投稿時間:2021-08-21 02:23:21 RSSフィード2021-08-21 02:00 分まとめ(29件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
Program	[全てのタグ]の新着質問一覧｜teratail（テラテイル）	スクレイピングにおいて取得していたいテーブルが複数ある際の対処法	https://teratail.com/questions/355339?rss=all	スクレイピングにおいて取得していたいテーブルが複数ある際の対処法上記のとおり、スクレイピングを行う際、取得したいサイトにおいてディベロッパーツールで確認すると、テーブルが複数ある場合、対象のテーブルが何番目なのかを知る方法をご教授いただきたいです。	2021-08-21 01:17:47
Azure	Azureタグが付けられた新着投稿 - Qiita	無料で使えるAzure Static Web AppsにGatsbyブログを爆速でデプロイする	https://qiita.com/thanai/items/115e4adeca568da0bfa9	ブログをローカル環境で動かしてみる先ほどのコマンドが無事に完了したら、ターミナル上で対象のディレクトリに移動します。	2021-08-21 01:34:13
Ruby	Railsタグが付けられた新着投稿 - Qiita	#7 Rails × Vue.jsで動的なページをSPA化させる	https://qiita.com/divclass123/items/fe54635b8434e9d82e08	って こと で scope が ある ん や ね 。	2021-08-21 01:52:03
海外TECH	Ars Technica	Tropical Storm Henri will make landfall in the northeastern United States	https://arstechnica.com/?p=1788793	henri	2021-08-20 16:16:07
海外TECH	DEV Community	7 things you should know about CYBERSECURITY for 2022	https://dev.to/dotnetsafer/7-things-you-should-know-about-cybersecurity-for-2022-4pe7	things you should know about CYBERSECURITY for Every time everything is being digitalized more and more many companies and SMEs choose to redefine and adapt their business model to adapt to the changes that have occurred in the habits and customs of both consumers BC Business to client as well as from other companies BB Bussiness to Bussiness The digitization of a company allows them to be much closer to their client find new business opportunities and improve productivity But not everything is so good the increase in the digitization of companies also implies an increase in cyberattacks which can make companies lose millions even lead them to bankruptcy How much are the costs of cybercrime The costs related to cybercrime in the world will reach trillion dollars this year a figure that slightly exceeds the size of the GDP of Japan the third largest global economy What is the probability of suffering a cyber attack of companies out of confirm having suffered cybersecurity breaches or attacks in the last months it has dropped from in These attacks were highest in medium sized companies to employees and closely matched with large companies employees or more and respectively What is the cybersecurity budget of a company Gartner expects enterprise IT security budgets to rise by this year Given the risk of theft of corporate information which according to the latest Accenture diagnosis is the most expensive component of cyberattacks which cause disbursements of million dollars per affected company per year also on average How much does a company spend on cybersecurity of large companies with more than employees as explained by the Ponemon Institute allocate million dollars or more in security expenses and more than dollars How much is the loss caused by a cyberattack on a company It is estimated that the loss of data caused by computer attacks causes damages worth between and dollars for small and medium sized corporations according to the Incibe In contrast losses for large firms amount to million dollars according to IBM What is the worldwide loss of companies due to cyberattacks At the international level economic losses from cyberattacks in exceeded million dollars Undoubtedly a figure that reveals the magnitude of the consequences caused by these incidents and the urgent need for companies and public administrations to be well prepared in this matter How long does it take for a business to recover from a cyber attack Everything would depend on the size of the company the amount invested in cybersecurity per year the type of attack and the affected part But it is estimated that it causes days of repair time in malware actions Why is Cybersecurity important for a company Cybersecurity is important because it protects all categories of data from theft and damage This includes sensitive data personally identifiable information PII protected health information PHI personal information intellectual property data and governmental and industry information systems Without a cybersecurity program your organization cannot defend itself against data breach campaigns making it an irresistible target for cybercriminals Both inherent risk and residual risk is increasing driven by global connectivity and usage of cloud services like Amazon Web Services to store sensitive data and personal information Widespread poor configuration of cloud services paired with increasingly sophisticated cybercriminals means the risk that your organization suffers from a successful cyber attack or data breach is on the rise	2021-08-20 16:54:57
海外TECH	DEV Community	How Unicode helps to ruin your software	https://dev.to/typeable/how-unicode-helps-to-ruin-your-software-246j	How Unicode helps to ruin your softwareAuthor Ville Tirronen How Unicode erases most of our assumptions on How Strings Actually WorkWe programmers mostly fly by the seat of our pants when it comes to writing simple stuff For simple things we have a strong set of assumptions instead of specific knowledge of how things work These are assumptions such as knowing that if b a then b is greater than a or that if we malloc some buffer we now have the requested amount of memory we can write on We don t go and look at the specifications for each and everything small thing we do We do this because checking everything would slow us down But if we did check we d find out that we re usually wrong in our assumptions There are numeric overflows and then a might be a lot less than a Sometimes malloc will give us a null instead of a buffer and were hosed We usually have to be bitten by these issues before we update our assumptions even a little bit And even then we usually correct them in broad strokes After having a nasty overflow bug we might correct our assumptions