Backend Engineering with Hussein Nasser

Backend Engineering with Hussein Nasser

By Hussein Nasser
Welcome to the Backend Engineering podcast with your host Hussein Nasser. If you like software engineering you’ve come to the right place. All opinions are my own.

Most of my content in the podcast is an audio version of my youtube channel here www.youtube.com/c/HusseinNasser-software-engineering
Where to listen
Apple Podcasts Logo
Breaker Logo
Castbox Logo
Google Play Music Logo
Google Podcasts Logo
Overcast Logo
Pocket Casts Logo
PodBean Logo
RadioPublic Logo
Spotify Logo
Server-Sent Events Crash Course
Server-Sent Events or SSE is when the server sends events to the client in a unidirectional manner. In this video I explain Server-Sent Events and compare it to websockets and HTTP and Long Polling.   Source Code https://github.com/hnasr/javascript_playground/tree/master/server-sent-events  Resources https://developer.mozilla.org/en-US/docs/Web/API/EventSource   0:00 Intro 1:50 HTTP 1.0/1.1 3:40 WebSockets 5:00 Server Sent Events 7:30 SSE Use Cases 9:00 SSE Code Example 18:00 SSE Pros & Cons 25:20 Do You Need SSE? 28:30 Summary
29:47
July 14, 2020
HOW Would TikTok Be Blocked in US (Technical Explanations)
In this video I go through all possible ways the US can use to block TikTok?  0:00 Intro 0:22 App Stores 1:30 DNS 2:20 ISP Level Block  3:30 DOH/ DOT 5:00 SNI  5:50 VPN
06:20
July 8, 2020
Have a Database User for each Express Route - Best Practices for Backend Application with Postgres
This is a question from one of you guys that I thought I'd answer in its own video since its loaded.  Q/A - Shark Beak I currently have the same setup for my side project. What do you think about having a 'create table if not exist' running on startup that creates this table? Good/bad?    It is always a good idea to have a specific database user for each route with specific permissions and use connection pooling as much as possible.
06:53
July 6, 2020
ZeroMQ
ZeroMQ is an Open Source Messaging Library designed for a high-performance asynchronous messaging library. In this video I discuss this tech and build a simple queue with this tech 0:00 Intro 1:48 What is ZeroMQ? 4:48 Messaging Patterns 6:42 Socket Types 8:55 Simple Queue 11:00 Code 23:20 ZeroMQ Pros & Cons 29:30 Summary Source Code https://github.com/hnasr/javascript_playground/tree/master/zeromq-simplequeue Resources https://github.com/booksbyus/zguide/tree/master/examples/Node.js https://en.wikipedia.org/wiki/ZeroMQ https://blog.scottlogic.com/2015/03/20/ZeroMQ-Quick-Intro.html http://zguide.zeromq.org/page:chapter3#advanced-request-reply Outline What is ZeroMQ? Message library Message Patterns Broker less Simple you build the components that you need Sockets Types REQ REP PUSH PULL ROUTER DEALER Message PatternS Synchronous Request/Response Asynchronous Request/Response Publish/Subscribe Push/Pull Exclusive Pair Example! (Simple Queue (Push Pull)) Pros & Cons Pros Simple (meh) Efficient lightweight Great for small use cases Cons You have to write customize If you are building a large distributed message queue then you need to implement all features Feels over-engineered Could be simpler.
29:54
July 5, 2020
Discussing Layer 7 Reverse Proxy D=DOS Mitigation (Security Now Video by Steve Gibson )
Discussing Layer 7 Reverse Proxy D=DOS Mitigation (Security Now Video by Steve Gibson )
14:10
July 2, 2020
Google Chrome and Firefox to Join Apple’s Safari in One Year Certificate Validity (My opinion)
Google Chrome and Firefox to Join Apple’s Safari in One Year Certificate Validity (My opinion)
14:05
July 2, 2020
What is TCP Fast Open and how can it speeds up Web Application
TCP Fast Open Spec https://tools.ietf.org/html/rfc7413#section-1
12:29
June 30, 2020
What is TCP Slow Start and how Does it affect your Web Application Performance?
In this video I discuss what is the TCP Slow Start and its effect on performance of backend applications, proxies and even frontend applications.
11:38
June 30, 2020
Why you can’t run an unencrypted HTTP/2 Server on Port 80 - Protocol Ossification Explained
In this video, I explain why we can't run unencrypted HTTP/2 or HTTP/3 without enabling TLS. This is because of Protocol Ossification.
09:17
June 30, 2020
Why Turning on HTTP/2 Was a Mistake (My opinion on the lucidchart article)
Article: Why Turning on HTTP/2 Was a Mistake - Lucidchart - https://www.lucidchart.com/techblog/2019/04/10/why-turning-on-http2-was-a-mistake/  In this video I discuss this article and my opinion.  That is not a limitation of HTTP/2 but of the application that couldn't handle the request. It is like driving a volvo all your life and then switching to a Ferrari and saying it was a mistake because its too fast. I disagree with the solutions of throttling the LB and I think the app should either be architected to not send this much requests if possible or just add more servers since HTTP is stateless you should be able to scale. HTTP/2 however does use more cpu it is dealing with many streams. The article doesn’t explain if it was H2 all the way though or not.    0:00 Intro 1:17 HTTP/1.1 Current Architecture  4:00 What happened when They Enabled HTTP/2 AT LB 7:00 Why I disagree with the throttling  8:00 Proposed Solutions  12:15 Why HTTP/2 can be CPU intensive   Card at minute 3 playlist http2   🏭 Backend Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT  💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2  🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr  🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC  🐘 Postgres Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj  🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r  🧮 Programming Pattern Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe  🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv  🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO  🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX  🔆 Javascript Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM  👾Discord Server https://discord.gg/CsFbFce  Become a Member  https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join  Support me on PayPal https://bit.ly/33ENps4  Become a Patreon https://www.patreon.com/join/hnasr?  Stay Awesome, Hussein
15:05
June 28, 2020
What Recruiters really look for in a Backend Engineer? (Unpopular opinion)
In this video I have a conversation with you on how we one break it into backend engineering answer most of your questions, what should you write in a CV, what recruiters expect for backend engineers etc..   Question: Hey Hussein, I hope you are doing well, Are there any tips or tricks I can do to make it easier to break into the industry as a back-end developer? i mean what are recruiters looking for in a CV? i would be glad if you made a video about that.
25:39
June 19, 2020
Multicast DNS
In this video I discuss multicast DNS. Wikipedia defines multicast dns In computer networking, the multicast DNS (mDNS) protocol resolves hostnames to IP addresses within small networks that do not include a local name server.    0:00 Intro 0:30 DNS Explained in LAN 4:00 Multicast DNS
06:53
June 17, 2020
Overengineering in Software
In this video, I explain the different cases where we overengineer software especially in two pieces, software code, and system design and architecture.  Chapters 0:00 Intro 1:45 OverEngineering in Software Development 7:15 OverEngineering System Design
18:35
June 17, 2020
Can your ISP block you from Watching A Single YouTube Video?
We know ISP can block you from going to YouTube all together but can they block you from watching a single youtube video? I discuss that in this video  Stay Awesome, Hussein
11:38
June 7, 2020
What Caused Stripe and Ruku to stop working on May 30th 2020? Expired Root Certificate Bug Explained
In this video I explain what happened to services such as stripe & roku which failed to establish TLS sessions because the ROOT certificate AddTrust External CA Root has expired. This is a bug in openSSL and other software the perform this kind of validation.   I explain what happened in details..   Resources https://twitter.com/sleevi_/status/1266647545675210753 https://tools.ietf.org/html/rfc4158 https://ohdear.app/blog/resolving-the-addtrust-external-ca-root-certificate-expiration
08:43
June 2, 2020
MultiThreading and MultiProcessing over a Single TCP Connection, Good Idea?
Sharing a Single TCP Connection whether this is HTTP, WebSockets or just RAW TCP protocol between multi-threading or multi-processes application is bound to cause bad undesirable effects. I explain this in this video and give example of how QUIC & HTTP/2 have solved this problem.   Pooling 5:00 QUICK Database 6:30 HTTP/2 Playlist 7:00
09:02
May 31, 2020
How Does Database Store Tables on Disk? Explained both SSD & HDD
in this video I explain how database systems store their data on Disk both f from SSD (solid-state drives) and HDD (HarD disk drive).   There are many factors that go into that discussion so I tried to cover the high level here.   Reseources https://www.extremetech.com/extreme/210492-extremetech-explains-how-do-ssds-work https://www.percona.com/blog/2019/12/18/give-love-to-your-ssds-reduce-innodb_io_capacity_max/
18:55
May 30, 2020
Understand Fundamentals not Tools (e.g. WebSockets vs Socket.io, Javascript vs React, Python vs Django)
Understand Fundamentals not Tools (e.g. WebSockets vs Socket.io, Javascript vs React, Python vs Django)
04:43
May 26, 2020
How to Spot Good Software Documentations from Really Bad one?
In this video I discuss all about software documentation.Good doc from bad doc and how to differentiate and is documentation the only source of learning about a particular tech?
