Writing bad code is easier than you think, the UK is going to start snooping, and more software news

A busy holiday season in SWE and tech. Read on...

Share this using the hashtag #SWE.

When everyone involved calls a law the “Snoopers’ Charter,” it might be a bit invasive. Nevertheless, this is happening in the United Kingdom, with the not-at-all-Orwellian “Investigatory Powers Bill” receiving royal assent tomorrow. Sir Tim Berners-Lee (one of the inventors of the World Wide Web) says the passing of the bill will lead to “dark, dark days.”

Amazon’s productizing AI: At AWS re:invent, Amazon announced three commercially-available tools to make it easier for others to tap into the company’s artificial intelligence smarts — including image recognition, text-to-speech, and natural language processing technology.

Practice accessible engineering by unplugging your mouse. LinkedIn Next Waver Jeffrey Wieland sat down with us for an interview about why accessibility matters in software engineering — and how to achieve it.

The case for good dev tools on limited platforms: Jay Rodgers from headmelted writes about why development tools matter on platforms that aren’t “sold for development,” including Chromebooks and the Raspberry Pi. Spoiler alert: Enabling experimentation on cheap, popular platforms is the only thing that will keep the next generation of programmers going.

Every day is Monday in Operations. Boy howdy, isn’t that true? As a former ops person myself, just reading the title of this piece gave me flashbacks to what that life was like. My colleague, LinkedIn senior manager Ben Purgason, writes a series of war stories and lessons learned from operating LinkedIn featuring anecdotes from the incomparable David Henke.

How do perfectly sane people end up writing terrible code? Simple question with a complex answer from Argentina-based senior web developer Christian Maioli Mackeprang. The post features tons of anti-patterns that you should avoid to make your code better.

Data can answer many questions, including finding the ‘rogue trains’ thatplagued the Singapore metro’s Circle Line. Read this account from the people behind Singapore’s open data portal about how they found a problem with the service and were able to isolate it, thanks to data.

Google Analytics used to be called Urchin, and this post gives a great look at its history. Google Analytics is now on almost every major website, but it wasn’t always that way. Take a glimpse into the history of the product formerly known as Urchin, and learn about how it grew into the juggernaut it is today.

Update an aircraft GPS using a homemade adapter and a cobbled-together DOS program. Speaking of war stories… this is a doozy, providing us with an example of someone not being willing to just “buy the new one” but instead making the existing one last. The only catch is that it is probably not legal to fly an aircraft relying on this GPS, so like most hacks, it’s more for bragging rights… however, Dmitry Grinberg (a Google software engineer by day) has well-earned bragging rights, thanks to this.

Muni is hacked, physical USB ports are hacked (really), AirDroid is hacked, lessons from Dyn’s DDoS, and more in the Security Corner:

• In news that I’m certain surprised absolutely nobody, the San Francisco Municipal Transportation Agency had nearly all of its ticket machines and fare station terminals infected with a cryptolocker, providing free rides and many sleepless nights for SFMTA employees. In news that probably surprised at least someone, the hacker who owns the email account associated with the cryptolocker was himself hacked by a different security researcher.
• For $50, you too can physically wreck many USB devices. And no, it isn’t “wire one end to +5V and the other end to AC,” this is something that just looks like any other USB device but has the wonderful side effect of frying hardware. Epoxy never looked so good.
• AirDroid, a popular remote management app for Android devices, turns out to have a huge man-in-the-middle vulnerability, which is still exploitable even in the newest version of the app. If you have it installed, probably a good time to get rid of it. (The updates are delivered over HTTP, and they’re encrypted using DES, with a key of ‘890jklms’. Yeah.)
• Bruce Schneier writes about what we should have learned from the Dyn DDoS attack. The bad news: it’s going to get worse before it gets better, and there’s no guarantee there’s an easy fix waiting in the wings. The good news: well… maybe eventually we’ll build more resilient networks?

As always, we’re continuing to experiment with the best way to deliver this content. If you have feedback, or think there’s something I should cover next time, leave a comment!

Cover photo: A city reflected in the lenses of binoculars. ? Paul Biris / Getty