on integers to a is greater than a unless there s a chance that a is a very big number And we work based on that instead of having any precise rules how overflows work in our minds Adjusted assumptions are called experience They make you faster and correct more often However we might relocate some stuff like proper handling of malloc entirely from our internal category of easy stuff to our internal category of complex stuff And then we might actually go and look up how it works About StringsFor beginners Strings are the archetypal example of easy stuff Most likely we learned letters and numbers as children and they feel very familiar to us Secondly when learning to program most of us have done lot s of programming exercises using Strings because they are about the only interesting pre built data type in most languages We feel quite confident how Strings work when programming with them Thirdly we might have a good number of assumptions related to functioning of some simple character set like ASCII or ISO Either because we re that old or because our teachers were that old Those were character sets of the simpler times Origin Now in the real Strings are a very complicated thing Contrast them to for example your usual found in any language Int We know and understand the representation bits two s complement Or we can spend minutes in Wikipedia to learn it and we understand its semantics behaves like a number except if too large or too small For Strings we used to know the representation one byte per character check the ASCII table for what character it is but we almost never know the semantics Our String could contain our customers name It could contain a number bit of JSON or even an SQL statement Strings are the ultimate Any type and chances are that if there is no ready made representation for some item in a program it will be stored and operated as a String Regardless of whether you have dynamic or static types this throws all type safety to the wind And to compound many of the things we use Strings for are bloody dangerous like SQL or HTML And for that reason SQL injections and cross site scripting lead the vulnerability top lists year after year But at least we understand how Strings work as you know Strings We know how to concatenate change case and so on right UnicodeUnderstanding Strings is lot harder now than it was in around year We have been transitioning to Unicode for few decades now and its already been few years since I ve heard anyone complain why their characters aren t displayed right Printing them is another matter I hope that it will be solved in th century While being otherwise awesome Unicode effectively erases most of our useful assumptions on how Strings actually work but we haven t been very verbal on that happening And unfortunately many of us are probably still working with outdated assumptions on how Strings work And to make it worse many of us no longer understand the memory representation of Strings either Admittedly I don t really Broken assumptionsNext lets go through some of my old assumptions that I needed to throw out with ISO character set Surely this is not an exhaustive list but hopefully it is enough to kick the Unicode Strings out of your mental compartment of simple things A character is representable by single byteIn the olden days of ASCII each character fitted it seven bytes making it easy to size buffers and scan memory With Unicode this is an terrible assumption Let s walk through one arbitrary example to show why At some point Wordpress devs were fighting to stop SQL injections from happening The one example issue they were trying to fix was someone adding unwanted single quotes in the user input and messing their database with it Something like this imaginary example select from accounts where user s and password s ↓↓ User supplies whocares or true as password select from accounts where user Avery and password whocares or true And now everyone can log in as Avery Now the simplest imaginable way to solve this is to properly encode the single quote in the user input But that is simple in imagination only Don t That is each single quote must be encoded as or backslash single quote PHP devs then wrote addslashes function and everything was well for a while The only problem was that they did the escaping byte by byte and not character by character The devs were also blind to the problem as they only worked with single byte Unicode characters mostly old ASCII Then someone figured out that if you fed the system a String like 뼧or true you d get the SQL injection again To understand why lets look up how these characters are represented in Unicode codecharacterxbf뼧xbfc뽜x xc What the addslashes actually did was to replace all the value bytes with bytes c So 뼧or true turned into 뽜 or true and again there were injections It is not hard to imagine other similar disasters String lengths are somewhat stableIn ASCII the many of the common String processing operations were invariant regards to the length of the Strings This is not so with Unicode And though this property is probably relevant only if you re manually allocating buffers or trying to size up graphics let s look at few cases where String lengths change unexpectedly Firstly to pick a common String operation as an example does length x length toUpper x hold for Unicode x No since Unicode has among other things ligature characters such as fi which expand fold to FI Second example concerns normalization Since there are multiple code points for the same character Unicode forces you to do normalization so that two users don t for example end up with identical screen names One would guess that normalization or the process of picking up a canonical representation for some set of characters would not affect the number of normalized characters