12:18
May 25, 2020
7 Tips To Optimize Your Backend API (Without Caching)
In this podcast I discuss 7 Tips To Optimize Your Backend API (Without Caching)  1) The serialization representation (XML/JSON, pbf) 0:40 2) Preheating connections 3) H1 vs H2 4)TCP meltdown (big distance) 5) Proxies 6) large payload (select * ) 7) Client side processing (transfomring the work)
07:47
May 24, 2020
10 FrontEnd Performance Tips To Improve Your Application (Any Programming Language)
In this video, I would like to discuss 10 performance tweaks and tips that you can apply to your frontend application to improve its performance and efficiency. These tips are applicable to any programming language on Web, mobile, or desktop application.  Chapters 0:00 Intro 0:40 Optimistic queries 1:57 Paging 3:00 Lazy Loading 4:00 Request what you Need 6:53 Connection State 10:00 LRU Cache 11:10 Group Notifications 12:30 Avoid Expensive Queries Even At Expense of Bad UX 14:00 Design your UX So you Minimize Requests
15:03
May 20, 2020
Agile vs Waterfall Software Development Methodology Explained
In this video I explain the difference between Agile & Water, the pros & cons and more. Chapters 0:00 Intro 1:00 Waterfall 5:00 Agile
15:41
May 19, 2020
How WebSockets Work with HTTP/2 (RFC8441 Explained)
In this video I explain how WebSockets work in the new HTTP/2 protocol. This is explained in the  Bootstrapping WebSockets with HTTP/2 in RFC8441 https://tools.ietf.org/html/rfc8441 https://link.medium.com/v5sB9nbUp6  1:00 HTTP2 5:50 HTTP/2 limitations
08:39
May 13, 2020
Machine Learning Occupancy Detection System being deployed in California
Metroexpress lane is implementing a Machine Learning Occupancy Detection System which I found interesting. In this video I discuss machine learning, supervised learning, labeling and much more.
10:35
May 11, 2020
What is a Multitenancy Architecture and Why Is it becoming popular?
In this video I explain the multi-tenancy architecture. The basic idea is to have a single instance of your application to serve multiple tenants or customers and the properties are this. This is as opposed to isolated or dedicated infrastructure. Shared Instance One database hosting multiple customers Isolation at the application level Can be multi-processes and multi-instances as long as they are pooled Stateless Tags Multitenancy, software Multitenancy, Multitenancy explained, Multitenancy architecture https://www.zdnet.com/article/defining-the-true-meaning-of-cloud/
08:15
May 9, 2020
How Important are algorithm and data structures in backend engineering?
Algorithms & Data Structures are critical to Backend Engineering however it really depends on what kind of application and infrastructure you are building. In this video I want to go through the following   1 Backend Engineers are two types - Integrating Existing Backend  - Core Backend  Example Building a CRUD API? Online Cinema system, URL shortener, You will pick up a database and write your logic Building a social network?  * are you gonna be integrator use a ready made graph database?  * Are you gonna use a off the shelf database and write your logic in the application? * Are you gonna build your own graph database platform?  * Any of these scenarios you will run into problems slow performance and you need to understand why  Building a monitoring system? are you gonna integrate an existing database ? or build your own?     2. Be Pragmatic  (Algorithms are not always the solution)   * Most performance issues are not algorithm problems, they are just bad bugs. and misuse .. paging  We are a sorted 100 items takes 1 minute to sort and return.. merge sort or heap or quick sort won’t help you   3. Always keep learning to be open to learn new Algorithms
13:29
May 9, 2020
My Preferred Method of Learning Backend Engineering Technologies Fast
In this video I want to talk about my preferred method of learning backend engineering technologies, I prefer podcasts and youtube videos some people prefer books. My First Programming Book My Problem with Learning in Books My Preferred Method of learning (Podcasts) YouTube Videos Problem is Biased .. Details in WIkipedia then Recommended Podcasts https://softwareengineeringdaily.com/ https://www.dataengineeringpodcast.com/ https://changelog.com/podcast Recommended YouTube Channels https://www.youtube.com/user/TechGuyWeb https://www.youtube.com/user/99baddawg https://www.youtube.com/channel/UCRPMAqdtSgd0Ipeef7iFsKw https://www.youtube.com/channel/UCn1XnDWhsLS5URXTi5wtFTA
11:39
May 5, 2020
What is a Message Queue and When should you Queues?
Message Queues system like RabbitMQ and Kafka are amazing technologies but when should you actually use a message queue? I discuss this in this video.
13:04
May 1, 2020
RabbitMQ Channels, HTTP/2 Streams and How QUIC can fix the limitation Message Queues
In this video I talk about RabbitMQ Channels compared to HTTP/2 Streams and how QUIC helps mitigate some of the major limitations in Channels and Streams. Chapters 0:00 Intro 0:10 RabbitMQ Channels 3:10 HTTP/2 Streams 6:00 How QUIC Helps
09:49
May 1, 2020
Can QUIC Protocol be used as in Databases ? Web Application Database Pooling, head of line blocking and more
In this video I discuss why QUIC will make a great communication protocol for databases and how it solves a critical problem with stateless web applications. Web applications uses database connection pooling to establish database connections on the backend. But that creates other sorts of problems. Timecodes 0:00 Intro 0:20 Database Communication Protocols 2:00 Problem with Sharing Database Connections 6:50 How QUIC streams can help Databases
12:41
April 29, 2020
When should you shard your database?
Database Application level sharding is the process of splitting a table into multiple database instances in order to distribute the load. However, Sharding a database is an expensive operation (maintainability and overhead) and I suggest you do that only when you absolutely need to. That means when your single instance database can no longer serve queries with minimum latency. So I suggest you monitor that and only shard if necessary.. I rather do replication make master / backup and make requests read from replica than Sharding just because it is easier.. good question... nice idea for a video 5:00 Partition horizontally 7:45 Replication (Master/backup) Scale reads 11:00 Scale writes by region 12:30 Sharding 16:40 Sharding in YouTube
21:19
April 28, 2020
Advice for Junior backend engineers who just started new jobs
In this video I give some advice to junior backend engineers who just started their new jobs and feel overwhelmed. Backend engineering jobs can be overwhelming at the start, there are so much to learn, so much to read, documentation, tests, code in multiple programming languages. Here are some advice for Junior backend engineers. 0:00 Intro 1:20 Take your time 6:05 Stay hungry keep learning 8:36 Assume your collages know something you don’t 12:42 Don’t bad mouth other people code even if its bad 17:19 Question everything
23:29
April 25, 2020
Why System Design and Architecture is an Art ?
Creating a software design is an art here is why 
02:34
April 23, 2020
What makes a good Software Tester?
Software Testing is Art, In this video, I discuss what makes a Good Software Tester. How can you become a better software tester that people line up to give pick you? Organizations build software products. But the software is useless if it is filled with bugs. A bug discovered after the product is shipped costs the organization a lot of money. A bug that is discovered before shipping saves the organization time and resources. So organizations line up to find good software engineers that are great in troubleshooting and testing.
11:22
April 22, 2020
JSON Web Token
JSON Web Token (JWT, sometimes pronounced JOT) an internet standard for creating JSON-based access tokens that assert some number of claims. The tokens are signed either using a private secret or a public/private key. In this video I want to discuss the difference between JWT and Session Based Auth, will show examples with Node JS and Postgres. Finally I’ll discuss the pros and cons of JWT.
57:00
April 19, 2020
Main Difference between Asynchronous, Multithreading and Multiprocessing Programming
In this video I explain the main difference between asynchronous execution, multithreading and multiprocessing programming. There are advantages and disadvantages of each approach. Synchronous 0:30 Multithreading a process have many threads shared resources 3:20 Async io single thread 6:00 Multiprocessing  11:00 Threads are evil https://web.stanford.edu/~ouster/cgi-bin/papers/threads.pdf sync vs async, multithreading vs multiprocessing, multithreading async, threading
15:32
April 12, 2020
How End to End encryption work?
In this video I explain End to End encryption within the context of WhatsApp. I explain how encryption and TLS works then the problem of having a centerlized server decrypting the traffic, I then talk about how end to end encryption (e2e) can help mitgate that and finally I explain the problems with e2e encryption Classic Encryption Example 1:00 End to end encryption 3:25 Problem with E2E 7:30 - Trust? Fingerprints/CA (QR whatspp) encryption 00:30 encryption, e2e encryption, end to end encryption, whatsapp end to end encryption, how e2e works, e2e limitations
13:51
April 12, 2020
WhatsApp Limits Messages that can be Forwarded
WhatsApp Introduced long time a go Unlimited forwarding then limited Up to 5 times Double forwarded too many times (last year) Double forwarded messages can only be forwarded once or even none Forwarding feature end to end encryption Sent/delivered/read https://www.cnbc.com/2020/04/07/whatsapp-limits-message-forwards-to-combat-coronavirus-misinformation.html
05:13
April 12, 2020
Forward Proxy vs Reverse Proxy Explained
In this video, I explain the difference between a proxy and a reverse proxy. This is a refreshed version of the proxy video I made.   What is a Proxy ?  Proxy use cases - Logging - Anonymity - Geofencing  - Caching - Block sites (office)  - Enable Polyglot    What is Reverse Proxy?  Reverse Proxy Example Reverse Proxy Use Cases  - Caching (Varnish)  - Load Balancing - Ingress (/pics)  - Canary Deployment   Many types of proxy check it here  Q and A * can we use proxy and reverse proxy together?  * Can I use Proxy to hide my identity instead of a VPN?  * Can I use proxy just for HTTP?     tags: proxy vs reverse proxy, reverse proxy benefits, what is a reverse proxy, what is a proxy, what is the difference between proxy and reverse proxy   Sidecar proxy 4:14 Load balance 7:40  Proxy Reverse Proxy 5:00   🏭 Software Architecture Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9  💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2  🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr  🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC  🐘 Postgres Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj  🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r  🧮 Programming Pattern Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe  🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv  🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO  🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX  🔆 Javascript Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM  👾Discord Server https://discord.gg/CsFbFce  Support me on PayPal https://bit.ly/33ENps4  Become a Patreon https://www.patreon.com/join/hnasr?  Stay Awesome, Hussein
14:17
April 9, 2020
What is a Distributed Transaction in Microservices?
