James Abley jabley

In large organisations, you probably use teams to manage maintainer access to repositories. So here are a couple of scripts.

list-team-repos.sh will recursively enumerate all repositories visible to a particular team. Recurisive because teams might be nested and so child teams will grant access to further repos.

check-private-vuln-reporting.sh will list (and can be tweaked to set) private vulnerability reporting for a list of repos in the format emitted by list-team-repos.sh.

Both scripts use the gh CLI tool and you'll need to gh auth login first to run them.

CoEd:Ethics

Introduction by Anne Currie (@anne_e_currie)

Why are we here?
- Is there a problem with ethics in and around technology use at the moment?
- If there is an issue, what can we as engineers do about it?
  - What might stop me?
  - How can I get around that?
There is a workbook for the conference
- It looks a bit like the ones DareConf used to do

My client is a global retail giant that are about to embark on an overhaul of their digital products. The business have recently hired a very influential Global Digital Director who is now starting to implement their plan, which is seeing many changes throughout the business. To support their proposed digital roadmap they have identified the need for a Head of UX that will play a very influential role.

The business have gone through various changes over the past few years with the introduction of product management and more recently the creation of a digital lab. The latter has been great a vehicle to promote and foster innovative design thinking in a blue chip organisation. However as the business looks to restructure their various channels and products, the lab teams will be dispersed in to the various product teams to ensure its consistent throughout the business.

In addition to the Director hire, there is another pivotal new hire to the business who will be overseeing Product, UX and Delivery. The futur

Overview

The UK has just seen one of the most vile political campaigns in recent times. Both sides made claims which were demonstrably false. There are no penalties or incentives which prevent this.

We urge the government to create an independent body to regulate political campaigns.

Background

The Advertising Standards Authority (ASA) has the power to ban or change misleading commercial advertisements.

Fraud detection

People are scaling
- Some parts of government can throw people at the problem
Delays inherent in the financial system can be helpful
batch jobs/overnight things can help fraud teams have the time to detect it
Things seeem based on:
- IP address
- new customer?
- value of transaction
and scoring a transaction to see whether it should be flagged

It has been a bit horrifying to watch the BitKeeper saga unfold. Not that it's surprising of course that Larry rescinded the BK Linux license; if you know Larry or even know of him, you know that Larry's tragic flaws -- hypersensitivity, volatility and vindictiveness -- made this an inevitability of sorts1. So the horrifying bit has not been the act itself, but rather the specific reason that Larry cited when rescinding the license: he seems to have taken issue with Tridge's attempt to reverse engineer the BitKeeper protocols. This rankles; I (like many engineers, I suspect) view reverse engineering as a Natural Right. That is, I believe that we are endowed with certain unalienable Rights, and that among these are Life, Liberty and the pursuit of Understanding how the hell something works (or doesn't, as is frequently the case). Perhaps perversely to some, it is my strong belief in the right to reverse engineer that lea

	package main

	import (
	"encoding/base64"
	"log"
	"os"
	)

	func main() {
	b64 := "R0lGODlhAQABAID/AP///wAAACwAAAAAAQABAAACAkQBADs="

	> git clone https://git.haskell.org/ghc.git
	Cloning into 'ghc'...
	remote: Counting objects: 429508, done.
	remote: Compressing objects: 100% (89887/89887), done.
	Receiving objects: 20% (85902/429508), 15.03 MiB \| 2.85 MiB/s Receiving objects: 21% (90197/429508), 17.63 MiB \| 3.24 MiB/s Receiving objects: 22% (94492/429508), 17.63 MiB \| 3.24 MiB/s Receiving objects: 22% (96993/429508), 20.26 MiB \| 3.63 MiB/s Receiving objects: 23% (98787/429508), 20.26 MiB \| 3.63 MiB/s Receiving objects: 24% (103082/429508), 23.11 MiB \| 4.03 MiB/s Receiving objects: 24% (105088/remote: Total 429508 (delta 323225), reused 426618 (delta 320966)
	Receiving objects: 100% (429508/429508), 98.99 MiB \| 8.95 MiB/s, done.
	Resolving deltas: 100% (323225/323225), done.
	Checking out files: 100% (12695/12695), done.
	> cd ghc
	> git submodule -q update --init --recursive

	platform: linux

	image_resource:
	type: docker-image
	source:
	repository: maven
	tag: latest

	inputs:
	- name: git-repo

	~/gocode/src/github.com/elazarl/goproxy > dlv test
	Type 'help' for list of commands.
	(dlv) b https.go:376
	Breakpoint 1 set at 0x85ad2 for github.com/elazarl/goproxy.TLSConfigFromCA.func1 ./https.go:376
	(dlv) c
	> github.com/elazarl/goproxy.TLSConfigFromCA.func1() ./https.go:376 (hits goroutine(222):1 total:1)
	371: return nil
	372: }
	373:
	374: func TLSConfigFromCA(ca tls.Certificate) func(host string, ctx ProxyCtx) (*tls.Config, error) {