but it indeed does single character ﷺ expands fold into صلىاللهعليهوسلم So it is probably better not to assume anything about lengths of Strings after any operation Upper and lowercase are somehow linkedWe who lived with variants of ASCII tend make lot of use of upper and lower casing operations Besides of them now being able to change the lengths of the Strings there are some additional sharp edges Most importantly the old assumption that upper and lower case letters are in unique correspondence is lost With Unicode converting string to uppercase can lose more information than just what case the characters were in For example if you lowercase the Kelvin symbol K you get an ordinary lowercase k back with no way of converting it back This has surprisingly lot of relevance when doing case insensitive comparisons since toLower K toLower k but toUpper K toUpper k Origin Space is xThis assumption is still true The byte x represents space in Unicode But so do U U U and many others including a zero width space character U FEFF Whitespace is special We can t allow screen names like TheAlex and TheAlex at the same time because HTML will not show that whitespace and other users couldn t tell the difference So we must remove leading and trailing whitespace before processing And now Unicode makes it possible to screw up royally here All it takes is one spot in the code where someone forgets about multitude of whitespace and we end up with unnormalized data in our database And things start to go fail here and there Characters look differentUnlike ASCII Unicode has multiple code points for the same character and multiple characters that look nearly or completely identical without being the same character As a concrete example paste tyрeablе typeable to your favourite REPL repl it is handy if you have none at the hand Got False That is because the p is not a p but a Russian character for er sound As to why this is a problem let s take this bit of our database schema as an example uniq address UNIQUE CONSTRAINT btree country city address uniq name UNIQUE CONSTRAINT btree name I would posit that in Unicode era these constraints make no sense at all Being user input the user is free to mimic whatever address or name they want This allows the user to attempt all kinds of heists by say having same screen name as someone else Also things like addresses don t staydigital Sooner or later it s going to be read or printed and then the difference which the database was keen to notice will be gone Is there anything analog in your process that could be exploited by pretending to be an another user This problem certainly preceded Unicode especially in some character sets like ISO but Unicode makes this much worse and more widely applicable Getting down to it you can t assume almost anything about how the string is going to l̷o̵o̷k̵̶l̴i̴k̵e̷ Text goes from left to rightQuickly what happens if I d paste this to my terminal ‮rm rf your home directory dlrow olleh ohceI dare you to try yourself You can use any reasonable dumb thing to paste this in instead of your terminal if you care about your home directory Some languages are not written from left to right and to accommodate them Unicode has these flip the direction of writing codes The actual text is the same even though it is written from right to left so your terminal probably would try to wipe your files if you had tried my example Origin Besides messing with my colleagues on Teams with this this bidirectional writing has been used for quite a many hoaxes the longtime favourite being flipping long URLs backwards so they look innocent Strings have the same decodingOne of the things we happily assumed with ASCII and variants was that the decoding was trivial and unlikely to go wrong Some of my University colleagues can read ASCII fluently from hex dumps This meant that the only problem when transmitting data as Strings was to correctly parse the contents of the String Unicode being a multibyte encoding adds another step You must first parse the String before you can get started on the content Now parsing is one of the problem areas that is known to cause security issues One of the key problems is that the same String may get parsed differently in one program than in another A good contemporary example of this is having and html sanitizer thing that stops XSS speak bit different dialect of HTML than the browser that the user is using If these bits disagree on the interpretation of some String the sanitizer might judge it to be free of scripts and other malicious items while the browser could interpret things slightly differently and start executing bits of the input as scripts Using the same channel for control and content must be worth more than the billion dollar mistake of including null in programming languages Now this is exacerbated by Unicode since not all Unicode parsers agree on all sets of bytes Mostly it is the illegal Unicode sequences that get handled differently For example e is an invalid Unicode sequence and one Unicode parser might judge it to be one illegal character while another could be more lax and interpret it as three ã x and Now to put this into web context the last of the three could be a problem sinceit would allow XSS through attribute values Concluding thoughtsAs a software engineer Unicode puts a lot of complexity on my table and much of that I really wouldn t need The individual gotchas listed above are not so hard to handle by themselves but the effect their presence has on the whole system can be significant Now you need to decide what kind of strings you allow in your system you need figure out how to properly normalize them how to eliminate homoglyphs and strip and trim whitespace The problem with this is that all such things must happen uniformly If you normalize a String in a certain way in one bit of your program and some other bit does it differently you have an inconsistency or a security issue at the worst You also have to take this into account because well mistakes happen and try to record precisely what has been done to each String so you can take that into account when using them And unfortunately no you cannot just fix your strings at every use point Some string operations are only safe to do once or you lose information or worse You need to know and track the semantics of Strings to know what steps you need and what steps you can t take in the context you are working on	2021-08-20 16:47:49