In this video I explore what is a distributed transaction but first I explain what is a transaction, then why we invented distributed transactions and finally discuss proposed solutions to implement distributed transactions   Cards 2:40 ACID https://www.youtube.com/watch?v=pomxJOFVcQs 7:30 Microservices https://www.youtube.com/watch?v=T-m7ZFxeg1A    Transactions 2:30 Compensating Edits 6:40 Atomic Clocks 11:50 Event Sourcing 13:30 Mini-Monolith 15:20   Resources  https://www.youtube.com/watch?v=YPbGW3Fnmbc  https://www.youtube.com/watch?v=S4FnmSeRpAY  https://www.youtube.com/watch?v=epOLEdaPSLQ  https://softwareengineeringdaily.com/2018/12/19/linkerd-service-mesh-with-william-morgan/     🏭 Software Architecture Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9  💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2  🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr  🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC  🐘 Postgres Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj  🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r  🧮 Programming Pattern Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe  🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv  🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO  🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX  🔆 Javascript Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM  👾Discord Server https://discord.gg/CsFbFce  Support me on PayPal https://bit.ly/33ENps4  Become a Patreon https://www.patreon.com/join/hnasr?  Stay Awesome, Hussein
21:27
April 5, 2020
Chrome follows FireFox steps - Rolling back SameSite cookie change
A very necessary change and good step made by Google Chrome Team to rollback the same site cookie change Blog https://blog.chromium.org/2020/04/temporarily-rolling-back-samesite.html Firefox re-enables https://www.youtube.com/watch?v=sh3TPId35Ec SameSite Cookie Attribute https://www.youtube.com/watch?v=aUF2QCEudPo
05:17
April 4, 2020
Bloom Filters Explained
In this video I explain why we invented bloom filters and where you can use it to make your queries more efficent.
09:18
April 2, 2020
What is On Demand TLS?
On-Demand TLS is a new feature developed by Caddy Web Server that allows TLS certificate to be generated on the first request, I explain this tech and their pros and cons in this video.
14:54
March 30, 2020
Lazy Loading vs Eager Loading with Node JS & Express
Lazy Loading is a technique where a piece of data is being loaded when needed instead prior. This ensures Fast startup times but can delay requests. In this video I’ll show both Eager loading and the lazy loading with example Node JS
08:22
March 29, 2020
The good the bad and the ugly on gRPC
In this podcast I discuss the good, the bad and the ugly about gRPC. No technology is perfect. 
15:51
March 28, 2020
This is why gRPC was invented
THIS IS MAIN reason gRPC was invented 8:40 -> 16:40 (8 minutes) In this video I discuss the reasoning and all the problems and limitations that lead to the invention of gRPC.
09:02
March 28, 2020
Firefox re-enables TLS 1.0 & TLS 1.1 to allow access to legacy websites hosting COVID19 information
Firefox has disabled TLS 1.0 and TLS 1.1 to improve your website connections. Sites that don't support TLS version 1.2 will now show an error page.  We reverted the change for an undetermined amount of time to better enable access to critical government sites sharing COVID19 information. https://www.youtube.com/watch?v=grVVuGnN9IE https://www.mozilla.org/en-US/firefox/74.0/releasenotes/ https://twitter.com/cramforce/status/1242515799215988737?s=21
04:15
March 25, 2020
Episode 141 - Software Chat - Copy and Paste Code, Tutorial Hell, Frontend Frameworks, GitHub Pull request Trolling and more
Copy and Paste Code, Tutorial Hell, Frontend Frameworks, GitHub Pull request Trolling and more
26:16
March 23, 2020
Episode 140 - Software Chat - Learning at Home, Consistent Hashing, Empathy with Engineers and More
New software chat series let me know if you like it
18:36
March 21, 2020
Episode 139 - How to Become a Good Backend Engineer (Fundamentals)
In this video, I discuss the path of becoming a backend engineer through concepts and fundamentals. These are not tools 🧰 these are backend concepts and fundamentals technologies.    - Communication Protocols 3:30     - TCP,UDP     - QUIC     - HTTP     - WebSockets     - gRPC - Web Servers 8:40     - How web servers work?     - Dynamic vs Static Content     - E-Tags      - HTTP protocol  - Database Engineering 11:00     - Relational vs NoSQL     - ACID - Proxies (Reverse Proxies, Load balancer) 13:31     - What is difference between Proxy vs Reverse Proxy     - Layer 7 Proxy vs Layer 4 Proxy      - Reverse Proxy applications     - Load Balancing algorithms  - Caching 15:40     - When to use Caching - Message queue, Pub/Sub 16:36     - When to use PubSub messaging first queue.  - Web Frameworks (API authoring) 18:30     - Express, Django, Node JS  - Message Formats (JSON, protobuf) 19:24     - JSON & protobuf  - Security 20:50     - TLS, Encryption, Firewalls
26:39
March 19, 2020
Episode 138 - Firefox Implements DNS over HTTPS This is good but also might be bad
FireFox DNS over HTTPS is a great step to a more secure web however it is absolutely useless without this ESNI. I also discuss doh in this video, esni and why this might not be a good idea https://blog.mozilla.org/blog/2020/02/25/firefox-continues-push-to-bring-dns-over-https-by-default-for-us-users/
16:25
March 15, 2020
Episode 137 - Active-Active vs Active-Passive Cluster Pros and Cons
In this video I want to talk over the active active active vs active passive cluster configuration for high availability. We will also explain the pros & cons of using an active-active cluster vs using an active-passive cluster.
11:46
March 15, 2020
Episode 136 - Sidecar Proxy (Pros and Cons)
A sidecar proxy is an application design pattern which abstracts certain networking features, such as inter-service communications, monitoring and security, timeouts, retries, communication protocols, away from the main architecture to ease the maintenance of the application as a whole. In this video I’d like to talk about how we classically do things: Library Pattern getComments HTTP1:1/JSON Add features retries/timeout /hardcode the server name what it changed/add new server to load balance between them/credentials Sidecar pattern getComments HTTP/2 Sidecar proxy/container Examples Microservices (Linkerd, Envoy, Istio) Pros Language agnostic (polyglot) Protocol upgrade Security Tracing and Monitoring Service Discovery Caching Cons Complexity Latency SideCar Proxy must be layer 7 Library 2:25 Sidecar: 7:40 Example: 13:00 (https://www.youtube.com/watch?v=cp3Ku1XeOn8) Pros & Cons : 16:15 Cards 6:22 HTTP/2 10;50 Reverse Proxy / proxy example 13:00 (https://www.youtube.com/watch?v=cp3Ku1XeOn8) 16:00 Layer 4 vs Layer 7 load balancer
26:57
March 8, 2020
Episode 135 - mySQL 8.0 has a new feature called Atomic DDL and it is not what you think
MySQL 8.0 supports atomic Data Definition Language (DDL) statements. This feature is referred to as atomic DDL. An atomic DDL statement combines the data dictionary updates, storage engine operations, and binary log writes associated with a DDL operation into a single, atomic transaction. The transaction is either committed, with applicable changes persisted to the data dictionary, storage engine, and binary log, or is rolled back, even if the server halts during the operation. I discuss mySQL 8.0 atomic ddl compared to Postgres transactional ddl
06:44
March 5, 2020
Episode 134 - gRPC
gRPC (gRPC Remote Procedure Calls[1]) is an open source remote procedure call (RPC) system initially developed at Google in 2015[2]. It uses HTTP/2 for transport, Protocol Buffers as the message format. In this video I want to explore gRPC, go through examples, pros and cons of gRPC. Client/ Server communication SOAP HTTP (REST) WebSockets Client Libraries gRPC gRPC Demo todos gRPC Pros and Cons Pros Fast two/uni and request Unform One library to rule them all Progress feedback( long synchronous requests) drop pluggable wait...) cancel request All benefits of H2 and Protobuff Cons schema based (not everyone wants schema) Thick client - limited languages - Proxies still don’t understand it Still young Error handling No native browser support Timeouts, circuit breaker just like any RPC (pub/sub rules in this case) Can you create your own protocol? Spotify example with Hermes
1:19:37
February 29, 2020
Episode 133 - Firefox fixes a bug that prevented users from signing into the Royal Bank of Canada (73.1)
Firefox version 73.1 fixes a bug that prevented users from signing into Royal Canadian Bank  (Firefox fixed a bug that prevented Canadians from signing in to their bank royal Canadian bank) what caused it? Lets get into it   * Users will sign in and will get blank page.  * Cause Beacon API and HTTP/2  * Bug has been there forever    Sources https://bugzilla.mozilla.org/show_bug.cgi?id=1613943#c16 🏭 Software Architecture Videos
05:26
February 26, 2020
Episode 132 - Optional Chaining and nullish coalescing coming to Javascript, how useful are they and when can you use them?
Some cool new features are coming to the Javascript language namely Optional chaining and nullish coalescing how useful are they? lets discuss So Optional chaining and nullish coalescing are coming to the Javascript language. I think it is already in the Javascript Engines (V8, SpiderMonkey, JavascriptCore and Chakra) which will be picked up by other clients such as browsers, node js , dino other stuff .. Cool stuff lets get into it. Show them (chrome devtools) Where is it available? Node JS not yet (13.9 V7.9) (https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V13.md#13.9.0) Resources V8 release v8.0 · V8 Optional Chaining https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Optional_chaining Nullish coalescing https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Nullish_coalescing_operator
13:12
February 23, 2020
Episode 131 - Firefox deprecates support for TLS 1.0 and 1.1 ( THIS IS GREAT! BUT .... )
We are one step closer to a more secure web. Firefox disabled TLS 1.0 1.1 It’s a big change that I am very happy about but not everyone is. Let's discuss . Resources https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ https://www.openssl.org/~bodo/ssl-poodle.pdf Firefox disabled TLS 1.0 1.1 It’s a big change that I am very happy about but not everyone is. Lets discuss Resources https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ https://www.openssl.org/~bodo/ssl-poodle.pdf
12:38
February 17, 2020
Episode 130 - Envoy fixes a critical security bug related to HTTP headers with whitespaces
Google engineer Alyssa Wilk discovers a critical security bug related to whitespaces in header values. Envoy and Node JS fix this by releasing a security patch. let us discuss it. tags: envoy, envoy proxy, envoy security, envoy proxy whitespace, Alyssa Wilk
09:04
February 11, 2020
Episode 129 - Node JS Releases a Fix for an HTTP Request Smuggling Vulnerability
Node JS Releases a Fix for an HTTP Request Smuggling Vulnerability, we discuss the attack and the fix in detail.
