"The Weakest Link In The Blockchain (and how to not be it.)"
This will be a whirlwind tale of security, cryptocurrency and intrigue. I will be telling the story of the world’s first Bitcoin exchange, and giving attendees tips and hints on staying secure in the crypto world.
#NoEstimates - doing Scrum without Estimates
Estimates have always been an integral part of the software development process. By estimating the amount of time, money, and effort, managers can better predict budgets and meet project goals. At least that’s the theory behind the widespread and often unquestioned use of estimates in the IT industry today.
However, recently we have finally begun to question the efficacy, and even the purpose, of using estimates. Estimates can not only be inaccurate and a waste of time, but they can be downright destructive, by creating an environment of fear where the developer is pressured to estimate outcomes based on what’s desired, not on what’s realistic.
I want to highlight an alternative approach to estimates and story points and showcase the potential benefits that can be gained for the future of software development.
Key Takeaways: accurate estimations are an unrealistic unicorn, Story Points are not the only option for estimating.
AI: It's easier than you think
AI is one one of the hottest topics in media and a technology that will be key in our futures. But with all the media hype, it breeds the perception that AI is complicated and requires a plethora of qualifications. As someone who started with no knowledge of the topic and managed to pave a way into this area, I want to inspire others and show that you don’t have to have years of experience to use, learn or understand AI.
This talk will cover personal experiences and tips on getting started with AI and Machine Learning, as well as a few more technical aspects of the subject that will be a brief introduction into using data and creating models . The knowledge shared will be suitable for those with minimal knowledge of the subject all the way up to experienced developers, basically if you are looking to learn something new this is a talk for you!
In giving this talk I hope to guide and inspire the audience to discover and learn a new skill that will be key in years to come. The take aways from this will range from encouragement to try an emerging technology and knowing where to go to learn, to creating a better understanding of where the AI sector is now and where we are going.
API first development with DDD, Go & Goa
APIs are the interface between our users, the business & engineering. We all know these are important and even more so in the microservice world. Goa offers the opportunity to apply the lessons learned from Design Driven Development and apply an API first approach, allowing engineers to write transport agnostic business logic.
goa takes a different approach to building micro-services. Instead of focusing solely on helping with implementation, goa makes it possible to describe the design of your API using a simple Go DSL. goa then uses that description to generate specialized service helper code, documentation, API clients, tests and even custom artifacts via plugins.
Against all odds - a team contributing full-time to Open Source projects in your company
Yes, you know this happens in quite a few cases. Like in companies that open source and contribute a significant part of what they create for their own needs - think Google, Facebook, PayPal. Or like in companies with a primary focus on an open source product as Mozilla for example. Or like in companies that make heavy use of a specific open source platform or tool - and decide to give back through contributing to its development. Or like in working on academic projects funded by public money where the outcome is open sourced. But…
But what if the company you work for doesn’t fit in any of these open source friendly profiles?
Join me for a talk where I’ll share our first-hand experience on how we managed to achieve this - against all odds - and we hope to convince you to try our approach for making a viable case your company would be willing to invest in.
I will tell you the story of how we established and maintain a full-time software development team contributing to openHAB and Eclipse SmartHome projects - and how we made it in a win-win-win scenario (for the company, the team members and the community). And this is without our company having any “need” to do it, nor hardly any direct or indirect interest in making use of the results of the team work or the platforms themselves.
All your packages are belong to us - Protecting your npm dependencies
As technology advances and the applications we build become more complex, the tools that we use to secure the data shared within these products need to follow suit. We need to ensure that we deliver a high standard of protection to users, allowing them them to seamlessly use the product without thinking about security or any potential threat. Even just a thought of any risk could lose us our customers’ trust and therefore millions in investment and in turn threaten our entire business as a whole (including our jobs).
