惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

TaoSecurity Blog
TaoSecurity Blog
T
Troy Hunt's Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Vercel News
Vercel News
T
Threatpost
G
Google Developers Blog
T
Threat Research - Cisco Blogs
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
T
The Exploit Database - CXSecurity.com
H
Heimdal Security Blog
Google DeepMind News
Google DeepMind News
Cyberwarzone
Cyberwarzone
T
The Blog of Author Tim Ferriss
Know Your Adversary
Know Your Adversary
Hacker News: Ask HN
Hacker News: Ask HN
www.infosecurity-magazine.com
www.infosecurity-magazine.com
S
Schneier on Security
B
Blog
V2EX - 技术
V2EX - 技术
NISL@THU
NISL@THU
C
CERT Recently Published Vulnerability Notes
W
WeLiveSecurity
C
Cybersecurity and Infrastructure Security Agency CISA
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Y
Y Combinator Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Spread Privacy
Spread Privacy
The Last Watchdog
The Last Watchdog
V
Vulnerabilities – Threatpost
N
Netflix TechBlog - Medium
Schneier on Security
Schneier on Security
F
Fortinet All Blogs
N
News | PayPal Newsroom
Attack and Defense Labs
Attack and Defense Labs
Blog — PlanetScale
Blog — PlanetScale
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Microsoft Security Blog
Microsoft Security Blog
S
Security @ Cisco Blogs
人人都是产品经理
人人都是产品经理
爱范儿
爱范儿
P
Privacy & Cybersecurity Law Blog
P
Proofpoint News Feed
Project Zero
Project Zero
I
Intezer
罗磊的独立博客
H
Hackread – Cybersecurity News, Data Breaches, AI and More
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园 - Franky
SecWiki News
SecWiki News
Martin Fowler
Martin Fowler