海外TECH	DEV Community	Pin Match JS	https://dev.to/alsiamworld/pin-match-js-3m2k	Pin Match JS daysofcode day Today I did a pin match You can create a pin and if it matches it will show you success otherwise it will show you an error live Site DEVCommunity bootstrap webdevelopment	2021-08-20 16:29:06
海外TECH	DEV Community	Portfolio Website Design with HTML & JavaScript	https://dev.to/anikets_1801/portfolio-website-design-with-html-javascript-4la2	Portfolio Website Design with HTML amp JavaScriptHello Dear Developers In this post we ll create a Portfolio Page design using HTML CSS amp Some of the Powerful JavaScript Animations from GSAP Library Follow the Below Given link to watch full tutorial along with me Click to watchIf you want to skip the tutorial and want to grab the source code follow below given Repo link Repository Link Outline Intro Structure Setting CSS Wrapper Left Menu Logo Social Icons Nav Large Text Red Box See Photos Desc Content Slide Overlay Navbar Links JS TweenMax GSAP AnimationsThanks for watching Happy Coding	2021-08-20 16:25:32
海外TECH	DEV Community	Time Management for Programmers	https://dev.to/alecbsherman/time-management-for-programmers-ge3	Time Management for ProgrammersYou have too much work and it s impossible to get it all done in or even hours per week This is often the case for successful talented software developers Your time is valuable so how do you schedule your time to increase your productivity This article is not about coding tips like writing macros and using coding standards I have a Coding Standards video about that This is about prioritizing tasks and optimizing how you schedule your time This article is also available in video form First Step Make a ListWrite down all your current tasks You re not writing a functional or technical here Just one liner descriptions of each to do item If the item doesn t need to be done this week it should not even be on the list If you re worried you ll forget it then put it in a separate list for To Do Later but have that in a separate document The whole process of making your list and prioritizing it should not take more than minutes If the task list is really long it could take up to an hour but then you ll be in a much better place for the whole week Once you have your full list and you ll be adding to this during the day then you want to move the tasks into three categories Tasks where people are waiting on me before they can continueTasks you can delegateEverything elseIn most cases you want to take care of the first two categories first That way other people can be productive and working on the project while you are being productive If you are part of a team and other staff cannot do their job until you finish yours this really should be your top priority You don t want to finish a month long task and then the company has to wait another weeks for someone to do their part because they couldn t start until you delivered a module Work on the module they need first so they can be productive while you finish your other tasks Tasks You Can DelegateThese can be little easy things that are tedious and time consuming Like updating the company Wiki regarding the project you are working on Creating test data sets Writing an API integration Or tasks that just make your life easier like setting up a development server setting up the social media accounts which will later be needed once the project is completed Picking the icons and graphics to be used by the user interface Do you have a technical problem that you can submit to a forum or to the company providing an API you are working on Don t let your OCD lure you into wasting hours because you don t want to let this puzzle get the best of you Note if you are not overloaded with work you should reach out to some high level techs you know and offer your services Offer to create test data provide unit testing write the user documentation or build the OOP API integration they need Even choosing all the icons to use for the app can save them an hour or two Quit Unnecessary TasksOne way to be more productive is to stop wasting time on things you can avoid Notify your manager that you are overloaded and in order to meet deadlines you will need to reduce the number of mandatory meetings you go to In your personal life order groceries online and let them deliver This can save you hours every week I could go on but basically if you are overloaded with work also look to see if there are non work activities that are taking up a lot of your time which you can delegate quit or find alternatives to If you are earning good money consider hiring someone to do these tasks Don t waste your time mowing the lawn when you can hire someone to do that Now to Prioritize Everything ElseNow to sub categorize the remaining tasks based on Mental Acuity Requirementcomplexeasyno challenge Complex TasksThese include programming and anything else that you find mentally challenging When coding even a single character could cause a crash or problem that takes literally hours to debug put a colon in where there should be a semi colon and you have a big problem in most languages Coding is not the only complex task