A security breach is a very real problem, both personally as an individual and professionally in a business sense. But we as developers can help fix this problem. In very recent years there has been a number of incidents involving npm dependencies pushing vulnerabilities to consumers or exposing data. This led to the npm team purchasing a security tool to prevent future incidents. These incidents can easily be stopped and further prevented from happening again. NPM is the first main carrier of personal information and it therefore should be where we start to repair these issues.
In this talk we will look back on the previous incidents and do a postmortem investigation on what happened, and how it could have been prevented. We will then take a further look into tools and products that can help protect our applications going forward and some basic best security practices that we all should follow, no matter our application.
Being Intelligence-Led: The Necessity for Threat Intelligence in Cyber Security
Cyber threat intelligence has become a necessity for a multitude of organisations, both private and public, to protect themselves against the omnipresent and dynamic threats that occur in cyberspace. This presentation will take a more in-depth look at what open-source intelligence is, key aspects of intelligence, and how it can be utilised to research and analyse potential cyber threats and vulnerabilities that are posed to organisations in order to help prevent exploitation.
Bridging the gap in Air-Gapped systems
As part of a security research project, I built a data transfer tool in Python which uses high frequency audio signals to send data and commands between systems in order to point out issues with the idea of ‘air-gapping’ a machine to make it secure.
Building a personal home automation setup
This session will describe how the speaker went about building a personal home automation setup that tried to avoid the privacy and security concerns usually seen in these setups. A whirlwind tour will be provided covering building your own IoT hardware, setting up internal systems to remove reliance on a working internet connection and designing to cope with less technical home occupants. Unexpected bonuses will also be discussed, as well as various compromises that have been made in the speaker’s setup that could be improved. This talk will touch upon a number of low level details, but due to time constraints not attempt to go into depth about each of them. Pointers will be provided for those who wish to read up on the details.
Can a developer live in the “post PC” era
With the rise of “serverless” computing could there be a point in the future where developers can also be “computerless”? If a developer had nothing but a mobile device, for example an iPad, what sort of application could they build? In this talk I will attempt test this theory to build a full stack application without the use of a laptop/computer, using swift playgrounds, AWS lambdas and dynamodb.
Cloud First - Building Connections
A success story of the transformation in my development team to become cloud first through the creation of a cloud-based web app that’s completely serverless. Made by Liberty Mutual for an external vendor. Benefits gained in business relations, speed to market, ease of scaling and at a minimum cost.
Collaboration in Practice: How an open source ethos delivers data science
Using an open-source approach, Allstate is developing a suite of products that delivers insights from machine learning and data modeling to help guide business decisions. Agile software development techniques and domain knowledge have been leveraged to create robust enterprise solutions and a small innovative analytics team. This working has lead to the establishment of the Open Hands Software Foundation–a collaborative software community that seeks to solve user problems and improve team workflows.
Compromising AWS for fun and profit
We will demonstrate the ease with which a malicious user can escalate privileges and own an AWS account through a very simple IAM mis-configuration.
This will include a live demonstration on our own vulnerable AWS account and show a number of tools and methods for testing, compromising and protecting your accounts.
Continuous Documentation - This best time is now
Bad or non existent documentations are almost always the ripple effect of not writing documentation when it matters. In this talk I’ll take a quick deep dive into the importance of “Continuous Documentation” and how this is important for creating an amazing developer experience.
The importance of documentation cannot be over emphasised. In todays world where we have several buzz words with the suffix “continuous” e.g. “Continuous Integration”, “Continuous Deployment” etc. I believe it is imperative to introduce the audience to the concept of “Continuous Documentation”. Having encountered a documentation bottleneck at my current role as an Engineering Team Lead I coined the phrase “Continuous Documentation” which in plain language means the “Continuous writing and improvement of documentation along with development” hence the phrase “the best time to write the docs is now”.
Data Art: Creative collisions and getting out of your comfort zone
The technology community is known for being strongly inward looking; we focus on techniques, products, languages, frameworks, and best practices.
However, some of the best outcomes and experiences come from pushing and stretching our boundaries outside of the safety of our wee community.