12:17
February 9, 2020
Episode 128 - Google blocks Embedded browsers sign ins to avoid MITM phishing attacks
In April 2019 Google blocked sign-ins from Embedded Browsers to avoid man in the middle phishing attacks. In this video, we discuss why.    https://security.googleblog.com/2019/04/better-protection-against-man-in-middle.html?m=1
07:42
February 9, 2020
Episode 127 - PostgreSQL 12 has some interesting new features, Is it worth the upgrade?
PostgresSQL version 12 has been released, let's go through the features that I think are most interesting and cool. #softwarenews   Feature Matrix https://www.postgresql.org/about/featurematrix/   - Allow adding columns to Index (GIST) https://www.postgresql.org/about/featurematrix/detail/314/  - COPY FROM WHERE COPY FROM ... WHERE  - More native support of JSON objects https://www.postgresql.org/docs/12/functions-json.html#FUNCTIONS-SQLJSON-PATH  - Reindex concurrently (slow but allows writes) https://www.postgresql.org/docs/12/sql-reindex.html#SQL-REINDEX-CONCURRENTLY - Performance on large partitioned tables - Stored Generated Columns
16:02
February 9, 2020
Episode 126 - Will the New Chrome version 80 finally end Cross-Site Request forgery?
Google just released the latest version of Chrome (80) and one of the interesting features making a big change to the default cookies that might actually prevent CSRF forever. Let’s discuss this.   #softwarenews  *  Same Site Attribute * Break some apps * Devs must explicitly set None;secure * Will this end CSRF    Resources  https://youtu.be/GPz7onXjP_4  https://www.chromestatus.com/feature/5088147346030592    News Theme 2 by Audionautix is licensed under a Creative Commons Attribution license (https://creativecommons.org/licenses/by/4.0/) Artist: http://audionautix.com/
11:05
February 4, 2020
Episode 125 - Layer 4 vs Layer 7 Load Balancing
Load balancing is process of balancing incoming requests to multiple machines, processes or services. In this video we will explain two types of load balancers, layer 4 and layer 7. Layer 4 - haproxy, NLB  Pros  - great for simple packet-level load balancing  - Fast and efficient doesn’t look at the data  - More secure as it cant really look at your packets. So if it was compromised no one can look  - Uses NAT  - One connection between client and server NATed  Cons  - Can't do smart load balancing based on the content, such as switch request based on the requested media type  - Cant do microservices with this type  - Has to be sticky as it is a stateful protocol (all segments) Layer 7 (Nginx , haproxy) This type of proxy actually looks at the content and have more context, it knows you are visiting the /users resources so it may forward it to a different server. Essential and Great for microservices , it knows the content is video:image etc..
37:32
January 29, 2020
Episode 124 - NginX
NginX is an open source web server written in C and can also be used as a reverse proxy and a load balancer. In this video, I want to go through the following topics in NginX What is NginX? 2:25 Current & Desired Architecture 4:58 Layer 4 and Layer 7 Proxying in Nginx 8:40 Example 10:25 Install Nginx (mac) 13:30 Nginx as a Web Server 15:00 (webserver.conf) Static context location root 20:00 regular expression 27:00 proxy pass 30:30 Nginx as a Layer 7 Proxy 33:30 Proxy to 4 backend NodeJS services (docker) 37:00 IP_Hash load balaning 43:00 Split load to multiple backends (app1/app2) 46:00 Block certain requests (/admin) 49:00 NGINX as a Layer 4 Proxy 51:30 Create DNS record 1:01:08 Enable HTTPS on Nginx (lets encrypt) 1:05:08 Enable TLS 1.3 on Nginx 1:14:00 Enable HTTP/2 on NGINX 1:17:10 Summary 1:20:10 Cards 3:40 proxy vs reverse proxy https://www.youtube.com/watch?v=ozhe__GdWC8&t=1s 8:50 OSI Model https://www.youtube.com/watch?v=7IS7gigunyI 10:00 L4 vs l7 load balancer https://www.youtube.com/watch?v=aKMLgFVxZYk 34:00 spin up docker app https://www.youtube.com/watch?v=vmSMrQ8Ev9w&t=14s 44:26 stateless vs stateful https://www.youtube.com/watch?v=nFPzI_Qg3FU 1:16:30 TLS video https://www.youtube.com/watch?v=AlE5X1NlHgg&t=8s
1:26:53
January 20, 2020
Episode 123 - Horizontal vs Vertical Database Partitioning
In this podcast I explain what database partitioning is and illustrate the difference between Horizontal vs Vertical Partitioning, benefits and much more.   Why Partitioning?
11:35
January 2, 2020
Episode 122 - ARP
ARP Address Resolution Protocol is a protocol that maps IP address to a mac address so hosts can be addressed. I want to make a video explaining ARP because it is starting to surface a lot in different videos that I’m making such as man in the middle, load balancing, and security.  
15:26
December 31, 2019
Episode 121 - What happens when you type google.com into your browser address box and hit enter?
In this video I want to go through what really happens under the hood when you type google.com and you hit enter in a browser. This is inspired by alex’s github page below, it is a great detailed description of what happens. I did however add more details to certain areas and I removed some stuff like keyboard events and low level operating system like that. So if you are interested stay tuned! https://github.com/alex/what-happens-when 5:30 HSTS https://youtu.be/kYhMnw4aJTw 19:30 tcp vs udp https://youtu.be/qqRYkcta6IE 24:42 tls https://youtu.be/AlE5X1NlHgg 40:56 mimesniffing https://youtu.be/eq6R6dxRuiU Initial typing - lookup for most visited sites or an actual search Google.com Enter - parse is it a url or search term? If search do a search if url visit website Which protocol? which port ? HSTS? HTTPS or HTTP? DNS cached? Hosts? DoH? Lookup ? TCP ip / port ? arp? NAT? proxy? HTTP 1.1 ? More than one connection TLS version? ciphers? Alpn? SNI ? H2 ? H3? Quic? GET / - ? Headers compress cookies? binary stream? HTML? H2 push? HTML Parse? Make multiple requests css? JS? Multiple streams? If H1 then pipeline?
47:03
December 30, 2019
Episode 120 - What is Fail-over? Achieving High-Availability
Failover is the technique of switching to a redundant backup machine when a certain node goes down. This is a very common implementation for achieving high availability and it is often mixed with different load balancing techniques such as layer 4 and layer 7 balancing.  In this video i want to go through following  * What is Failover? 1:47
 * ARP - Address Resolution Protocol 3:00
 * VIP & VRRP 5:40
 * High-availability Example 12:12
  Cards 4:00 ARP 12:50 docker javascript 18:00 OSI Model     
20:02
December 28, 2019
Episode 119 - HAProxy
HAProxy is free, open source software written in C that provides a high availability  layer 4 and layer 7 load balancing and proxying . It has a reputation for being fast and efficient (in terms of processor and memory usage). In this video I want discuss the following Current & Desired Architecture 2:30 HAProxy Architecture  5:50 HAProxy as TCP Proxy & HTTP Proxy (Layer 4 vs Layer 7) 17:00 ACL (Access Control Lists) 19:20 TLS Termination vs TLS Pass Through 20:40 Example 24:23 Spin up the services 25:51 Install HAProxy - 28:00 HAProxy configuration 29:11 ACL Conditional 39:00 ACL Reject URL 48:00 Enable HTTPS HAProxy 53:00 Enable HTTP/2 on HAProxy 1:05:30 Summary Cards Docker Javascript node 4:00 Varnish 15:46 NAT 23:30 Docker Javascript node 26:00 Encryption 56:00 TLS 56:10 HTTP2 1:08:40 Source Code for Application HAProxy config https://github.com/hnasr/javascript_playground/tree/master/proxy Docker application https://github.com/hnasr/javascript_playground/tree/master/docker resources https://www.haproxy.com/blog/the-four-essential-sections-of-an-haproxy-configuration/ https://www.haproxy.com/documentation/aloha/10-0/traffic-management/lb-layer7/acls/#predefined-acls https://certbot.eff.org/lets-encrypt/osx-nginx
1:14:36
December 23, 2019
Episode 118 - SSL Stripping and HTTP Strict Transport Security
HSTS or HTTP Strict Transport Security is a mechanism to force clients to communicate in HTTPS with a web server if both support this protocol.   In this podcast, I talk through this tech.
