Firefox has disabled TLS 1.0 and TLS 1.1 to improve your website connections. Sites that don't support TLS version 1.2 will now show an error page. We reverted the change for an undetermined amount of time to better enable access to critical government sites sharing COVID19 information. https://www.youtube.com/watch?v=grVVuGnN9IE https://www.mozilla.org/en-US/firefox/74.0/releasenotes/ https://twitter.com/cramforce/status/1242515799215988737?s=21...
Mar 25, 2020•4 min
Copy and Paste Code, Tutorial Hell, Frontend Frameworks, GitHub Pull request Trolling and more
Mar 23, 2020•26 min
New software chat series let me know if you like it
Mar 21, 2020•19 min
In this video, I discuss the path of becoming a backend engineer through concepts and fundamentals. These are not tools 🧰 these are backend concepts and fundamentals technologies. - Communication Protocols 3:30 - TCP,UDP - QUIC - HTTP - WebSockets - gRPC - Web Servers 8:40 - How web servers work? - Dynamic vs Static Content - E-Tags - HTTP protocol - Database Engineering 11:00 - Relational vs NoSQL - ACID - Proxies (Reverse Proxies, Load balancer) 13:31 - What is difference between Proxy vs Rev...
Mar 19, 2020•27 min
FireFox DNS over HTTPS is a great step to a more secure web however it is absolutely useless without this ESNI. I also discuss doh in this video, esni and why this might not be a good idea https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/
Mar 15, 2020•16 min
In this video I want to talk over the active active active vs active passive cluster configuration for high availability. We will also explain the pros & cons of using an active-active cluster vs using an active-passive cluster.
Mar 15, 2020•12 min
A sidecar proxy is an application design pattern which abstracts certain networking features, such as inter-service communications, monitoring and security, timeouts, retries, communication protocols, away from the main architecture to ease the maintenance of the application as a whole. In this video I’d like to talk about how we classically do things: Library Pattern getComments HTTP1:1/JSON Add features retries/timeout /hardcode the server name what it changed/add new server to load balance be...
Mar 08, 2020•27 min
MySQL 8.0 supports atomic Data Definition Language (DDL) statements. This feature is referred to as atomic DDL . An atomic DDL statement combines the data dictionary updates, storage engine operations, and binary log writes associated with a DDL operation into a single, atomic transaction. The transaction is either committed, with applicable changes persisted to the data dictionary, storage engine, and binary log, or is rolled back, even if the server halts during the operation. I discuss mySQL ...
Mar 05, 2020•7 min
gRPC ( gRPC Remote Procedure Calls [1]) is an open source remote procedure call (RPC) system initially developed at Google in 2015[2]. It uses HTTP/2 for transport, Protocol Buffers as the message format. In this video I want to explore gRPC, go through examples, pros and cons of gRPC. Client/ Server communication SOAP HTTP (REST) WebSockets Client Libraries gRPC gRPC Demo todos gRPC Pros and Cons Pros Fast two/uni and request Unform One library to rule them all Progress feedback( long synchrono...
Feb 29, 2020•1 hr 20 min
Firefox version 73.1 fixes a bug that prevented users from signing into Royal Canadian Bank (Firefox fixed a bug that prevented Canadians from signing in to their bank royal Canadian bank) what caused it? Lets get into it * Users will sign in and will get blank page. * Cause Beacon API and HTTP/2 * Bug has been there forever Sources https://bugzilla.mozilla.org/show_bug.cgi?id=1613943#c16 🏭 Software Architecture Videos...
Feb 26, 2020•5 min
Some cool new features are coming to the Javascript language namely Optional chaining and nullish coalescing how useful are they? lets discuss So Optional chaining and nullish coalescing are coming to the Javascript language. I think it is already in the Javascript Engines (V8, SpiderMonkey, JavascriptCore and Chakra) which will be picked up by other clients such as browsers, node js , dino other stuff .. Cool stuff lets get into it. Show them (chrome devtools) Where is it available? Node JS not...
Feb 23, 2020•13 min
We are one step closer to a more secure web. Firefox disabled TLS 1.0 1.1 It’s a big change that I am very happy about but not everyone is. Let's discuss . Resources https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ https://www.openssl.org/~bodo/ssl-poodle.pdf Firefox disabled TLS 1.0 1.1 It’s a big change that I am very happy about but not everyone is. Lets discuss Resources https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ https://www.openssl.org/~bo...
Feb 17, 2020•13 min
Google engineer Alyssa Wilk discovers a critical security bug related to whitespaces in header values. Envoy and Node JS fix this by releasing a security patch. let us discuss it. tags: envoy, envoy proxy, envoy security, envoy proxy whitespace, Alyssa Wilk
Feb 11, 2020•9 min
Node JS Releases a Fix for an HTTP Request Smuggling Vulnerability, we discuss the attack and the fix in detail.
Feb 09, 2020•12 min
In April 2019 Google blocked sign-ins from Embedded Browsers to avoid man in the middle phishing attacks. In this video, we discuss why. https://security.googleblog.com/2019/04/better-protection-against-man-in-middle.html?m=1
Feb 09, 2020•8 min
PostgresSQL version 12 has been released, let's go through the features that I think are most interesting and cool. #softwarenews Feature Matrix https://www.postgresql.org/about/featurematrix/ - Allow adding columns to Index (GIST) https://www.postgresql.org/about/featurematrix/detail/314/ - COPY FROM WHERE COPY FROM ... WHERE - More native support of JSON objects https://www.postgresql.org/docs/12/functions-json.html#FUNCTIONS-SQLJSON-PATH - Reindex concurrently (slow but allows writes) https:/...