In this talk, I’ll be discussing some of the creative collisions I’ve come across; from using VR technologies to enable creative expression for disabled musicians, empowering artists to use electronics to connect their art to the wider world, and using science data to drive policy and political engagement.
Data Processing in PHP, and Other Natural Disasters
Using open data and open source to create a natural disaster, to create a web platform to simulate an actual natural disaster that is relative to the places we know and love in Northern Ireland.
This will cover the intersection between web platforms, mathematical simulation and kid-friendly user experience. * open source as a core web platform business model * managing a PHP (Laravel) web framework on Kubernetes, with Gitlab CI * automatic analysis and reporting pulling in from NI open data (backed by an internal CKAN instance) * slicing geospatial time-series data for display, with VueJS and Laravel * managing long-running numerical simulations with Python3, FEniCS and serverless functions * the types of mathematics behind earthquake, flood and volcano modelling
By the end of this talk, you will be familiar with: * how a container-based web platform can be deployed and supported * the linkage from data sources, to web application and numerical modelling * the potential of Laravel, VueJS and Python in a combined stack
Data Science in 30 Minutes
The latest buzzword in technology is ‘Data Science’. The objective of the session is to make you understand the basics of Data Science. Find out the whys and hows of Data Science. Also, to understand the basics of machine learning algorithms. This session is for beginners.
Designers and Developers: No longer a house divided
A belief that design and development have competing interests is an obstacle to successful collaboration. We should all be striving to learn, but the question remains, what exactly should we learn? Maybe it isn’t as simple as “learn to develop” or “learn to design,” but is about learning to communicate and collaborate whilst respecting the nuances of each other’s craft.
However, sometimes the developer’s involvement in the design process seems to be addressed very little. This is a shame, because developers have a huge amount to add to discussions about design. Just like development, designing has rules. I want to share some design rules so that you can become self-sufficient in your own personal projects from design to implementation which in turn should also make you a better collaborator to design team members resulting in the creation of complex and beautiful front-end experiences!
Dev & Test, a Shared Journey!
An overview of how software and testing engineering co-exist in a CI/CD environment.
A new feature is pushed through the pipe from initial inception to production. But what happens in between? Who does what and when should they do it?
Theo and Andrew share their experiences working in a fast moving, multi-project environment. Having come from different perspectives and approaches to evolve a combined view of testing and development ensuring the consistent delivery of high quality software.
Do I have to choose between my team and my work?
We want engineers who ask questions, help each other out, and pitch in. We want close collaboration with a product owner, and communication across teams so that an entire company strives together to accomplish great things.
We also know that engineers need focused time free from distractions to be productive. In a world of constant distraction, what is the right balance and how do we find it?
Easy integration testing with TestContainers
TestContainers is an open source library that allows you to containerise your external resource dependencies, like databases, web browsers, or anything that can run in a docker container!
By making use of TestContainers, we can to develop and run our tests easier, in a more production-like environment, with only Docker as a pre-requisite.
Engineering - The Movie
There are few films in the history of cinema that truly capture the majesty of working in Engineering. For some reason Hollywood has generally avoided this exciting genre, but every once in a while something sneaks through the net…
Enterprise API Strategy
Many Enterprises face the challenges of managing the growth of API’s, controlling data and avoiding duplication, this talk will cover the considerations when forming your strategy and will involve a demonstration of Apache Camel which we have adapted within Allstate.
Everything you don't want to know about Safepoints
Safepoint are an hidden mechanism that is used by the jvm. We will dig a wee bit deeper in the safepoints and check when do you care. and what happens when it goes wrong.
From Acting to Angular: How Transferable Skills have made me a Better Software Developer
Outside of work, I am passionate about acting, music and languages. My talk discusses how these interests have enabled me to become a better software developer.
From ENG to DS: An engineer's path to Data Science
A quick talk on how I got lured into the world of Machine Learning and the steps I took and take to be able to call myself a Data Scientist.