18:25
December 23, 2019
Episode 117 - Database Engines
Database engines or storage engines or sometimes even called embedded databases is software library that a database management software uses to store data on disk and do CRUD (create update delete) Embedded means move everything in one software no network client server. In this video I want to go through the few popular database engines, explain the differences between them and finally I want to spin up a database and change its engine and show the different features on each engine Timecodes What is a database Engine 3:00 myISAM 9:43 Aria 16:30 InnoDB 19:00 XtraDB 25:30 LevelDB 27:40 RocksDB 34:00 SQLite 38:11 BerkelyDB 42:00 Demo! 47:11 Cards ACID 4:30 mysql/javascript 56:17 Resources https://youtu.be/V_C-T5S-w8g https://mariadb.com/kb/en/library/changes-improvements-in-mariadb-102/ https://mariadb.com/kb/en/library/why-does-mariadb-102-use-innodb-instead-of-xtradb/ https://github.com/facebook/rocksdb/wiki/Features-Not-in-LevelDB https://mariadb.com/kb/en/library/aria-storage-engine/ Best of MyISAM and InnoDB What is the performance impact of using CHAR vs VARCHAR on a fixed-size field? MySQL :: MySQL 8.0 Reference Manual :: 15.6.2.1 Clustered and Secondary Indexes Why Uber Engineering Switched from Postgres to MySQL | Uber Engineering Blog
1:07:33
December 20, 2019
Episode 116 - Database Sharding
Database Sharding Crash Course (with Postgres examples) Database sharding is process of segmenting the data into partitions that are spread on multiple database instances to speed up queries and scale the system. What is sharding? sharing key / partition key Consistent Hashing Horizontal partitioning vs Sharding Example Pros and cons What is Sharding? 1:30 Consistent Hashing 4:50 Horizontal partitioning vs Sharding 7:36 Example 8:45 Spin up Docker Postgres Shards 10:02 Write to the shard 17:25 Read from the Shard 39:20 Pros & Cons 51:10 Cards Postgres pgadmin Docker 8:54 Postgres Javascript 18:18 URL vs Query param 22:30 CORS 29:30 sql injection 42:40 Source Code https://github.com/hnasr/javascript_playground/tree/master/sharding Docker commands (including pgadmin) https://github.com/hnasr/javascript_playground/blob/master/sharding/shards/commands.txt Dockerfile & init.sql https://github.com/hnasr/javascript_playground/tree/master/sharding/shards Horizontal partitioning vs Sharding HP same database instance so you can still join sharding across instances (different server) Pros Extreme scale rdbms Optimal and Smaller index size Cons Transactions across shards problem Rollbacks Schema changes Complex client (aware of the shard) Joins Has to be something you know in the query Example URL shortener create table CREATE TABLE public.test1 ( id serial NOT NULL primary key, url text, url_id character(5) ) Spin up 3 instances p1 P2 P3 post get
59:17
December 18, 2019
Episode 115 - Varnish HTTP Accelerator
Varnish is a reverse proxy web accelerator  Written in C designed to improve HTTP performance by using server side caching. In this video I’m going to go through how Varnish works, we will spin up a Varnish docker container and finally talk about the pros and cons of this tech. Agenda Classic HTTP Architecture How Varnish Works? HTTP Setup - Varnish HTTPS Setup - Varnish with Caddy as TLS Terminator. Varnish Pros & Cons Summary Pros Cache & prefetching documents Resolve DNS hostnames in documents Rewrite scripts to optimize code Load Balancing Backend Connection Pooling Varnish Modules (VMODS, e.g. rewrite headers) Edge side includes (personalized dynamic page) Cons Cache Invalidation Only works on unencrypted HTTP For HTTPS frontend, terminate TLS For HTTPS backend, no solution in Varnish open source Can’t cache POST requests (e.g. GraphQL queries) HTTP/2 backends won’t benefit docker commands docker run --name varnish -p 8080:80 varnish docker cp default.vcl varnish:/etc/varnish default.vcl vcl 4.0; backend default { .host = "husseinmac"; .port = "2015"; } timecodes Classic HTTP Architecture : 1:53 How Varnish Works 3:50 Demo HTTP 7:50 Demo HTTPS 18:23 Varnish Pros 28:43 Varnish Cons 39:26 Cards: Connection Pooling 2:15 https://www.youtube.com/watch?v=GTeCtIoV2Tw Layer 4 vs Layer 7 Load balancing 6:25 https://www.youtube.com/watch?v=aKMLgFVxZYk GET vs POST 6:48 https://www.youtube.com/watch?v=K8HJ6DN23zI Postgres NodeJS Chrome 8:23 https://www.youtube.com/watch?v=0JNq46eFuOM Redis 46:13 https://www.youtube.com/watch?v=sVCZo5B8ghE TLS Termination 49:35 https://www.youtube.com/watch?v=H0bkLsUe3no tags: varnish http accelerator, varnish pros and cons, varnish with https, varnish disadvantages Resources edge side includes https://www.fastly.com/blog/using-esi-part-1-simple-edge-side-include Cache invalidation varnish https://www.smashingmagazine.com/2014/04/cache-invalidation-strategies-with-varnish-cache/ ——
51:07
December 18, 2019
Episode 114 - HTTP/2
short is a major revision of the hyper text transfer protocol that improves the performance of the web. It uses a binary protocol and multiplexing. In this video I want to go through how HTTP/2 works, its pros and cons and show the performance difference between HTTP 1.1 and HTTP/2 Http/1 request has to wait for a response And if you used up your connection response you can send anything else. Source Code: https://github.com/hnasr/javascript_playground/tree/master/staticpage So hack ! 6 tcp connections Pros One connection Multipex Push ( have to enable) Hpack (compress) Cons Abuse push Proxies that dont support it might slow down Load balancer layer 7 (a layer 7 load balancer that doesnt support h2 will slow down when your web server supports it) Cards 1:25 HTTP crash course 12:30 TLS Time codes HTTP 1.1 2:15 HTTP/2 5:50 HTTP/2 With Push 8:25 HTTP/2 Pros 9:48 HTTP/2 Cons 14:10 Demo 17:15 +----------+--------+---------+---------+ | Protocol | Online | Fast 3G | Slow 3G | +----------+--------+---------+---------+ | HTTP 1.1 | 94 ms | 10 s | 36 s | +----------+--------+---------+---------+ | HTTP/2  | 171 ms | 2.7 s  | 10 s | +----------+--------+---------+---------+
24:09
December 18, 2019
Episode 113 - Collateral Knowledge
Sorry about the free form audio and low quality thought I post something here its been while
12:46
December 9, 2019
Episode 112 - Tor (The Onion Router)
Tor or (The Onion Router) is a free and open source project for allowing anonymous communication. In this video I want to discuss this technology and explain how it works. What can sniffers really see? Why Tor? Why don’t we just use a VPN? How Tor Works? More about Tor So if you are interested stay tuned. Cards: 6:00 TLS 10:53 symmetric key encryption TimeCodes: Normal Request 1:30 What sniffers see 4:30 Why Tor and not VPN? 6:00 How Tor Works 8:50 More tor info 21:00 Tor Directory Relay node Exit node Guard node
23:47
November 30, 2019
Episode 111 - Kafka
Apache Kafka is a distributed stream processing software developed by LinkedIn and written in Scala and Java. In this video I want to focus on the basics on Kafka, talk about how it works give finally spin up a kafka cluster and write a producer and a consumer. Kafka Components _ producer _consumer _topic _partition How Kafka works Example ( Ride sharing ) Spin Kafka cluster Write a producer Write a consumer Kafka Applications Pros and Cons
1:18:05
November 30, 2019
Episode 110 - Do you need a VPN?
Tom Scott Full Video https://youtu.be/WVDQEoe6ZWY Tom Scott is a YouTuber with around 2M subscribers who discusses and specialized in computer security. I always enjoy his videos specially those on computerphile. He recently made a very interesting video titled This video is sponsor by —- We all probably know this is a reaction video to NordVPN Hack. He is really smart and not just because of his accent I wanted to make a video to elaborate on some of the statements that Tom made in his video and how that actually work. Cards 5:30 TLS https://www.youtube.com/watch?v=AlE5X1NlHgg 12:24 TLS Termination https://www.youtube.com/watch?v=H0bkLsUe3no Forged certificate https://slate.com/technology/2016/12/how-the-2011-hack-of-diginotar-changed-the-internets-infrastructure.html
15:31
November 3, 2019
Episode 109 - RabbitMQ
RabbitMQ RabbitMQ is an open source distributed message queue written in Erlang and supports many communication protocols. It was trying to solve the spaghetti 🍝 mesh architecture where every client is communicating with other client in System by introducing an extra layer in the middle. (slide) In this video we will explain basic components of RabbitMQ Such as AMQP, channel, queue, publisher, consumer and some stuff, we will also learn how to spin up a RabbitMQ server and we will finally write some code to develop a publisher client that post messages to RabbitMQ. We will also write the consumer piece which will be the code that reads rabbitMQ. Finally I will talk about my personal thoughts on this tech. RabbitMQ Components(slide) *Publisher *Consumer *Connection *Channel *Queue Spin RabbitMQ server with Docker Write a Publisher client NodeJs Write a Consumer client Nodejs My Thoughts about this tech Summary timecodes components 2:00 spin up docker rabbit 8:30 Write a Publisher client NodeJs 11:00 Write a consumer client NodeJs 20:30 my thoughts 33:50 Source Code: https://github.com/hnasr/javascript_playground/tree/master/rabbitmq Example Schedule async job Exchange Queues Publisher Consumer AMQP Channel Connection HTTP AMQP Uses Channels and Queues Multiples channels into one connections docker run --name rabbitmq -p 5672:5672 -d rabbitmq docker run --name rabbitmq -p 5672:5672 -p 15672:15672 -d rabbitmq:3-management HTTP fetch("http://localhost:15672/api/vhosts”, {headers: {"Authorization" : `Basic ${btoa('guest:guest')}`}}).then(a=>a.json()).then(console.log) fetch("http://localhost:15672/api/channels", {headers: {"Authorization" : `Basic ${btoa('guest:guest')}`}}).then(a=>a.json()).then(console.log) fetch("http://localhost:15672/api/queues", {headers: {"Authorization" : `Basic ${btoa('guest:guest')}`}}).then(a=>a.json()).then(console.log) https://www.squaremobius.net/amqp.node/channel_api.html#channel_bindExchange https://www.rabbitmq.com/tutorials/tutorial-three-javascript.html
42:52
November 3, 2019
Episode 108 - Redis
Redis is a noSQL key-value store, in memory database first that exploded in popularity in the past few years. In this video slash course, we will explain what Redis is, talk about the in-memory model, the optional durability, replication, clustering publish subscribe and the protocol and finally we will go through examples. During the video I will add time codes to each topic so you guys can jump to the topic that interests you the most.    Table of Content and TimeCodes  Redis as a NoSQL In Memory Key-Value store 3:49Optional Durability 10:00Transport Protocol 15:10Pub/Sub 18:24Replication and Clustering 20:40Examples 23:41Spin Docker 26:10Command CLI 28:50Set key 30:30  get key 31:00Set key with expiry 31:10exists key 32:00del 32:30  append key 32:50  publish subscribe 33:30   Commands  Docker run --name redis -p 6379:6379 redis docker exec -it rdb redis-cli    Cards 4:25 ACID!     Support me on PayPal  https://bit.ly/33ENps4  Become A Patron https://www.patreon.com/join/hnasr?