If you make a bad design decision it could have a long term negative impact on the project so database design and similar activities should be in the Complex category Easy TasksWhat is easy for one person may be complex for others Like designing and creating SQL table definitions The relational DB design regarding how it will integrate with the rest of the database may be complex but the creating of the SQL scripts to make the tables after the conceptual design is outlined may be Easy Similar with writing functionals or help documentation Generally things you have done hundreds of times before and a single character being off won t crash the program should be considered Easy tasks for you Put the ones that are time sensitive as highest priority for this category For example Registering for an APIRegistering for a developer account from AppleApplying to join a group or anything that has an application processSubmitting a bug to a third party tool you useDo these things first so you can be productive while waiting for responses No Challenge TasksThese tasks must be done and sometimes are very time consuming but just aren t mentally challenging Like picking icons for your user interface and navigation Or creating test data Do not squander your best mental acuity hours working on these menial tasks Now hopefully you can delegate some of these tasks to someone else If not then postpone them to end of day when you are not at your best Sometimes these can even be done as multi tasking projects For example this week I was on an obligatory hour Zoom meeting where my interaction was only required of the time During the other of the time I multi tasked and created new thumbnails for YouTube videos In The ZoneMost people do not take into consideration that every human has peak and off peak times for their mental acuity Figure out when you are at your brightest during the day When you can get in the zone and really focus As an example when a programmer is in the zone they can accomplish a task in minutes That same task can easily take minutes if distracted they make a typo or they didn t think far enough ahead to realize a design flaw If that happens times in a day then what could have been completed in minutes now took hours Your goal is to get in the zone and do the most complex tasks during that time When you really want to focus and get in the zone remove all distractions No email put your phone in airplane mode close your door or have some visual indicator to let people know not to bother you Only work on the Complex tasks while you are in the zone Don t squander these peak productivity times SummaryWith all this in mind you should schedule your complex mental tasks for when you are at your peak mental ability each day Schedule your tasks in the Easy Mental Tasks category for the rest of the day Don t schedule the No Mental Requirement tasks at all These tasks you do when eating lunch multi tasking during a Zoom meeting or on your laptop while unwinding and watching Netflix Also if you want to increase productivity do not multi task while working on complex or even easy mental tasks You may think it doesn t have a big impact on your effectiveness but having a video on in the background is going to slow you down Put on music instead	2021-08-20 16:12:58
海外TECH	DEV Community	Those “Pesky” Pull Requests are Totally Worth It	https://dev.to/linearb/those-pesky-pull-requests-are-totally-worth-it-578b	Those “Pesky Pull Requests are Totally Worth ItPretty much everyone does code reviews They ve been around a long time I remember back in my Borland days when the Chief Scientist would come in every morning and review all the code that had been checked into the Subversion repository the previous day and send emails out to folks whose code wasn t up to snuff That s old school Slightly less old school Saving all the check ins up until Friday for the Dev Leads and or Dev Managers to review and approve Both of these techniques leave a lot to be desired ーthe main thing being a complete lack of interaction between the developer the code and the reviewer Code Reviews have a number of purposes Probably the most important one is preserving the quality and integrity of the code in the repository Even the two old school ways above do that But almost as important is the learning opportunity that code reviews can provide If the only feedback a developer gets from a code review is mistakes in formatting or other trivial things like that then nobody learns and gets better The old school ways above provide for few opportunities for a developer to increase their skills To provide learning opportunities code reviews evolved into meetings where everyone looked at the code written that week and commented on it criticized it or otherwise ran it through the gauntlet This did provide a learning opportunity for developers but it took more time as it was synchronous and required all code to wait for the next scheduled meeting to be reviewed Now almost no one is doing these old school code reviews anymore All the cool kids are doing pull requests Some folks call them “merge requests Pull requests have a number of advantages over the previously mentioned methods including Being done completely asynchronously but in public for all to see No one needs to wait to review the code ーit can happen almost immediately after a pull request is issued A history of all the comments stays with the code in a repository This allows a developer to come back to the code a year later and see all the thought that went into writing it Pull Requests can be tracked monitored and measured A whole lot of good things can come out of that Should you do code reviews at all Interestingly some say no you shouldn t Not only is Jessica Kerr a great speaker and a good Twitter follow but she also has some