Go Under the Hood: Learning Go the Hard Way
Go is a programming language that was developed inside Google in 2007. The language is now 12 years old and is seeing increased adoption each year. Go is a strongly typed language, all variables are known or inferred at compile time, and was developed for the 21st century with a focus on simplicity and readability. It has a well-designed concurrency model and a modern network stack, which makes it a good language for network-based services. This presentation will take a deep dive into the machine code produced by the Go compiler and see how it stacks up against traditional C/C++ compilers. Additionally, this talk will cover how the Go-types are tracked by the runtime, including interfaces.
Godot Game Engine
This talk will be an overview of the Godot game engine - an impressive open source alternative to Unity that is starting to gain a lot of momentum. It has dedicated 2D and 3D engines that can build to major platforms (desktop, mobile, web and VR). With its rich UI, Godot has in-built editors for coding, visual scripting, shaders, 3D animation blend nodes, tile-maps, 2D skeletons and more. Coding is done primarily in Python-like GDScript but Godot also supports C# and C++. Unlike Unity, Godot does not require registration to use and anything you make with it is 100% yours to own.
Guided Conversation - Junior developers
A Guided Conversation is a meeting where a facilitator comes up with a starting set of questions around a single topic. The group then discuss those questions with 8 minutes given for each question.
During Guided Conversations you introduce the current question and listen for off-topic items. If you think that an off-topic item sounds like something worth discussing, you add it to the list of scheduled questions. Usually it is one of the questions you already have in your deck of cards.
This session is about graduate/junior developers. Sample questions include:
How do you define a junior dev? What can you learn from juniors? How and when do we ask for help? What can we do to build up experience outside of work and how important is it that we do? When are we not junior developers? What are the hardest things about developing an early-stage career? Big cooperate company vs small, start-up company - how do we decide which would be best for us to join?
The session will be for 20 people and last an hour.
Hands-on with Quantum Computing
In this presentation we’ll review the current state of quantum computing, lease a quantum computer in the cloud, and write our first quantum computing program.
Along the way we’ll delve into the physics behind quantum computing and discuss the different approaches to quantum computing the big players are taking.
We’ll also consider what “quantum supremacy” means, and the kinds of problems quantum computing will be able to help us solve.
Finally, I’ll share my recommendations of how you can get started with quantum computing.
How To Learn To Stop Worrying And Love Kotlin
Learning a new language is a scary prospect, its tough finding reasons to break out of the comfort zone.
Kotlin provides the perfect opportunity to get the benefits of a great new language with minimal pain, especially for Java developers.
This talk covers - Benefits and features of Kotlin - Transitioning from Java - Potential pitfalls of Kotlin - Tools / Frameworks available
How to Give a Compelling Technical Talk
Knowing how to code is one thing, but showing someone else how to do it is another. Ever feel like you want to share your knowledge, but don’t know how to communicate it efficiently? Or want to challenge yourself to speak in front of an audience, but don’t feel confident enough?
Come along to learn how to give a compelling technical talk, or see me try explaining it all in 10 minutes. This technique is suitable for everyone regardless of who you are and what level of experience you have, and focuses on conference talks but can also be applied at meetings or presentations.
How to survive an AI hackathon while knowing very little about AI
I recently participated in the AI NI ‘The Good [A]Idea’ Hackathon with next to no knowledge of ML. I did know a bit of JS though, which is obviously going to come in handy… right?
Enter TensorFlow.js - the perfect entry point for an AI newbie and JS fanboy.
In this lightning talk I’ll give an overview of: - our project - what we used to build it - the problems we had - what we learned and what we’d do differently - how I nearly developed carpal tunnel while training our model (see above point)
This talk is aimed at beginners mostly, because I am one too.
Improve your productivity and go minimal!
