Programmer Weekly

Welcome to issue 45 of Programmer Weekly. Let's get straight to the links this week.

Quote of the Week

"In programming the hard part isn’t solving problems, but deciding what problems to solve." - Paul Graham

News

Next Raspberry Pi CPU Will Have Machine Learning Built In

Eben Upton teases what the next Raspberry Pi silicon could do in a recent talk given at the tinyML Summit 2021.

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

The espionage group is exploiting four newly-discovered flaws in Microsoft Exchange Server email software, and has seeded hundreds of thousands of victim organizations worldwide with tools that give the attackers total, remote control over affected systems. Here is a

timeline

of this exchange mass-hack.

Hackers Breach Thousands of Security Cameras, Exposing Tesla, Jails, Hospitals

A group of hackers say they breached a massive trove of security-camera data collected by Silicon Valley startup Verkada Inc., gaining access to live feeds of 150,000 surveillance cameras inside hospitals, companies, police departments, prisons and schools.

Announcing the 2021 AI Index Report

This latest edition significantly expands the amount of data available in the report, which was drawn from a broader set of academic, private, and non-profit organizations for calibration. The report also shows the effect of COVID-19 on AI development from multiple perspectives, including how AI helps with COVID-related drug discovery and the effect of the pandemic on hiring and private investment.  

Linux Foundation announces new open-source software signing service

Thanks to the Solarwinds security blunders, we're all aware now of how vital it is to protect our software supply chain from unauthorized changes. Now, the Linux Foundation and partners have created a new free cryptographic software signing to improve open-source program security.

Git clone vulnerability announced

The Git project released new versions to address CVE-2021-21300: a security vulnerability in the delayed checkout mechanism used by Git LFS during git clone operations affecting versions 2.15 and newer. These updates address an issue where a specially crafted repository can execute code during a git clone on case-insensitive filesystems which support symbolic links by abusing certain types of clean/smudge filters, like those configured by Git LFS.

Proton Has Enabled 7000 Windows Games to Run on Linux

We are reaching another milestone with ProtonDB: we are very close to 7000 Windows games confirmed to be working out of the box with Proton on Linux. 

Reading List

Intel NUC as a backend for development

A comprehensive story on how I started using Intel NUC as a backend for local or remote development, while my code editor (on any machine) is used as a thin client.

Strategies For Small, Focused Pull Requests

A common suggestion for improving pull requests (PRs) is to "make your PR small and focused". But how do you do it?  How do you avoid a big PR when there's a lot of cross-cutting changes to make? How do you create small, focused units of work when you are building a large feature? How can you overcome your perfectionism and submit a PR that feels incomplete to you because the edges aren't all polished?

HTTPWTF

HTTP is fundamental to modern development, from frontend to backend to mobile. But like any widespread mature standard, it's got some funky skeletons in the closet. Some of these skeletons are little-known but genuinely useful features, some of them are legacy oddities relied on by billions of connections daily, and some of them really shouldn't exist at all. Let's look behind the curtain.

Metasploit Unleashed

A Free Online Ethical Hacking Course.

The Netflix Cosmos Platform

Cosmos is a computing platform that combines the best aspects of microservices with asynchronous workflows and serverless functions. This article will explain why we built Cosmos, how it works and share some of the things we have learned along the way.

Postgres Notify for Real Time Dashboards

Using pg_notify in Postgres alongside the NOTIFY and LISTEN syntax is all that's needed to build a real time updating dashboard.

4 Tips for Shipping Data Products Fast

Shipping a new data-centric product is hard, and under tight time constraints it's even harder. Here are 4 tips that are proven to help you ship new products fast.

This Website Accidentally Left Promo Codes in Their Source Code

Finding interesting things by inspecting websites.

The science behind semantic search

How AI from Bing is powering Azure Cognitive Search.

4 things you didn’t know you could do with GitHub Actions

GitHub Actions is a powerful platform that empowers your team to go from code to cloud, all from the comfort of your repositories. This post will walk through a few examples of how you can use GitHub Actions to automate and orchestrate your DevOps pipeline today.

Firebase Crash Course

This article is going to help you understand all that is Firebase. We’re going to cover lots of details about what Firebase is, why it can be useful to you, and show examples of how. 

Recommendation Algorithms & System Designs of YouTube, Spotify, Airbnb, Netflix And Uber

Bitsquatting Windows.com

An introduction to lockless algorithms

Watch and Listen

How to Configure and Operate Linux Servers

Learn how to configure servers running the Linux operating system, including the boot process, kernel modules, network connection parameters, and localization groups.

The Absolute Beginner's Guide to Emacs

This video is intended for people who have used other code editors or IDEs before and are curious to try out Emacs!  The goal is to teach you everything you need to know to get started with Emacs and use it for basic editing tasks. 

Streaming Data at Scale Using Serverless

Learn about where and why we'd use Kinesis, how Lambda helps you supercharge it, how to embrace (and deal with) the failures, common serverless misconceptions, and much more.

Building a bug bounty program for the Pentagon

Chat with Lance Cleghorn, who describes himself as "working to integrate crowd sourced security into the DoD [Department of Defense] through innovative bug bounty projects. AKA Hacking the Pentagon." 

Books

Guide to Functional Programming

Interesting Projects, Tools and Libraries

Clone-Wars

70+ open-source clones of popular sites like Airbnb, Amazon, Instagram, Netflix, Tiktok, Spotify, Whatsapp, Youtube etc. See source code, demo links, tech stack, github stars.

lazycli

Turn static CLI commands into TUIs with ease.

rpCheckup

rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.

wcp

wcp is an experiment in re-implementing something like the standard cp file copy tool. It is to 70% faster than cp, depending on the size of the files being copied. 

implot

Advanced 2D Plotting for Dear ImGui.

Lunatic

Lunatic is an Erlang-inspired runtime for WebAssembly.

Taro

A lightweight 3D game engine for the web.

Dolt

It's Git for Data

zola

A fast static site generator in a single binary with everything built-in. 

Upcoming Events 

Virtual: ProgressiveDelivery Conf21

ProgressiveDelivery Conf21 is a one-day, virtual event  for software engineers, DevOps practitioners, SREs and engineering leaders. Hear from top software delivery experts about how to release code faster and more frequently while reducing the risks for business.

Our Other Newsletters

Python Weekly

- A free weekly newsletter featuring the best hand curated news, articles, tools and libraries, new releases, jobs etc related to Python.

Founder Weekly

- A free weekly newsletter for entrepreneurs featuring best curated content, must read articles, how to guides, tips and tricks, resources, events and more.