Blog

Tracing a memory leak bug in PID 1 and contributing an upstream fix: a Linux support story | Canonical MAAS installation: bare metal provisioning is easier than ever | Canonical Januscape vulnerability CVE-2026-53359 mitigations available | Canonical Managing Ubuntu on bare metal at scale | Canonical Ubuntu Server: a platform made for enterprise scale | Canonical Building an open source chain of trust: new research uncovers key blockers and ways forward | Canonical Beyond safety and security: Why automotive open source demands dependability  | Canonical DirtyClone Linux kernel local privilege escalation vulnerability fixes available | Canonical pedit COW kernel local privilege escalation vulnerability mitigations | Canonical Canonical becomes Gold Sponsor of Trifecta Tech Foundation | Canonical Challenges designers face in open source (and how to fix them) | Canonical Hunting a 16-year-old SQLite bug with TLA+: is dqlite affected? | Canonical Anbox Cloud on C4A metal: Android, at scale, without friction | Canonical Canonical announces live kernel patching for Arm64 | Canonical How to use RISC-V custom instructions with Ubuntu | Canonical Ubuntu Summit 26.04: connected by open source | Canonical So you need to add microcontrollers to your fleet: now what? | Canonical Validating real-world skills through Canonical Academy | Canonical Virtualized Android comes to Anbox Cloud | Canonical Template: Streamlining open source design contributions | Canonical Beyond Mythos: responding to a new threat landscape | Canonical A look into Ubuntu Core 26: Building a local AI inference appliance in a virtual machine | Canonical This year we celebrate a decade of Ubuntu Server support on the s390x architecture: marking a long-standing collaboration between Canonical and IBM that began at LinuxCon 2015. The first release happened on April 21, 2016, bringing Ubuntu 16.04 LTS (Xenial Xerus) to IBM Z and IBM LinuxONE platforms.  A first for Ubuntu on IBM That […] AI at the edge: simplifying infrastructure with Cisco and Canonical | Canonical The next era of telco clouds: get open infrastructure choice with Sylva and Canonical Kubernetes | Canonical What is RDMA over Converged Ethernet (RoCE)? | Canonical Beyond tokens per watt – using Ubuntu 26.04 LTS for AI Beyond tokens per watt – using Ubuntu 26.04 LTS for AI | Canonical A look into Ubuntu Core 26: Deploying AI models on Renesas RZ/V series for production | Canonical RISC-V profiles – why is RVA23 significant? | Canonical AI with AMD ROCm on Ubuntu: your questions answered | Canonical When distributed workloads stall because nodes cannot exchange small messages quickly and consistently, the network is the limiting factor. How do you solve that problem? InfiniBand offers one solution. InfiniBand is an interconnect, meaning the end-to-end communication system that links compute, storage, and accelerator nodes. It is impl […] Microsoft has announced the preview of Azure Cobalt 200, its second-generation custom Arm silicon. Learn how Ubuntu and Ubuntu Pro support these new VMs from day one, offering seamless deployment, long-term security maintenance, and Kernel Livepatch without requiring engineering or platform changes […] How Canonical Support solves hard Linux performance bugs  – even in 12-year old code | Canonical Securing AI agent workflows on Ubuntu with the new NVIDIA OpenShell snap | Canonical Canonical announces optimized Ubuntu images for TPU virtual machines by Google Cloud | Canonical VMware hypervisor deployment using MAAS | Canonical Migrating from Apache Spark 3 to Spark 4 | Canonical Introducing Workshop: launch sandboxed development environments on Ubuntu with a single command | Canonical Run agentic workloads on Arm and Ubuntu | Canonical Developing web apps with local LLM inference | Canonical A local privilege escalation (LPE) security vulnerability in the Linux kernel, codename “PinTheft,” was publicly disclosed on May 19, 2026. The vulnerability was fixed in the mainline Linux kernel tree. A proof-of-concept exploit was published along with public disclosure. This has been assigned the CVE ID CVE-2026-43494; other discoverin […] Canonical has announced the general availability of Managed Kubeflow on the Microsoft Azure Marketplace. This fully managed MLOps platform allows enterprise AI teams to deploy a production-ready environment in under an hour, eliminating infrastructure maintenance. […] A look into Ubuntu Core 26: Cloud-powered edge computing with AWS IoT Greengrass and Azure IoT Edge | Canonical CVE-2026-46333 (ssh-keysign-pwn) Linux kernel vulnerability mitigations | Canonical Finding the blind spot: How Canonical hunts logic flaws with AI | Canonical A local privilege escalation (LPE) vulnerability affecting the Linux kernel has been publicly disclosed on May 13, 2026. The vulnerability does not have a CVE ID published, but is referred to as “Fragnesia.” The vulnerability affects multiple Linux distributions, including all Ubuntu releases. The affected components are the Linux kernel […] Rethinking BYOD security: protecting data without trusting devices | Canonical Two local privilege escalation (LPE) vulnerabilities affecting the Linux kernel have been publicly disclosed on May 7, 2026. The vulnerabilities have been assigned the IDs CVE-2026-43284 and CVE-2026-43500 and are referred to as “Dirty Frag.” The affected components are Linux kernel modules. The first vulnerability impacts the modules tha […] Three weeks to go: A sneak peek of the Ubuntu Summit 26.04 experience | Canonical How to use Ubuntu on Windows | Canonical A local privilege escalation (LPE) vulnerability affecting the Linux kernel has been publicly disclosed on April 29, 2026. The vulnerability has been assigned CVE ID CVE-2026-31431 and is referred to as Copy Fail. The affected component is a kernel module that provides hardware-accelerated cryptographic functions: algif_aead. The vulnerab […] Run NVIDIA Nemotron 3 Nano Omni locally in a single command | Canonical Why Web Engineering is great | Canonical Ubuntu 16.04 LTS (Xenial Xerus) reached the end of its five-year Expanded Security Maintenance (ESM) window in April 2026. If you are still running 16.04, it is critical to address your support status to ensure continued security and compliance. Your support options Now that 16.04 is in its Legacy phase, you have two primary paths: […] Understanding disaggregated GenAI model serving with llm-d | Canonical From Jammy to Resolute: how Ubuntu’s toolchains have evolved | Canonical Hybrid search and reranking: a deeper look at RAG | Canonical Canonical expands Ubuntu support to next-generation MediaTek Genio 520 and 720 platforms | Canonical In this article, Keirthana TS, a Senior Technical Author at Canonical, breaks down what leadership means to her and how she understood the power of intentional leadership through her journey at Canonical. […] Ubuntu Pro comes to Nutanix bare-metal Kubernetes | Canonical RISC-V 101 – what is it and what does it mean for Canonical? | Canonical Ubuntu Summit 26.04 is coming: Save the date and share your story! | Canonical How to manage Ubuntu fleets using on-premises Active Directory and ADSys | Canonical Simplify bare metal operations for sovereign clouds | Canonical How to Harden Ubuntu SSH: From static keys to cloud identity | Canonical The “scanner report has to be green” trap | Canonical Modern Linux identity management: from local auth to the cloud with Ubuntu | Canonical Canonical welcomes NVIDIA’s donation of the GPU DRA driver to CNCF | Canonical Hot code burns: the supply chain case for letting your containers cool before you ship | Canonical
Decoding design: How design and engineering thrive together in open source | Canonical
Miguel Divo · 2026-05-22 · via Blog

Open source thrives on engineering-driven processes. Fast feedback loops, terminal tools, Git workflows: they’re the lifeblood of how we build software in the open. But for software to truly excel, we need to create user experiences that empower people to use them.

I wanted to bring this conversation into the spotlight as part of Canonical’s Open Design initiatives. What better way than at FOSS Backstage 2026 Berlin

I organized a panel of some of the most talented designers and engineers in the open source space: Glòria Langreo, Senior Design Director at GitHub, Eriol Fox, Core Maintainer at Open Source Design and Designer at Open Home Foundation (Home Assistant), and David Edler, Engineering Manager at Canonical. 

Here’s everything I learned from “Navigating engineering-focused environments.” 