A brief overview of using a tiling window manager like awesome or i3. The philosophy of suckless.org utilities and decentralisation in general. Showcasing various open source terminal applications with helpful configuration tips and tricks, including the infamous text-editor Vim, file manager ranger, IRC client WeeChat, and more.
Do you really need that new laptop with the hexa-core processor and 32GBs of RAM to do your job efficiently? Would a ten-year-old secondhand one suffice instead? Modern operating systems are fundamentally bloated; sometimes using up to as much as 1.5GBs of memory just on idle! Save yourself, money, resources, time, and ultimately the planet, by opt for something more minimal instead.
Say no to bloatware! After you go minimal you’ll never go back!
Introduction to Azure Machine Learning
Being fascinated with how computers can improve everyday life, I will be demoing a web based application I have created using Azure Machine Learning. The application will help predict clothes I like using a trained model to help me save time from my busy lifestyle.
Introduction to Fuzz testing with AFL
Fuzz testing is the practice of throwing random data at a program and seeing what breaks.
As you can guess if the data is truly random then this can take a very long time to explore a very small part of a program’s functionality.
Previous generations of fuzzers have required extensive intervention by users in order to guide the fuzzer into interesting areas of the programs execution.
AFL instruments the target program and uses this to remember what inputs caused a change in the program execution. This allows AFL to guide itself further into the program with minimal user input.
This talk will be an intro to fuzzing and a practical demonstration of running AFL against a target application to expose otherwise tricky bugs.
Lost In A Sea of Opportunity
Often in school I was told that we should grab every opportunity given, and I have tried to live up to that. However, I have realised that this is different for programming, as often we aren’t grasping for opportunities, we are besieged by them. And perhaps we should be cautious of the workloads we give ourselves.
Make your startup a technical success
Many things can affect the outcome of your startup being a success, don’t let the product be one of them it.
In this talk, you will learn user modelling techniques which will help you choose what to build, a process on choosing the right technology to engineer for rapid development and tips on leading a team through an unknown path.
All delivered by a battle wounded startup CTO
Making Python doubly fast
Everyone loves python because it’s so fast to read and write. However the price we pay is a slow runtime. This talk discusses methods to speed up python by making use of the numpy library in place of for loops
Making Secure Applications the path of least resistance
Developers always want to do the right thing. As shift-left, full stack, microservices architectures, MVPs, agile etc. are now the norm, In a short amount of time the skills required to effectively secure applications has grown exponentially. For years security was someone else’s responsibility, now it is on teams to handle implementations.
Securing one application correctly is a challenge for any team to do. What happens within any small to multinational company when you need to secure 10 to 100s of Microservices within single teams? Everyone wants high speed business value, but also secure applications. These are not mutually exclusive.
Learn how to successfully allow developers to do the right thing by providing good developer experience to secure their applications, and not avoid security until the last minute.
Micro-frontends - reversing the anti-pattern!
Take the microservices paradigm and try to plug It into modern UI SPA frameworks (React, Angular, Vue) and you’ve got yourself a bit of an anti-pattern, right?
This talk will be a deep dive into breaking down a monolithic UI build to reverse the anti-pattern and allow the UI to be compose-able as smaller microservices (micro-frontends).
Once we identify the problem, we will look at the deployment architecture followed by a quick look at what technologies could help us to solve the problem.
Microservices, monorepos, versioning, CI/CD and me
A show and tell of how we went from concept to having a delivery pipeline that releases into our QA environment automatically and safely. I’ll talk through the decisions and tools used getting to where we are right now, how we gate our releases and use unopinionated versioning to our advantage. I’ll also talk about how we progress and get to production.
Packages all the way down
Packages are the building blocks from which our software systems are built. Whether it’s
.rpm packages installed on a server in your data-centre, Python wheels installed in your Docker container, or Go modules compiled into your binary, packages are everywhere.
Package managers are one of the tools we’ve traditionally used to manage the ever growing complexity of our software systems, but these days it’s just as likely for a developer to shove all their source code directly into a Docker container and call it a day. By doing so we’re losing out on years of experience, decades of knowhow and tooling, and making our build and delivery pipelines less efficient and manageable.