37:42
October 4, 2019
Episode 107 - GraphQL Pros and Cons, examples and when to use over REST
GraphQL Pros and Cons, examples and when to use over REST GraphQL is an open source query language developed by facebook that allows clients to formulate queries to get different results. Its main goal is to combine multiple services into one endpoint. In this video we will discuss what is GraphQL, why facebook developed it, go through some examples using github GraphQL API, finally we will discuss the pros and cons and when you should use this technology. What is GraphQL? Examples Pros and Cons when to use REST vs GRAPHQL What is GraphQL Schema Query language Nesting Mutation and subscription Examples Schema intro Github API Rest api Pros Flexibility efficient response : payload back only get what you want of fields since you know the schema No round trips- Avoiding multiple round trips (HATEOS REST) Uniform single interface API endpoint Self documenting Cons Complexity Typed system - ( use it to know if a type is available or not and fork logic) slows down adoption.. same as soap No Caching etag since always POST Error management non-standard for HTTP. Over engineering can lead to Inefficiency of the joins can lead to performance and DOS
57:39
September 26, 2019
Episode 106 - Consistency vs Eventual Consistency
Consistency vs Eventual Consistency Consistency is the property of having expected result in view of the data or during reads while working with a database system. It is one of the ACID properties in relational databases. Eventual consistency is another term that was born recently specifcally as NOSQL databases got emerged. In this video we will talk discuss the difference the different kind of consistencies and we will explain what Eventual consistency and how both relational databases and NO SQL databases have this kind of consistency with some examples. Cache Leader Following Consistency in Data Your data broken into multiple normalized tables/collections is consistent. Consistency in Reads If you write a value new transactions will pick up that new value. If you do not have consistency in data you do not have eventual consistency, your data will not magically correct itself. If you have do not have consistency in reads you might have eventual consistency, you reads might eventually become consistent. Eventual Consistency means that your reads will become consistent as time pass time. This is true for both NOSQL and relational database system especially if you have leader/follower module. In this video we will talk about an example of eventual consistency and this is tolerable when it’s not. Eventually Consistency Benefits Twitter timeline (Eventual Consistency is good) Let’s say you tweeted something and you have a follower in Spain and a follower on New Zealand 🇳🇿 furthest two countries on Earth. Your Spain follower might see your tweet before your New Zealand one does. This depends on which datacenter your write goes to first. That eventual consistency is tolerable and its ok if New Zealand don’t see your tweets. Benefits Write scales much better, you can write to different locations and have them synced. Add more machine to scale to more and more users. Twitter privacy example (Eventual Consistency is bad) However take this scenario, you are Taylor Swift (Taylor swift wishes) a celebrity with 85 million followers. You tweeted something that you regretted later and decided to delete that tweet! That tweet better be deleted instantly to all your 85 million follows. Eventual consistency is not tolerable here otherwise people lose faith of the system. Well, you can always say well I’m gonna take a screenshot of Taylor Swift tweet. To which I would say I’ll give you another example, let’s say you changed your privacy setting to private and you tweeted something right after, that change should be immediately take effect and NO public user should see that tweet unless they are obviously in your followers. Problems: Users lose faith in the system. Cards 4:30 ACID https://www.youtube.com/watch?v=pomxJOFVcQs
15:10
August 27, 2019
Episode 105 - Relational Databases
  ACID ACID are four properties of relational database, they Atomocity, consistency, isolation and durability, and I think any one working with a relational database like postgres, mysql, sqlserver oracle, should understand these properties. In this video we will go through the four properties and explain why each is critical to make a relational database we will also talk about why some people are moving to  NOSQL database Atomicity  All or none. if a failure happened during transaction, db failure, or one of the queries failed.  Example Isolation Concurrency, is transaction isolated from other inflight transactions? if a transaction is in flight does it see changes from other inflight transactions? Does is it see any changes? Does it only see committed changes. Does leading to inconsistent results.  Problems arising from isolation (read phenomenons)  dirty reads Non repeatable reads Phantom reads  Isolation levels Read uncommitted Read committed  Repeatable read  Serializable  Durability When I commit a transaction does my changes stay durable after the database restarts/crashes etc.  See if your data still there.  Consistency Consistency from referential integrity keys  Does the number of likes on a picture = the number of rows that the picture got on another table? If a delete a picture does all the likes of that pictures go away on the other table. Consistency in reads  If I committed something does everybody see it immediately or are they going to get an old value? Consistency in concurrency Is the view of a transaction in flight consistent? Are other inflight transactions making changes to the database affects that transaction view? Jump Codes 2:00 What is a Transaction? 4:30 Atomicity  7:00 Isolation * 9:30 Isolation - Read phenomena * 11:40 Dirty Reads 14:40 Non-repeatable Read 17:00 Phantom read 18:53 Isolation Levels*2 19:20 Read uncommitted 19:55 Read committed 21:05 Non-repeatable Read 23:40 Serializability  25:00 Isolation Levels vs Read phenomena Table 27:45 Consistency  28:30 Consistency in Data 33:50 Consistency in Reads 35:00 Eventual Consistency  40:30 Durability  Cards 27:40 Exclusive lock vs shared lock
44:37
August 21, 2019
Episode 104 - REST API - The Good, the Bad and the Ugly
  REST stands for Representational state transfer its is an architecture that became very popular in build web APIs. It was the dissertation of Roy Fielding. In this video we discuss what makes an API RESTFUL, the REST APIs constrains, ill the show you an example of a RESTFUL api in github.  Representation and State transfer  Representational  The resource is a representation or meta data, but the actual backend could be something else and stored differently. An  Example, could be a user resource could be represented as a JSON object but it is stored on the backend as relation DBMS tables such as postgres.  State transfer The application server is stateless, and when we want communicate we transfer the current state of with each request. Thus the state transfer.   Example, lets say you are uploading a 5MB file in 5 chunks each is 1 MB in size and assemble it on the backend. The REST api end point takes the content along with a upload sequence, then persist it on a storage backend such as S3. Each chunk request could hit a completely different stateless server and the transfer will work fine since we are transferring the state (upload sequence) with every request. The client maintains the state in this case.  Rest constraints Client/server architecture Is there separation of concern? Can you upgrade your server without upgrading client? Can you upgrade the server without upgrading the client?  Statelessness Is your api stateless? Can you restart your backend server and clients of your api resume working normally without failing? Can you add a non sticky load balancer and transfer the load between the servers without the client breaking? Cachablity  Can resources that can be cached be cached with your api? And is there a way to identify stale resources?  Layered systems Can I insert gateways and proxies and firewalls silently without this architecture breaking? Load balancers  Uniform interface Resource identification (uri)  Resource Representation (json)  HATEOAS Hypermedia as an engine to application state Initial link can link to the rest ( github)  Github  Emojis 
25:45
August 7, 2019
Episode 103 - What is an HTTP Proxy? (Transparent, HTTP and Service Mesh Proxy examples)
A proxy is a software that intercepts traffic and forward it to the destination on behave of the client. This extra layer provide several advantages such as caching, load balancing, content filtering and much more. Some implementations of proxy can be used by governments to spy on its citizens. We made a video about proxy vs reverse proxy check it out if you want to learn more about the difference. In this video we will explain the different types of HTTP proxies and the benefits and use cases of using each coming up.  Transparent proxy (gateway)  HTTP insecure proxy Service Mesh Proxy Transparent proxy It is mostly used by the ISPs, clients don’t know they are connected to transparent proxy. The way it works is it looks at TCP/IP layer 4/3 and forward it to the destination, it might do some content filtering based on the IP address or the port so it blocks certain sites. But thats pretty much it. transparent proxy cannot know which pages are you viewing or your what youtube videos are you watching. It can block you from watching youtube all together but it cannot block you from watching lets say a specific youtube channel that is critical of the government ISP is located at.  Transparent proxy doesn’t change the content.  HTTP Proxy (insecure)  This kind of proxy is used alot, especially in service meshes like linkerd. This kind of proxy have to be configured in the client to use it. Each request will always be targeted to the proxy IP address / port. So when want to make a GET request to husseinnasser.com, and you have a proxy configured, when you look at the TCP packet for that request the destination IP and port is those of the proxy. The proxy looks at the GET request and specifically the HOST header and establishes another TCP connection to the actual destination on husseinnasser.com. So this kind of proxy maintains two tcp connections. Client to proxy and proxy to destination. The proxy have access to the content, it can block the website. It can know what exact page you are viewing. It knows everything because HTTP is insecure. Assuming youtube uses just HTTP, if you have a proxy setup it can block a specific channel or even video from being viewed. 1:05 proxy vs reverse proxy https://www.youtube.com/watch?v=ozhe__GdWC8 2:50 TLS https://www.youtube.com/watch?v=AlE5X1NlHgg Kazakhstan government is now intercepting all HTTPS traffic https://www.zdnet.com/article/kazakhstan-government-is-now-intercepting-all-https-traffic/
15:47
August 1, 2019
Episode 102 - The Evolution of HTTP (HTTP 1.0, 1.1, HTTP/2, HTTP/3)
  HTTP is a protocol for transferring web pages, text, media, binary files and much more. It stands for hyper text transfer protocol and It is what the Internet pretty much runs on. In this video we will learn how HTTP works, how it is secured with HTTPS, will also show how to spin up an Http web server, and we will also go through the evolution of HTTP starting from HTTP 1.0 to HTTP 1.1 to HTTP/2 and eventually HTTP/3 which is still experimental.    HTTP anatomy  Request (browser, web app)  URL Method type Headers Body Response (web server)  Status code Headers Body  HTTP 1.0 over tcp Application Layer 7 new connection with each request.  HTTP 1.1 over tcp Persisted connection  HTTP/2 over tcp Compression Multiplexing Server Push SPDY Mostly secure by default Negotiates protocol during TLS (NPN/ALPN) HTTP/2 over QUIC ( HTTP/3)  Replaces TCP with QUIC (udp with congestion control) 
47:32
July 15, 2019
Episode 101 - NAT Network Address Translation
NAT network address translation is a process of mapping an IP address or IP port pair to another IP address or IP: port. You might be wondering what a software engineer like me doing making a video on a low level networking concept? I have good reasons for that. NAT was originally designed to solve the ipv4 limited IP addresses, but since been used for port forwarding and layer 4 load balancing through the virtual ip address such as Haproxy thats why I decided to make a video about NAT from a software engineer view. In this video we will explain how NAT works and we will explain its applications. 