1. Collaborating on the same workflow

One of the biggest misconceptions we face is the idea that designers and developers need separate, isolated workflows. Glòria immediately challenged this: at GitHub, teams work in an EPD (Engineering, Product, and Design) model, walking lockstep together. Ultimately, users don’t care how your internal teams are organized, they just care about the final product.

“There is no such thing as a developer workflow and a design workflow… let’s try to blend them and make them as indistinguishable as possible.”

Glòria Langreo

One way to blend these workflows is to integrate design directly into the engineering cycles you already use. Eriol shared a story of introducing “Design QA” alongside standard engineering QA, which turned the QA process into a collaborative space for discussion from both parties to understand each other’s perspectives and criteria points for something to be approved. David agreed, providing an engineering manager’s perspective. He considers that performing Design QA is a necessary step before merging any PR: designers must review the proposed change to ensure the engineered result actually aligns with their original design intent. 

Design isn’t a final layer of “polish” to be added later. If the experience is broken, it needs to be fixed in the moment, just like bad code.

The takeaways:

  • For designers: Don’t default to a rigid design framework and lifecycle. Take the time to learn the specific environment of the engineering team you are working with.
  • For engineers: Invite designers into your processes early. Eriol noted that engineers are often “just waiting for the invitation” to get involved in design, and the same goes in reverse.

2. Promote communication, empathy, and translation

Culture clashes often happen when we don’t understand the constraints the other side is facing. 

For example, Glòria shared how designers can get frustrated when a seemingly simple UI filter is blocked by backend data models, leading to unfair assumptions about developers being “lazy.” The fix? Designers should expand our skillset to understand how the architecture and data models actually work.

Likewise, engineers will invariably find edge cases in a design. Designers and engineers need a culture of shared critique where feedback is given at eye level, without fear. Communication is critical.

But how can teams communicate effectively in open source communities? Asynchronous work is the norm, and face-to-face meetings may be rare. Eriol provided a novel approach to solving this debate.

“I’ve just been kind of structuring my designs in a way that is good documentation.”

Eriol Fox

What that means is treating design files as documentation. By adding version control, dates, and decision logs directly into your design files, designers can speak a language developers respect. Sharing working spaces and norms in this way helps to remove friction, making teams more effective in knowing what decisions are being made, how they are being made, and why those decisions have been made.  

The takeaways:

  • For designers: As you get closer to the code and prototype with real components, the translation gap between design and engineering shrinks. Keep your early concepts low-fidelity to invite collaboration, rather than presenting a “finished” high-fidelity mockup that engineers feel they can’t contribute to.
  • For engineers: Learn the intention behind a design. When you understand why a designer is deliberately using specific whitespace or information hierarchy, you build a mental toolkit you can apply to future features.

3. Prove the value of design

In environments where design might be seen as secondary to shipping features, how do we prove its impact? The answer is simple: put the product in front of real users.

For engineers, joining in user testing sessions alongside the researcher or designer is highly motivating, according to David. Seeing someone struggle with a tool or product in real time makes you want to get it right, a sentiment supported by personal experiences for each of the panelists.

Glòria shared how observing a visually impaired user navigate a sign-up flow caused the engineering team to prioritize accessibility fixes the very next morning.

Eriol recounted a story where an engineer sat in on field tests in Kenya to stress-test an app under poor connectivity. The results? The engineer stayed up all night enthusiastically writing user story issues from a newfound perspective (hopefully they got their sleep as well).

Beyond user testing, Glòria pointed out that UX work, like standardizing patterns and building design systems, is fundamentally systems thinking. Getting engineering buy-in becomes much easier when developers realize that standardizing UI components means they can delete legacy code, scale faster, and maintain less technical debt.

The takeaways:

  • For designers: Don’t just tell engineers what to do. Show them the users’ pain points and write user stories to frame your specifications.
  • For engineers: Design isn’t just about making things pretty; it solves complex problems like discoverability, accessibility, and consistency.

Conclusion: Be a community!

Building great open source software requires both excellent engineering and thoughtful design. The path forward is built on mutual curiosity and collaboration.

To the engineers reading this, don’t be afraid to seek out design input, ask questions about user needs, and attend design-focused meetings. To the designers, don’t be intimidated by the technical barriers. Lower the drawbridge to your discipline, go into engineering spaces, observe how they work, and contribute authentically.

As Eriol summarized, “Open source is as much about software as it is about being in community with each other.”

When we respect each other’s workflows and build together from the start, we create software that truly empowers the people using it.

Check out the full panel discussion on YouTube!


Join the Canonical design team

We’re looking for designers who care about craft and how systems work under the hood. At Canonical, design sits at the intersection of UX, engineering, and open source where we shape cohesive, accessible experiences across cloud, desktop, and IoT products.

If you enjoy solving complex problems and turning technical depth into clarity, explore our open roles: canonical.com/careers

Related posts


Open design: the opportunity design students didn’t know they were missing

Design Article

What if you could work on real-world projects, shape cutting-edge technology, collaborate with developers across the world, make a meaningful impact with your design skills, and grow your portfolio… all without applying for an internship or waiting for graduation? That’s what we aim to do with open design: an opportunity for universities ...