Join me for a dive into the history of software packaging and distribution. We’ll explore some of the earliest attempts at making software distribution easier, all the way up to the current state of the art with containers and continuous delivery.
You can have the best of both worlds. Rock solid software packaging and distribution, and modern continuous delivery, without sacrificing the benefits of either.
Planes, Trains and Automobiles: The Internet of Very Big Things
When we talk about the Internet of Things, most people think of things like smart lightbulbs, smart TVs and smart doorbells. But the IoT has some much larger things than that in it. There are huge interconnected systems dedicated to making sure that airplanes know where they are, and container ships don’t accidentally catch fire.
Are cars just “smartphones with a ton of metal attached”? How do the signs on the London Underground know when the next train is arriving? And how do modern-day pirates use spearphishing to help them snare their targets on the high seas?
In this talk we’ll go through the convoluted histories and complicated architectures of the systems that run the vehicles that our modern world depends on. We’ll talk about how they actually helped to lay the foundations of the connected infrastructure we call the “internet of Things”. We’ll look at the consequences of technical debt and cybersecurity vulnerabilities when you’re dealing with And we’ll find out how these systems impact our daily lives without us ever being aware of it.
Produce Early, Produce Often
There are a tonne of great developers out there with fantastic ideas that never see the light of day. There are an equal amount of 3-month projects that span 3 years. Its easy to get caught in the realm of wanting to use the newest exciting technologies and making your code perfect, but code doesn’t (always) pay your salary. This lightning talk delves into the idea that the all-knowing software engineers aren’t always correct, and that maybe your business manager does have a point.
Proofing your career for a year off
Once you start your career in IT taking a year off from it for whatever reason can have a massive impact on it, by taking a number of measures before during and after you can really minimise this impact. This talk will be largely focusing on maternity leaves since they are the most common, but a lot of the advice is applicable for someone who wants to go traveling for a year.
Rapid development of complex analytics solutions using event sourcing and microservices architecture
In this talk we will chronicle our journey into micro-services architecture and event sourcing, and how we took these design principles to push our development throughput to the limit at the “Good (A)idea hackathon” held in NI in April, 2019. We will also show-case our idea; “Bringing content curation into the hands of social media platform users”, the implementation of which incorporates real-time streaming analytics using Apache Kafka, along with multiple continuously retrained machine learning models to stimulate discussions around the designs used, as well as some of the difficulties we encountered.
Resurrecting the past for a modernised future
Modernising legacy applications isn’t always a bad thing, and with the right approach to CI/CD, refactoring and security, etc, you can really enhance something that a lot of people would consider no longer fit for purpose. Also, it’s not as bad for your skillset as some developers might think.
Secrets and the tools that keep them
Secrets management is a discipline becoming increasingly popular in enterprise applications and infrastructure. Done correctly, it can increase the security and agility of engineering teams. Done incorrectly, and it can result in increased complexity, poor security and inefficient development and operations. Using Hashicorp Vault as an example, this talk will describe the design and implementation of a secrets management platform for a large digital transformation project. The audience will come away with an appreciation of what secrets management is, how tools like Hashicorp Vault can be used to build such a platform, and an understanding of the best practices around it.
State Management with Akita JS
Overview of how Akita JS can be used for entity or session state management within angular.
Terraform 101 - a practical example
Infrastructure can be difficult to manage and with so many cloud vendors out there where should you invest your time in learning how to manage all these things? Terraform is a magnificent tool which can be used to manage your AWS, GCP, Azure, on-prem vSphere and many other things. In this talk we’ll do a quick summary of the tool and functions then dive right into a real-world example.
Testing Microservices in a Global Engineering Team
As the way we code and architect our services changes, so too should the way we test them. In this talk we’re going to discuss methods we can utilise in testing microservices - from a basic service level to full service end to end testing.