21:36
July 4, 2019
Episode 100 - TCP Tunneling
Tunneling protocol Tcp tunneling Tunneling is the process of encapsulating content from a protocol A into another protocol B, usually because protocol A is blocked or unavailable. In this video we will explain how TCP tunneling works, the applications of TCP tunnels and the pros and cons. Coming up! * TCP Tunneling * Applications * Pros and Cons TCP Tunneling Here is how TCP Tunneling works. Lets say your goal is to access a website that your ISP proxy blocks www.server2.com this is hosted on server2 on port 80. Lets say there is another Server1 that you have access to and Server1 have direct access to Server2. So if you can make Server1 make the request on your behave to Server2 and somehow deliver the results back to you, you just created a tunnel between You and Server1. Here is how it actually works. You create a legit tcp connection over a known protocol such as SSH between you and Server1. You then create a tcp packet that is intended for Sever2 so you tag it with Server2:80. Then you package that packet into another TCP packet intended for Server1! Huh ! Server1:22. You then forward the packet over, your ISP police will see that there is a packet intended to Server1 on port 22. Proxy approves and forwards it over not knowing that you are smuggling content in that packet. Also the proxy cant even look in the content because its encrypted with RSA. Server1 unpacks the package, decrypt and discover that its an other tcp packet. Here is where the shady stuff happen. Server1 now looks and see that the smuggled package is intended for Server2:80, created a connection and delivers the package it, it changes the source ip to its self and keeps track somehow of that. Once it receives the package it knows that this package has to go back to tunnel. The client now have access to the blocked site! What does this look like guys? Yes you guessed it its a VPN. It’s literally like smuggling content inside a package 📦 that looks legitimate. Server1 and Server2 can be the same server There are many types of tunneling Local port forwarding: Remote connection, Socks Proxy: forward pretty much anything (VPN) Reverse Tunneling : Expose local web server publically Applications VPN Securing an insecure connection Anonymity Bypass firewall SOCKS 4 proxy redirect all your traffic regardless of the port to an internal proxy instead which tunnels it. Dynamic port forwarding Pros Secure connection Access blocked services Anonymity Expose internal traffic Cons TCP meltdown (TCP over TCP) Slow retransmission Stateful Local port forwarding Just one app gets forwarded when the local port is requested Socks All apps goes through the proxy Http tunneling TCP VS UDP 1:00 11:00 OSI model 15:40 private vs public ip 18:35 proxy vs reverse proxy 24:30 TLS 11:20 local 16:20 reverse 20:40 socks
30:45
June 29, 2019
Episode 99 - TLS
  TLS which stands for transport layer security is a protocol for securing communication between client and server. Specifically for HTTPS. Thats what the S is stands for.  In this video, we will learnq how insecure vanilla HTTP works, HTTPS, then we will learn how HTTPS is possible via the transport layer security and finally we will talk about the improvements in 1.3 that was published August 2018.  Vanilla HTTP HTTPS  TLS 1.2 handshake TLS 1.3 enhancements Vanilla HTTP  Before we discuss TLS, HTTPS or anything else lets go through how HTTP request work. You can type in the browser www.husseinnasser.com , the OSI magic kicks in, client figures out the IP address of husseinnasser.com by calling the DNS which uses UDP. Then HTTP application layer makes a GET / request passes in the IP address and port 80 (default for insecure http). This creates an underlying TCP connection. GET / string among other stuff into the packet and send it over. TCP does its thing server receives GET / calls the appropriate process at the backend which could be just return index.html sets content type text/html and sends back big response for client. All of this obviously is plain text no encryption any kind and if you watched the OSI video we made you can tell that people can sniff/snoop packets and get packets they aren’t supposed to get HTTPS Works by negotiating a symmetric key so they can both secure messages. Watch the video we did on encryption. Before we jump to GET request there must be a handshake 🤝 that must occur between the client and server. The tricky part is exchanging that key. Same thing as above except port is 443 instead of 80. Remember once we lose the TCP connection we will have to renegotiate the key. But beauty of this is HTTP is stateless so it remains working just fine.  Tls handshake 🤝  The original TLS handshake involves 4 roundtrips. A client hello which the client includes which encryption algorithms it supports (Both symmteric and asymmetric). The server receives the request then replies back with the server certificate which includes the server public key and also the encryptions that they will change to. The client receives the server hello, generates the premaster key, encrypts it with the server’s public key then send it over. The Server decrypts the message, gets the premaster generates the symmetric key finally tells the client that we are good to go.  Tls 1.3  TLS 1.3 involves much shorter and much secure communication using only deffie hellman as key exchange and just two round trips. 
25:13
June 23, 2019
Episode 98 - Encryption
Encryption is the process of scrambling data to protect personal files, secure communication, hide identities and much more.  In this video we will learn about the different type of encryptions we will talk about symmetric encryption, asymmetrical encryption, where they are used for and the pros and cons of each one.  Symmetric encryption Asymmetrical encrypt  Pros and cons of sym va asym  Symmetric encryption  Might as well just call it classic encryption I would argue and i think this is the first encryption known to us. I have some thing I dont want anyone to see I use a lock key to lock it. Only I can open it unless I have a lock.  The same key you use to encrypt is the same key to Decrypt.  Examples Examples of popular symmetric-key algorithms include  AES Twofish Serpent  DES Twofish, Serpent, AES (Rijndael), Blowfish  CAST5, Kuznyechik, RC4, DES, 3DES, Skipjack, Safer+/++ (Bluetooth), and IDEA  Asymmetrical encryptions  We had symmetric encryptions for a long time, then internet came and networking and we needed to encrypt messages going back and forth. We said cool lets use AES. Then we said wait a second.. the other computer doesnt really have my key so we need to encrypt it..  Also called Public key encryption  1977  Rivest–Shamir–Adleman (RSA)  Diffie–Hellman key exchange protocol DSS (Digital Signature Standard), which incorporates the Digital Signature Algorithm ElGamal Various elliptic curve techniques Various password-authenticated key agreement techniques Paillier cryptosystem RSA encryption algorithm (PKCS#1) Cramer–Shoup cryptosystem YAK authenticated key agreement protocol
22:38
June 16, 2019
Episode 97 - Bandwidth
  Bandwidth explained from software engineer point of view Bandwidth is measured by how many bits a device is allowed to send/receive in a second. It ranges from your internal network starting from network card all the way to your ISP Internet speed. In this video we will discuss the definition of bandwidth upload vs download speed, the different usage patterns for normal web browsing, streaming, gaming, media production and cloud web servers etc and finally we will show an example of the whole thing. When your ISP gives you 80Mbs download/1Mbs upload bandwidth, this means 80 mega bits download which means your router (and all your devices) can receive (download) a total of 80 mega bits in a second at a time, and it can send (upload) 1 mega bit in a second. With your ISP can you pick and choose your plan that fits your usage. Usage patterns Web Browsing Most people download far more than they upload. So the download bandwidth matter more than upload bandwidth. For simple web browsing the download incoming traffic is slightly larger than the outgoing one. You make a GET request to pull index.html, you get back the html content. Yeah there are some images but still not much of incoming.  Streaming Think about it when you watch a movie in Netflix you make a small request usually in few hundred bytes. But the data you receive (download) is huge. So streaming is constant large incoming data. While still outgoing traffic is minimum. Gaming The bandwidth for gamers is really interesting specially who play online and it really depends on the game. a game might use the server authoritative model, where all the online players send their inputs and receive the final game state changes from the server. In that case the there is a constant upload, still minor but the download bandwidth is larger since state is usually bigger. Games can also use the lock state model or the client authoritative model, where all the clients send their inputs the server and the server just send back all the input from all players back to everyone so everyone calculate the game state locally. So in this efficient model, both the upload and download is quite small and its good for countries with low bandwidth.  Some games require cloud saving which means upload speed is recommended.  In general latency is much better in gaming. Media production  Youtuber and you make 5 videos a day so you need to upload alot of data to the youtube server. So upload speed really matter, and download also matter because you will also consume alot. Web servers Netflix (which is hosted in amazon) they upload data far more than they download. So their upload bandwidth is more than their download bandwidth. All those movies and tv shows pushed to consumers. Example Assume you have bandwidth of 80mb/s download speed (which is 10 Mega bytes per second) and 1mb/s upload (which is 125 KB per second). You are connected to a web server which has 80Gb/s upload and 80Gb/s download bandwidth, which is 10Gigabyte per second. Lets say you want to download a 60GB file or movie (no streaming). It will take the server 6 seconds to upload that file however it will take you 1.7 hours to download it. Your ISP That is not entirely true though for TCP, which implement congestion control. UDP does not implement congestion control. 