interesting ideas about code reviews in her article of March entitled “Those pesky pull request reviews In fact she doesn t like pull requests and argues that you should sidestep them by just working on a given task as a team so that everyone sees everything as the work gets done She believes that pull requests work great for open source projects where a “team is really a set of individuals coordinating work together For true development teams she believes that if a team all works together on a single task everyone learns and understands the code and thus there is no task switching between coding and doing pull requests because the pull requests are unnecessary Jessica s idea is radical ーbasically going beyond Pair Programming and moving into mob programming Mob programming is the idea of having whole teams work together on projects in serial rather than individually in parallel Mob programming can eliminate the need for pull requests by causing all of the communication and learning to take place during the coding phase without any review Not a FanI m having a hard time agreeing with her idea for a couple of reasons The transaction costs are too high It seems to me that having four people work on a project together makes for many communication channels increases the likelihood of interruptions and reduces the amount of code that will actually get written It s sort of a “Too many cooks spoil the broth notion It doesn t capture the discussions and history that will remain long after the code is committed One of the most important and powerful benefits of pull requests is the learning that can take place during and even long after code has been reviewed and deployed Finally ーnot all projects are conducive to multiple team members working together Some are small and multiple people working together would be overkill Some are esoteric and require the focus of one person Some will match the team and can be worked on together There s no one size fits all solution for all projects Finally not doing pull requests pretty much eliminates all the benefits of metrics systems like LinearB Tracking the progress of pull requests and code reviews through the pipeline is a critical process for knowing how your team is performing Without that you can t measure things and if you can t measure things you can t improve As part of a discussion about code reviews Rob Kraft one of the Development Leaders in our vibrant Dev Interrupted Discord Server you should join made the following comment that I agree with I think that what Jessica needs is a good look at LinearB Let me address some of her more specific objections “Let s face it nobody wants to review pull requests Well I don t think that is true We here at LinearB see customers every day that are doing pull requests efficiently and effectively Sure pull requests can be hard and nobody wants to do them if you aren t correctly incenting the team to create pull requests that are easy to review No one likes a huge pull request But through monitoring metrics like Pull Request Size you can encourage your team to create small easy to review pull requests And voila People don t hate pull requests anymore “They re a social interaction minefield People complain that code reviews can cause strife on a team Well so can conversations during Mob Programming I m not sure that I see a distinction And if doing a code review causes strife then you have a cultural problem that no development methodology is going to solve “We could blame the people We could nag them more We could even automate the nagging Well if code reviews are small concise and easy to do “automating the nagging via our WorkerB product is usually more than enough to get the ball rolling and keep it rolling Notifications and tracking of any reviews that do happen to languish keep things moving as well LinearB customers have seen drastic improvements in code pipeline productivity as a result of this so called “nagging “Maybe instead of trying to work a bit more together we could work together Well sure but if you do that checking in code without a process of pull requests and code reviews well then you aren t getting all the benefits listed above nor those of a metrics tool that can show you what your Cycle Time is doing And I don t believe that mob programming will prevent the cultural problems that can arise from code reviews People will be people whether in a mob programming environment or in an asynchronous code review process Bottom LineOkay ーso what rubber is hitting the road here If pull requests and code reviews are hard and people don t want to do them then you are doing them wrong So the trick is to make them easy to do We here at LinearB see many many customers improve their Cycle Time and their overall software development process by using and tracking pull requests By combining metrics tracking around pull requests with tools like WorkerB many many development organizations have seen smaller pull requests better reviews shorter Cycle Times and an overall sense that things are really humming Monitoring things like the size of pull requests when pull requests are assigned picked up and commented on as well as monitoring the depth of reviews that take place all create an environment of small discrete easy to review pull requests And of course if you want to find out more about what our customers already know you can book a free demo of LinearB In the end while her ideas are intriguing and thought provoking I can t say I agree with Jessica s argument There doesn t seem to be any good reason not to do pull requests with code reviews Jessica s blog post can be read on her Jessitron blog and you can follow her on Twitter at jessitronIf you haven t already heard Dev Interrupted is hosting INTERACT The interactive community driven digital conference that takes place September th Designed by engineering leaders for engineering leaders INTERACT will feature speakers s of engineers and engineering leaders and is totally free Register NowIf you haven t already joined the best developer discord out there WYD Look I know we talk about it a lot but we love our developer discord community With over members the Dev Interrupted Discord Community is the best place for Engineering Leaders to engage in daily conversation No salespeople allowed Join the community gt gt Originally published at on June	2021-08-20 16:01:45