The Bestiary of Pure FP
Last year Garth presented on the basic concepts of Functional Programming, using Kotlin and the Arrow framework. This year he will be partnering with Richard Gibson to kick the discussion up a notch and explain the benefits of fully embracing FP. This talk will cover how and why you might wish to code in the Pure FP style, and walk you through the whole bestiary of scary sounding terminology. So if you’ve ever wondered what is meant by Typeclasses, Algebraic Types, Higher Kinded Types, Free Monads, Tagless Final and Effects then this is the talk for you.
Things I wish I understood when I became a game dev
Have you ever thought about taking the leap into game development? If so, let me share my cautionary tales and bucketlist of things I wish I’d known when I started out 7 years ago as a non-technical dreamer.
Things To Pack For A trip To Microservices
You have heard loads of praise from other fellow travellers about microservices. No matter, if you are just starting your journey or on the way, hear from a practitioner about things to pack and couple of tips for making your journey much safer and smoother on the road to microservices.
In this session, We’ll take a look at some lessons learned, patterns and anti-patterns that can turn your microservices into success or disasters. We will also explore
Microservices almost seem to be the de-facto way to build systems today, but are they always the answer?
If Microservices are the answer for you, what are the challenges you’ll face at scale (both from a technical and organisational level)?
What are the strategies you should use now that you are effectively building a distributed system?
Transforming Engineering Culture
Transforming an engineering culture can be really tough. Change is not always welcome, it can be hard work and might push people out of their comfort zones. It also might be brilliant!
Kevin will talk about joining ShopKeep and how he worked closely with their his peers to make necessary changes to team structures and product delivery processes. He will also talk about change adoption, the challenges along the way and how to know if you have been successful.
By the end of the talk hopefully the audience will be inspired to change things in their own environments and will have some strategies to approach these transformations.
Twelve Factor App
Brief history of Twelve Factor app and origins. Cover some cloud acronyms - IaaS, PaaS, FaaS, SaaS, BaaS, CaaS, *aaS, Serverless and Cloud Native Go through each of the 12 Factors and provide some context. Briefly cover how using Containers and Serverless automatically takes care of several of these factors for developers.
Key takeaways: Refresh/Revisit what 12 factors app is. Show how the 12 factors are still important for cloud development. Clarify some cloud native terminology and acronyms.
US Marines, Agile and heuristics
Software development is inherently complex in nature. For such complex problems there are no recipes for success that can be followed.
US Marines rely on heuristics when the original battle plan breaks down, such as “capture the high ground, stay in touch and keep moving”. Can we use a similar set of heuristics in our Agile deliveries?
A heuristic is anything that provides a plausible aid or direction in the solution of a problem. They can produce accurate decisions by exploiting the structures of information in the environments they are applied.
Join me to explore how underpinned by Agile principles and practices we can create a set of heuristics that can be used to create a delivery foundation.
Unphisable Authentication with WebAuthn
Secure Enclaves. Yubikeys. TouchID. U2F. 2FA. FIDO… modern devices have amazing authentication capabilities, but how do you make sense of it all? And does any of it work on the Web? Let me help.
In this session I’ll explain how the new WebAuthn standard exposes advanced authentication capabilities to the Web, and how you can use it to augment or completely replace passwords in online interactions.
Public key cryptography has never been so usable!
Using Progressive Web Apps to Code for Good
The key take aways for an attendee of this talk are:
- What are Progressive Web Apps (PWA)
- What benefits a PWA can bring over opting for a traditional native iOS/Android app
- How to build a PWA using service workers and caching.
- A demo of an app I have been building in my spare time that leverages the power of PWAs to help prevent suicide.
Here are some example paragraphs of what I will present to attendees:
PWAs are a new breed of web app that combine the benefit of a native app with the low friction of the web. Getting a user to install and use your native app is quite an ordeal. First of all they have to find out about your app, then they have to visit the app store and then they must click install. Then once the app has eventually finished downloading, they have to agree to various permissions and then maybe, just maybe, will they actually use it. Did you know that the average person spends 84% of their time on mobile devices using just the 5 top mobile apps…. and more often than not, that isn’t one of your apps!!
