ensure you are really getting what you think you bought. Michael del Castillo writes on Forbes.com: The fifth-largest oil and gas company in the world, valued at $262 billion, is investing an undisclosed amount in LO3, a New York startup using a modified version of the ethereum blockchain to make it easier for individuals to buy and sell locally produced energy using the existing network of power cables. While the bitcoin blockchain lets users track the flow of value without the need of banks to audit the system, LO3’s platform, called Exergy, is designed to track the flow of energy as it is added to a shared, local energy network, giving the neighbors who purchase the energy absolute certainty it really came from a windmill, a solar panel or a gerbil running on a treadmill.

read more

Nicholas Rempel blog.30hourjobs.com

Moving the world to a 4 day workweek

Is it possible to work just 4 days a week, be happier, more productive, and still make the same amount of money? That’s one of many questions Aidan Harper and other researchers at the New Economics Foundation and members of the 4 Day Week campaign are trying to solve in an effort to combat the problem of overwork, which is “leading to a crisis in mental health and well-being.” The single biggest cause of work related stress, anxiety, and depression is overwork. So much so that last year one in four of all sick days was the result of overwork — which is huge proportion of sickness caused directly by overwork. In some ways, you can look at this statistic as a massive drag on the economy. Losing that many work days is very expensive but, more importantly, it’s also a huge societal malaise. Every day people are feeling the effects of overwork and this statistic doesn’t even take into account the number of people who aren’t taking sick days but are feeling generally burnt out and are just barely getting by. To summarize — the 4 day workweek is a pragmatic response to a the problem of overwork that is leading to a crisis in mental health and wellbeing. If you’re just off the heels of the recent honest conversation about burnout on JS Party, then you’ll certainly enjoy this interview with Aidan Harper,

read more

SQLite github.com

Sqlite To Rest

LGTM, but why? Mostly because I wanted to dig deeper into node web server code, but also because I haven’t jumped onto the NoSQL bandwagon and think that web APIs are extremely useful. The result is a modest attempt at automating the CRUD boilerplate that every developer hates, while following the specs to make API consumption intuitive. I chose sqlite to keep the database side of things simple, with the intent that the API isn’t serving heavy loads.

read more

Jonathan Leitschuh Medium

Zoom's zero day bug bounty write-up

By now you’ve probably heard about Zoom’s zero day bug that exposed 4+ million webcams to the bidding of nefarious hackers. Security researcher Jonathan Leitschuh shared the full background and details on InfoSec Write-ups: This vulnerability was originally responsibly disclosed on March 26, 2019. This initial report included a proposed description of a ‘quick fix’ Zoom could have implemented by simply changing their server logic. It took Zoom 10 days to confirm the vulnerability. The first actual meeting about how the vulnerability would be patched occurred on June 11th, 2019, only 18 days before the end of the 90-day public disclosure deadline. During this meeting, the details of the vulnerability were confirmed and Zoom’s planned solution was discussed. However… If you use Zoom or if you’ve EVER installed Zoom, read Jonathan’s write-up and take appropriate action to update Zoom or to remove the lingering web server it leaves behind. Confirm if the server is present by running lsof -i :19421 in Terminal.

read more

Podcasts from Changelog

Weekly shows about developer culture, software development, open source, building startups, artificial intelligence, and the people involved.

0:00 / 0:00