Apple	AppleInsider - Frontpage News	T-Mobile says 5.3M more customers affected by breach, IMEI data stolen	https://appleinsider.com/articles/21/08/20/t-mobile-says-53m-more-customers-affected-by-breach-imei-data-stolen?utm_medium=rss	T Mobile says M more customers affected by breach IMEI data stolenT Mobile has confirmed that a massive data breach affecting both current and former customers is now worse than it originally reported Credit T MobileThe carrier on Friday confirmed that leaked information for million current postpaid customers also included phone numbers and International Mobile Equipment Identity IMEI numbers which are unique identifiers assigned to every mobile device T Mobile has been investigating the data breach and sharing more details as they come to light Read more	2021-08-20 16:12:44
Apple	AppleInsider - Frontpage News	Best Deals August 20 - $39 JBL AirPlay 2 speaker, Monoprice essentials, free Quake II	https://appleinsider.com/articles/21/08/20/best-deals-august-20---jbl-airplay-2-speaker-for-39-monoprice-essentials-free-quake-ii?utm_medium=rss	Best Deals August JBL AirPlay speaker Monoprice essentials free Quake IIFriday s best deals include paying nothing for an iPhone SE through Cricket weekend iTunes deals and a Lenovo in laptop Best deals for Friday August Shopping online for the best discounts and deals can be an annoying and challenging task So rather than sifting through miles of advertisements check out this list of sales we ve hand picked just for the AppleInsider audience Read more	2021-08-20 16:14:55
海外TECH	Engadget	Researchers say they built a CSAM detection system like Apple's and discovered flaws	https://www.engadget.com/princeton-university-researcher-apple-csam-oped-162004601.html?src=rss	Researchers say they built a CSAM detection system like Apple x s and discovered flawsSince Apple announced it was working on a technology for detecting child sexual abuse material CSAM the system has been a lightning rod for controversy Now two Princeton University academics say they know the tool Apple built is open to abuse because they spent years developing almost precisely the same system “We wrote the only peer reviewed publication on how to build a system like Apple s ーand we concluded the technology was dangerous assistant professor Jonathan Mayer and graduate researcher Anunay Kulshrestha wrote in an op ed The Washington Post published this week The two worked together on a system for identifying CSAM in end to end encrypted online services Like Apple they wanted to find a way to limit the proliferation of CSAM while maintaining user privacy Part of their motivation was to encourage more online services to adopt end to end encryption “We worry online services are reluctant to use encryption without additional tools to combat CSAM the researchers said The two spent years working on the idea eventually creating a working prototype However they quickly determined there was a “glaring problem with their tech “Our system could be easily repurposed for surveillance and censorship Mayer and Kulshrestha wrote “The design wasn t restricted to a specific category of content a service could simply swap in any content matching database and the person using that service would be none the wiser That s not a hypothetical worry either they warn The two researchers point to examples like WeChat which the University of Toronto s Citizen Lab found uses content matching algorithms to detect dissident material “China is Apple s second largest market with probably hundreds of millions of devices What stops the Chinese government from demanding Apple scan those devices for pro democracy materials Mayer and Kulshrestha ask pointing to several instances where Apple acquiesced to demands from the Chinese government For example there s the time the company gave local control of customer data over to the country “We spotted other shortcomings Mayer and Kulshrestha continue “The content matching process could have false positives and malicious users could game the system to subject innocent users to scrutiny Those are concerns privacy advocates have also raised about Apple s system For the most part Apple has attempted to downplay many of the concerns Mayer and Kulshrestha iterate in their opinion piece Senior vice president of software engineering Craig Federighi recently attributed the controversy to poor messaging He rejected the idea the system could be used for scanning for other material noting the database of images comes from various child safety groups And on the subject of false positives he said the system only triggers a manual review after someone uploads images to iCloud We ve reached out to Apple for comment on the op ed nbsp Despite those statements Mayer and Kulshrestha note their reservations don t come from a lack of understanding They said they had planned to discuss the pitfalls of their system at an academic conference but never got a chance because Apple announced its tech a week before the presentation “Apple s motivation like ours was to protect children And its system was technically more efficient and capable than ours they said “But we were baffled to see that Apple had few answers for the hard questions we d surfaced	2021-08-20 16:20:04