How do you get your app in the hands of users then? A progressive web app takes a very different approach and they aim to break down all of these barriers. Instead of a user having to download and install an app via an app store, they instead would click a link. This could be a link they’ve found on the web, or sent from a friend. Once clicked, the app will load and the browser even suggests adding a shortcut to the homescreen. For all intents and purposes, the app (despite running in the browser) looks and feels like a native app. It even has many of the powers that a native app has:
- Unlike a traditional web app, they are available regardless of internet connection.
- Fast load times - Using service workers, sites can load in milliseconds (often even faster than a native app)
- Push notifications - yep, they have them.
- Homescreen shortcut
- Native look - a PWA can have a loading splash screen, launch in full-screen mode and lock themselves to a specific screen orientation.
Web components - Without your Favourite Framework
Starting in with a speedy catch-up on what “web components” even means, this talk will focus on the various options available for building a site or app using web components.
The session will cover the available framework options for component based builds, and then showing how web components can be written in native browser technology (without the need for any frameworks!) and why this might be a good option to consider.
This talk is best suited for folks who have some familiarity with web development, and hopefully people will go away with an idea of whether or not web components are useful to them, and if so how they could implement them.
What does a scanner see?: Visualising anatomy in 3D
Visualising biological information is challenging at the best of times. At axial3D, we accelerate that understanding by providing Machine Learning (ML) backed annotations of those images. We develop these algorithms and the tools to visualise their output in-house at our Belfast office. In this talk, we will outline our ML training pipeline and show how we are harnessing the power of the cloud to provide an intuitive web-based platform for the annotation of medical images in a secure and scalable way.
Currently, there is no standardised pipeline for the creation, processing and validation of image segmentation for medical 3D printing. The features and functions exist in a disparate array of web and desktop-based software. We will show how we are bringing the required functionality together in a web-based tool. This tool can handle any step of the process from medical image transfer to printing the 3D object. We will show how we capture and curate training data, as well as train the actual ML pipeline.
Attendees can expect to learn practically how to ingest data into a machine learning platform. How to visualise that data and securely allow others to do so. How to represent potential mistakes in image segmentation tools and produce a web-based platform for the curation of ML data.
What is Machine Learning and why it is important?
Importance of Machine Learning in today’s world?
What should a normal dev know about web security?
Discussing what a normal developer know about web security, from a normal developer that freely admits he doesn’t know it all. and probably just enough to know he knows very little.
We’ll be looking at the OWASP 10, going over the most common mistakes and pitfalls, and how they could lead to disaster results, and ultimately how to avoid them
Who cares about accessibility?
I work HMH, one of America’s biggest publishers with an Ed-tech business serving 150 million students and teachers. You may not have heard of us but you will know some of our brands: Curious George, Carmen Santiago, The Hobbit. It’s not too much of a stretch to say we’re a big company but until recently saying that we cared about accessibility was as far as it went.
How does a big company (or a small one) change track, retrofit existing apps and start making accessibility a core part of future plans? How do you get developers and designers, who are already under time constraints to start thinking differently? Is it even realistic to think we this can be done without blowing the budget, delaying the product or getting so tied up in the red tape of legal specifications that nothing ever gets done?
The answer to all of the above is yes and if you give me 30 minutes I’ll tell attendees how they can do it too because the answer should be that everyone cares about accessibility but sometimes developers need practical advice to make that a reality.
Why don't we encrypt it? A practical guide.
Today we have the strongest encryption tools ever, and the threats have never been greater, yet even we software developers routinely send emails and share files without encrypting them. This session is a practical, step by step guide to encrypting your emails, files and passwords with GnuPG, the free and open source OpenPGP cryptographic software suite.