Plenty of good articles today, but we are going to focus on security. On Threatpost, they discuss how a kids toy can be used to open fixed-code garage doors in 10 seconds. Granted, the toy is “enhanced” a bit, but it goes to show how easy it is to crack some things. Sakurity reports on a MongoDB BSON injection issue and Ruby regexps. On a related note, SecurityTracker details a PCRE heap overflow in regex processing allowing arbitrary code execution.

As always, enjoy today’s items, and please participate in the discussions on these sites.

Startups, Career and Process

• The Five Measures Canvas for Agile Transformation | Javalobby
• Have we lost the art of “Agile”? | Javalobby
• Agile is Punk – Agile is Democracy | Allan Kelly

Development

• Distributed Systems Are a UX Problem | Brave New Geek
• On Parsing C, Type Declarations and Fake Headers | Python Zone
• Localization Technologies at Netflix | The Netflix Tech Blog
• Classes are Expressions (and why that matters) | raganwald
• Webpack lazy loading on Rails with CDN support | Swizec Teller
• Quasar and Kotlin – a Powerful Match | Parallel Universe
• CodeMotion 15 – Takeaways from “Measuring micro-services” | The Burning Monk

Concurrency, Performance and Scalability

• Paper: Heracles: Improving Resource Efficiency at Scale | High Scalability

AI, Machine Learning, Research and Advanced Algorithms

• Mystery curve | John D. Cook
• Artificial intelligence? | O’Reilly Radar
• Airbnb announces Aerosolve, an open-source machine learning software package | Venture Beat

Big Data, Visualization, SQL and NoSQL

• Peter Fenton’s latest investment is a database startup called Cockroach | Venture Beat
• Native multi-model can compete with pure document and graph databases | ArangoDB
• Bitcoin Network Capacity Analysis – Part 2: Macro Transaction Trends | TradeBlock

Infrastructure, Operations and DevOps

• Deploying Web Application Using Vagrant | Javalobby

Security, Encryption and Cryptography

• Mongo BSON Injection: Ruby Regexps Strike Again | Sakurity
• Redis EVAL Lua Sandbox Escape | Ben’s Blog
• PCRE Heap Overflow in Regex Processing Lets Users Execute Arbitrary Code | SecurityTracker
• Using Toys to Open a Fixed-Code Garage Door in 10 Seconds | Threatpost
• How apps track your location without asking for permission | Trustlook News

IaaS, PaaS, Saas and *aas

• Getting started with AWS IAM | Java Code Geeks

Fun and Other stuff

• Yahoo announces plans to kill off Maps, Pipes, GeoPlanet and PlaceSpotter APIs, & some regional sites | Venture Beat
• Better battery life for your laptop | Google Chrome Blog

Link Collections

• Dew Drop – June 4, 2015 (#2028) | Morning Dew