海外TECH	Engadget	T-Mobile says data for 6 million additional customers was compromised in breach	https://www.engadget.com/tmobile-data-breach-number-of-people-affected-cyberattack-160353536.html?src=rss	T Mobile says data for million additional customers was compromised in breachT Mobile says millions more people have been impacted by its recent data breach than initially believed In a Securities and Exchange Commission filing the company said an additional million or so accounts were affected taking the total to more than million On Wednesday T Mobile disclosed that data from around million former or potential customers had been compromised in a cyberattack The data included names birth dates social security numbers driver s licenses and information from other types of identification The company now says another accounts of former customers were accessed with attackers obtaining some personal data from those but no SSNs or ID details In the previous disclosure T Mobile said approximately million current holders of T Mobile postpaid accounts were impacted with attackers gaining at least some customers personal data The company now says phone numbers and IMEI and IMSI details identifiers for mobile devices and SIM cards respectively were compromised as well On top of that T Mobile has identified another million affected postpaid accounts No SSNs or driver s license identification details were compromised from those the company said but the attackers accessed other identifiable information Around active T Mobile prepaid customers have been impacted as well The attackers may have garnered up to names connected to current Metro by T Mobile accounts too Accounts of former Sprint prepaid and Boost Mobile customers are unaffected Other data was stolen in the cyberattack including additional phone numbers and IMEI and IMSI numbers but the company claims there was no personally identifiable information in those files Meanwhile T Mobile still has quot no indication quot that customer financial details such as credit card data were affected A member of an underground forum claimed over the weekend to have data for more than million T Mobile customers They reportedly attempted to sell information of around million of those for about worth of Bitcoin T Mobile s investigation into the breach is ongoing and it will provide more details if it finds more affected accounts The company says it s quot confident that we have closed off the access and egress points the bad actor used in the attack quot and that it has taken steps to mitigate the impact on customers For instance it has offered two years of identity protection service to anyone who thinks they might have been affected	2021-08-20 16:03:53
海外科学	NYT > Science	What to Know About Boosters if You Got the Johnson & Johnson Vaccine	https://www.nytimes.com/2021/08/18/health/coronavirus-johnson-vaccine-booster.html	What to Know About Boosters if You Got the Johnson amp Johnson VaccineHealth experts say that boosters are likely to be needed eventually and that more data should be available in the next several weeks	2021-08-20 16:18:03
ニュース	BBC News - Home	Afghanistan: Boris Johnson says he has full confidence in Dominic Raab	https://www.bbc.co.uk/news/uk-politics-58283588	foreign	2021-08-20 16:29:43
ニュース	BBC News - Home	Covid: Antibody therapy wins approval and NI sees cases surge	https://www.bbc.co.uk/news/uk-58284145	coronavirus	2021-08-20 16:34:31
ニュース	BBC News - Home	Army supporting ambulance services in England	https://www.bbc.co.uk/news/health-58281665	ambulance	2021-08-20 16:01:14
ニュース	BBC News - Home	Stunning fightback helps Oval Invincibles storm into women's Hundred final	https://www.bbc.co.uk/sport/cricket/58284412	Stunning fightback helps Oval Invincibles storm into women x s Hundred finalOval Invincibles fight back from the brink in stunning style to reach the inaugural women s Hundred final with a run win over Birmingham Phoenix in the eliminator	2021-08-20 16:43:27
ニュース	BBC News - Home	UK government's Covid-19 test scheme shows mass events 'can be conducted safely'	https://www.bbc.co.uk/sport/58284983	UK government x s Covid test scheme shows mass events x can be conducted safely x Data from the UK government s Covid pilot scheme to test the return of big crowds to venues shows major events can be conducted safely	2021-08-20 16:27:02
ニュース	BBC News - Home	Covid-19 in the UK: How many coronavirus cases are there in my area?	https://www.bbc.co.uk/news/uk-51768274	cases	2021-08-20 16:45:11
ビジネス	ダイヤモンド・オンライン - 新着記事	AIに賭けるマスク氏、次はヒト型ロボット開発 - WSJ発	https://diamond.jp/articles/-/280154	開発	2021-08-21 01:16:00
北海道	北海道新聞	市街地出没のクマ駆除強化　周知へ警報発令　道管理計画素案	https://www.hokkaido-np.co.jp/article/580433/	駆除	2021-08-21 01:18:56
北海道	北海道新聞	道への緊急事態宣言発令、判断は来週　政府が対象拡大検討	https://www.hokkaido-np.co.jp/article/580371/	緊急事態	2021-08-21 01:17:04
北海道	北海道新聞	ドイツ公共放送記者の家族射殺　タリバン、本人はドイツで勤務中	https://www.hokkaido-np.co.jp/article/580471/	公共放送	2021-08-21 01:01:00
Azure	Azure の更新情報	Version 2.x of the Azure Cosmos DB .NET SDK will be retired on 31 August 2024	https://azure.microsoft.com/ja-jp/updates/action-required-update-your-azure-cosmos-db-net-sdk-to-version-3-by-31-august-2024/	august	2021-08-20 16:49:08
Azure	Azure の更新情報	Tomcat 7 reached End-of-Life on 23 March 2021	https://azure.microsoft.com/ja-jp/updates/transition-to-tomcat-85-or-90-by-29-july-2022/	march	2021-08-20 16:47:17
Azure	Azure の更新情報	H-series Azure Virtual Machines will be retired by 31 August 2022	https://azure.microsoft.com/ja-jp/updates/hseries-azure-virtual-machines-will-be-retired-by-31-august-2022/	august	2021-08-20 16:45:12
Azure	Azure の更新情報	Release annotations using API keys will be retired on 31 August 2024	https://azure.microsoft.com/ja-jp/updates/transition-to-new-release-annotations-in-application-insights/	application	2021-08-20 16:41:48