today's leftovers and howtos

• [Ubuntu] Design and Web team summary – 17 January 2020

  The second iteration of this year is the last one before our mid-cycle sprint next week. Here’s a short summary of the work the squads in the Web & Design team completed in the last 2-week iteration.

• 5 key steps to take your IoT device to market

  IoT businesses are notoriously difficult to get off the ground. No matter how good your product is or how good your team is, some of the biggest problems you will face are just in getting to market and maintaining your devices once they’re in the field. The webinar will take a look at how Canonical’s Brand Store product allows you to get to market while catering for long term problems and the need to keep your product up to date in the future. More specifically, this webinar will look at the common problems we see organisations facing on their way to getting an IoT device to market, and cover five key steps to solve these problems. Along the way we will dig a little into serval case studies Canonical has done with various customers and partners to show you what has already been achieved with these solutions.

• Fake cases — make sure yours is the real deal

  We’ve had some reports of people finding cases that pretend to be official Raspberry Pi products online — these are fakes, they’re violating our trademark, they’re not made very well, and they’re costing you and us money that would otherwise go to fund the Raspberry Pi Foundation’s charitable work. (Reminder, for those who are new to this stuff: we’re a not-for-profit, which means that every penny we makes goes to support our work in education, and that none of us gets to own a yacht.)

• Let’s Talk With Neal Gompa of Fedora @ openSUSE Conference

  In this episode of Let’s Talk, we sat down with Neal Gompa of the Fedora community at openSUSE Conference

• FOSSCOMM 2019 aftermath

  FOSSCOMM (Free and Open Source Software Communities Meeting) is a Greek conference aiming at free-software and open-source enthusiasts, developers, and communities. This year was held at Lamia from October 11 to October 13. It is a tradition for me to attend this conference. Usually, I have presentations and of course, booths to inform the attendees about the projects I represent. This year the structure of the conference was kind of different. Usually, the conference starts on Friday with a "beer event". Now it started with registration and a presentation. Personally, I made my plan to leave Thessaloniki by bus. It took me about 4 hours on the road. So when I arrived, I went to my hotel and then waited for Pantelis to go to University and set up our booths.

• Fugue open sources Regula to evaluate Terraform for security misconfigurations and compliance violations

  Regula rules are written in Rego, the open source policy language employed by the Open Policy Agent project and can be integrated into CI/CD pipelines to prevent cloud infrastructure deployments that may violate security and compliance best practices. “Developers design, build, and modify their own cloud infrastructure environments, and they increasingly own the security and compliance of that infrastructure,” said Josh Stella, co-founder and CTO of Fugue. “Fugue builds solutions that empower engineers operating in secure and regulated cloud environments, and Regula quickly and easily checks that their Terraform scripts don’t violate policy—before they deploy infrastructure.”

• Finance goes agile as open source checks the security box

  “At Northwestern Mutual, we’ve finally gotten past that curve,” said Sean Corkum (pictured, right), senior engineer at Northwestern Mutual. “Now we’re trying to make it even easier for our internal developers to participate in open source … and contribute more to the community.”

• Top NLP Open Source Projects For Developers In 2020

• Kiwi TCMS: Project roadmap 2020

  Hello testers, the Kiwi TCMS team sat down together last week and talked about what we feel is important for us during the upcoming year. This blog post outlines our roadmap for 2020!

• Shift on Stack: api_port failure

• How To Git Commit With Message

Proprietary Software and Openwashing

• Boeing discovers new software problem in 737 Max

  The news comes following the release of internal documents showing employees knew about problems with pilot training for the 737 MAX and tried to conceal them from regulators. In the documents released by US lawmakers, Boeing employees said the aircraft was "designed by clowns, who in turn are supervised by monkeys," in an apparent reference to regulators.

• A Georgia election server was vulnerable to Shellshock and may have been hacked

  Forensic evidence shows signs that a Georgia election server may have been hacked ahead of the 2016 and 2018 elections by someone who exploited Shellshock, a critical flaw that gives attackers full control over vulnerable systems, a computer security expert said in a court filing on Thursday. Shellshock came to light in September 2014 and was immediately identified as one of the most severe vulnerabilities to be disclosed in years. The reasons: it (a) was easy to exploit, (b) gave attackers the ability to remotely run commands and code of their choice, and (c) opened most Linux and Unix systems to attack. As a result, the flaw received widespread news coverage for months.

• Micro Focus AD Bridge 2.0: Extending security policies and access controls to cloud-based Linux

  With AD Bridge 2.0, organizations can leverage existing infrastructure authentication, security as well as policy, in order to simplify the migration of on-premises Linux Active Directory to the cloud, resulting in fully secured and managed Linux virtual machines in the cloud.

• [Attacker] stole [sic] over 10,000 hospital files

  Jason Corden-Bowen, of the CPS, said: “Moonie had no right to access confidential patient and staff records. He admitted his earlier wrongdoing and accepted a police caution yet he went ahead to reoffend knowing fully well it was not just against hospital procedures but it was wrong and illegal.

• Facebook Releases Open Source Speech Recognition Platform

  Facebook has announced that it will be making its wav2letter@anywhere online speech recognition framework more readily available as an open source platform. The framework was developed by Facebook AI Research (FAIR), which claims that it has created the fastest open source automatic speech recognition (ASR) platform currently on the market.

• Microsoft opens up Rust-inspired Project Verona programming language on GitHub

What's your favorite Linux terminal trick?

The beginning of a new year is always a great time to evaluate new ways to become more efficient. Many people try out new productivity tools or figure out how to optimize their most mundane processes. One area to assess is the terminal. Especially in the world of open source, there are tons of ways to make life at the terminal more efficient (and fun!) with shortcuts and commands. We asked our writers about their favorite terminal trick. They shared their time-saving tips and even a fun terminal Easter egg. Will you adopt one of these keyboard shortcuts or command line hacks? Do you have a favorite you'd like to share? Tell us about it by taking our poll or leaving a comment.