Feb 09, 2020•16 min
Google just released the latest version of Chrome (80) and one of the interesting features making a big change to the default cookies that might actually prevent CSRF forever. Let’s discuss this. #softwarenews * Same Site Attribute * Break some apps * Devs must explicitly set None;secure * Will this end CSRF Resources https://youtu.be/GPz7onXjP_4 https://www.chromestatus.com/feature/5088147346030592 News Theme 2 by Audionautix is licensed under a Creative Commons Attribution license (https://cre...
Feb 04, 2020•11 min
Load balancing is process of balancing incoming requests to multiple machines, processes or services. In this video we will explain two types of load balancers, layer 4 and layer 7. Layer 4 - haproxy, NLB Pros - great for simple packet-level load balancing - Fast and efficient doesn’t look at the data - More secure as it cant really look at your packets. So if it was compromised no one can look - Uses NAT - One connection between client and server NATed Cons - Can't do smart load balancing based...
Jan 29, 2020•38 min
NginX is an open source web server written in C and can also be used as a reverse proxy and a load balancer. In this video, I want to go through the following topics in NginX What is NginX? 2:25 Current & Desired Architecture 4:58 Layer 4 and Layer 7 Proxying in Nginx 8:40 Example 10:25 Install Nginx (mac) 13:30 Nginx as a Web Server 15:00 (webserver.conf) Static context location root 20:00 regular expression 27:00 proxy pass 30:30 Nginx as a Layer 7 Proxy 33:30 Proxy to 4 backend NodeJS ser...
Jan 20, 2020•1 hr 27 min
In this podcast I explain what database partitioning is and illustrate the difference between Horizontal vs Vertical Partitioning, benefits and much more. Why Partitioning?
Jan 02, 2020•12 min
ARP Address Resolution Protocol is a protocol that maps IP address to a mac address so hosts can be addressed. I want to make a video explaining ARP because it is starting to surface a lot in different videos that I’m making such as man in the middle, load balancing, and security.
Dec 31, 2019•15 min
In this video I want to go through what really happens under the hood when you type google.com and you hit enter in a browser. This is inspired by alex’s github page below, it is a great detailed description of what happens. I did however add more details to certain areas and I removed some stuff like keyboard events and low level operating system like that. So if you are interested stay tuned! https://github.com/alex/what-happens-when 5:30 HSTS https://youtu.be/kYhMnw4aJTw 19:30 tcp vs udp http...
Dec 30, 2019•47 min
Failover is the technique of switching to a redundant backup machine when a certain node goes down. This is a very common implementation for achieving high availability and it is often mixed with different load balancing techniques such as layer 4 and layer 7 balancing. In this video i want to go through following * What is Failover? 1:47 * ARP - Address Resolution Protocol 3:00 * VIP & VRRP 5:40 * High-availability Example 12:12 Cards 4:00 ARP 12:50 docker javascript 18:00 OSI Model
Dec 28, 2019•20 min
HAProxy is free, open source software written in C that provides a high availability layer 4 and layer 7 load balancing and proxying . It has a reputation for being fast and efficient (in terms of processor and memory usage). In this video I want discuss the following Current & Desired Architecture 2:30 HAProxy Architecture 5:50 HAProxy as TCP Proxy & HTTP Proxy (Layer 4 vs Layer 7) 17:00 ACL (Access Control Lists) 19:20 TLS Termination vs TLS Pass Through 20:40 Example 24:23 Spin up the...
Dec 23, 2019•1 hr 15 min
HSTS or HTTP Strict Transport Security is a mechanism to force clients to communicate in HTTPS with a web server if both support this protocol. In this podcast, I talk through this tech.
Dec 23, 2019•18 min
Database engines or storage engines or sometimes even called embedded databases is software library that a database management software uses to store data on disk and do CRUD (create update delete) Embedded means move everything in one software no network client server. In this video I want to go through the few popular database engines, explain the differences between them and finally I want to spin up a database and change its engine and show the different features on each engine Timecodes Wha...
Dec 20, 2019•1 hr 8 min
Database Sharding Crash Course (with Postgres examples) Database sharding is process of segmenting the data into partitions that are spread on multiple database instances to speed up queries and scale the system. What is sharding? sharing key / partition key Consistent Hashing Horizontal partitioning vs Sharding Example Pros and cons What is Sharding? 1:30 Consistent Hashing 4:50 Horizontal partitioning vs Sharding 7:36 Example 8:45 Spin up Docker Postgres Shards 10:02 Write to the shard 17:25 R...
Dec 18, 2019•59 min
Varnish is a reverse proxy web accelerator Written in C designed to improve HTTP performance by using server side caching. In this video I’m going to go through how Varnish works, we will spin up a Varnish docker container and finally talk about the pros and cons of this tech. Agenda Classic HTTP Architecture How Varnish Works? HTTP Setup - Varnish HTTPS Setup - Varnish with Caddy as TLS Terminator. Varnish Pros & Cons Summary Pros Cache & prefetching documents Resolve DNS hostnames in d...
Dec 18, 2019•51 min
short is a major revision of the hyper text transfer protocol that improves the performance of the web. It uses a binary protocol and multiplexing. In this video I want to go through how HTTP/2 works, its pros and cons and show the performance difference between HTTP 1.1 and HTTP/2 Http/1 request has to wait for a response And if you used up your connection response you can send anything else. Source Code: https://github.com/hnasr/javascript_playground/tree/master/staticpage So hack ! 6 tcp conn...
Dec 18, 2019•24 min
Sorry about the free form audio and low quality thought I post something here its been while
Dec 09, 2019•13 min