24:39
June 16, 2019
Episode 96 - Denial of Service
  Denial of Service attacks Dos attacks (denial of service) are type of attack on a server to prevent users from consuming a particular service, usually this is an HTTP web server. This could happen by either saturating the bandwidth of the pipe going to the server or by bringing the server down to its knees so it stops taking requests all together. In this video we will learn about 3 different types of DOS attacks and explain each one by example.  Bandwidth based DOS 2:15 Dos Sending Huge amount of data to a server with lower bandwidth from a client with higher bandwidth which ends up saturating the server pipe and queue up future requests, new requests will have to wait or perhaps denied service. Example, the attacker have 100mb/s bandwidth (upload) the server has 10Mb/s download. If the attacker starts sending 100 mb worth of data to the server, it will take it 1 second to leave the pipe. However, The server can only download 10 mb each second for processing because thats its bandwidth, so it needs 10 seconds to completely download that 100mb and process. In this 10 seconds the server is fully busy serving just 1 client. Other requests will not be able to even reach the server, they might get queued and they may never be executed. Thus denied service. It is important to know that the server must have an end point that actually accept such large data. Like upload file with no limit. Another example, is UDP where there is no connection.  Ddos this previous scenario is less likely since servers usually has much more bandwidth than a single computer. A common attack is to do a DOS in distributed manner. Assume a server with 1 Gb and client with 10 mb/s no matter how much data the client can send it can only send 10mb per second, and the server can go through them real quick. Example, the client sends 1GB, it will leave the client’s pipe into 100 (10mb) means the client will take 100 seconds just to upload all the data because it can only sends 10 mb each seconds. And the server is processing it so fast it each second and it will still have enough bandwidth to process other requests(1000-10). But imagine 100 users with 10 mb connection each, all coordinate to send 1 Gb worth of data to the server at the same time (critical that its in the same time) 100x10 each second they can send 1 Gb in total to the server, the server can only process 1 GB per second so the server will not be able to process any other requests because its bandwidth is saturated processing this 1 GB from different place. Make it 200 users and you just clogged the pipe.    Max connections based DOS 10:13 Another type of denial of service attack is by somehow force the server to reach its max connections. The web server usually sets a maximum number of tcp connections so that it doesn’t run out of memory. an attacker can perform a DOS attack to force the server to reach its max connection. once it does, it wont accept any more connections thus deny service of future requests. However it is not easy, web servers have good preventive measures to minimize unnecessary tcp connections. So you cannot just establish a connection and ghost the server. This isn’t your ex boyfriend. Server has good timeouts for connections that are idle, terminated or potentially harmful. However one possible attack is to establish a connection but send the data slowly so when the server tries to timeout it immediately reset the timeout and keep the connection alive! Assuming the max tcp connection is 200, Run your script 200 times and you just created 200 connections to the server so no new connection can connect.    Vulnerability based DOS 16:30 
22:44
June 16, 2019
Episode 95 - TCP vs UDP
 TCP and UDP are communication protocols that allows us to send and receive data in a network. We have both for a reason since each has its advantages and disadvantages. In this video we will talk about two protocols, pros and cons of each one and will write tcp and udp server with nodejs showing you these in ACTION. coming up Code!  https://github.com/hnasr/javascript_playground/tree/master/tcp Jump Codes 🏷  tcp pros cons(4:12) Tcp demo (19:00) Udp pros cons (24:25) Udp demo (31:25) Summary (35:40) Explain TCP  Pros:  acknolwedgment,  garenteed delivery,  connection based congestion control ordered packets  Cons Larger packets More bandwidth since more headers.  Slower (because of retransmission)  stateful once connection is lost its lost, cannot resume it.   TCP Example (Code) telnet 127.0.0.1 8080 Explain UDP Pros Statless,  Less bandwidth  smaller packets Faster to transmit  Cons no ack,  no garenteed delivery,  no congestion control no ordered packets  UDP client echo "foo" | nc -w1 -u 127.0.0.1 41234 2:24 osi model tag  14:20 stateful. S stateless video 
40:29
June 2, 2019
Episode 94 - When to use GET vs POST?
  Get and POST are the most popular http methods used on the web. Each carries its own differences and properties. It can confusing to get to choose when to use POST over GET. In this podcast we will explain the differences, use cases and the benefits of using GET and POST. 
22:26
May 26, 2019
Episode 93 - Microservices
  Microservices (Explained by Example) Microservices technology is a new pattern of software engineering that has been popularized recently. In this video we will explain what microservices are, their pros and cons by example.  A lot of companies have moved in the early 2010 such as twitter and netflex to the microservices architecture.  Microservices technology is a pattern where you can break down big application into smaller services and what previously is a function call is now a network call GET or POST through HTTP. In order to explain what microservices are, we need to explain how a traditional classical application looks like. Here is an example .. Instagram   View Picture, list comments, likes and Picture and Location.  Picture Likes Comments Picture API (Thumbnails)  Likes API  Comments API Most popular comments Pros: Polyglot architecture  Easy scaling for microservices that needs scaling.  Better Team management, each microservice is a team Easier to innovate certain areas. Each microservice can pick their own database  Scale busy services instead of entire system  Cons: Very complicated to implement, network call, service discovery  Very Difficult to debug Hard to find where the fault is  Network calls fails adds complexity. 5:00 6:50 proxy vs reverse 
17:15
March 16, 2019
Episode 92 - Attribute Rules
Attribute Rules are scripts that can be authored and placed in the geodatabase to ensure data integrity lets discuss them. 
09:17
March 16, 2019
Episode 91 - Public IP vs. Private IP Address
In this episode we will talk about the difference between public ip and private ip address and casually talk about routers, modems, LAN,  WAN and port forwarding. 
15:12
March 10, 2019
Esri Dev Summit 2019
Join me in the upcoming Esri dev summit! Ill be presenting attribute rules and the utility network.
02:57
February 26, 2019
Episode 90 - You will be Judged
It is a long weekend with the president day on Monday. Which means it is another good opportunity to create more art. Whether that is a new ArcGIS pro Add-in or a new map, a painting, a new piece of poetry or music. This also means more chances to get discovered, which means more chances to get criticized. I get criticized all the time now that I have bigger exposure and this is our topic for this podcast coming up, 
21:23
February 16, 2019
Episode 89 - Push vs Pull Notifications
This is originally a video that I converted into a podcast I think it is still useful  https://www.youtube.com/watch?v=8D1NAezC-Dk Notifications have become part of our daily life. We receive them almost every minute on our phones, tablets, and computers. As software engineers, it is good to understand how notifications work, and what different type of notifications there are (push and pull notifications), the advantages and disadvantages of each.    In this video I'll explain how the push notification and pull notification works and the stateful vs stateless nature of each and how it affects the architecture decision of our application that we are building.    Online diagram tool used in this video:  Http://www.gliffy.com   Become a better software engineer by joining IGeometry checkout the other software engineering content on this channel   -Hussein
15:59
February 14, 2019
Episode 88 - What was wrong with SOAP Protocol?
Soap (Simple Object Access Protocol) has been a popular messaging protocol in the early 2000s. It uses XML as a format with well defined schema, and your choice of stransport protocol. Despite it still being used people have been moving towards #REST architecture and more so #gRPC recently. In this episode we discuss why people moved from #SOAP and what are the advantages and disadvantages of SOAP.   Stay Awesome! Hussein Nasser
11:54
February 12, 2019
Episode 87 - Q&A - When to use Shape File vs Geodatabase?
In this episode we answer a question from Anthony. How do you know when to focus on building a geodatabase (let's say SQL server database) rather than just let the data sit in the shapefile? I would say if you are planning to have multiple users accessing and editing the data, also if your data grew too large shape files might not be scalable to read. Also if you are planning to use the capabilities of Geodatabase such as domains, subtypes, attribute rules, versioning, archiving etc not to mention sharing as well. if you wont plan to use any of the above then shape file is a good choice. If you are planning to just maintain a shape file data of 10k or 100k features and you edit it yourself locally it works! 
10:26
February 9, 2019
Episode 86 - Recycling in ArcGIS Server
When you publish a service you can specify how many processes (min / max) your service can use. As requests are being served memory is allocated, state is changed, some processes could go corrupt Recycling is the process destroying and re-spawning processes that are running to maintain a good memory footprint.  Here is a good read on recycling http://enterprise.arcgis.com/en/server/latest/publish-services/windows/tuning-and-configuring-services.htm Enjoy Hussein
11:29
February 5, 2019
Episode 85 - No Excuses
 I don’t have the equipments. There are people doing that already. And my personal favorite, I don’t know enough.  Excuses are always there, In this podcast I talk about my personal story of how I got started. You don't need fancy equipments to share your skills and knowledge. In this podcast we discuss how with just a screen sharing app (Quicktime) and this microphone I was able to grow my youtube software engineering channel to 2000 subs and more than 1 million watch hours.  
41:41
February 2, 2019
Episode 84 - Layer vs Data Source
A podcast about the difference between a layer and its data source. Enjoy!
10:04
January 31, 2019
Episode 83 - Q&A: Programming for GIS
Vikrant asked a question on Linked:  Dear Hussein, I want to learn programming for GIS. Is python useful? I am not very good in programming. Kindly guide. And thanks for the posts.. Programming for GIS really depends on what you are trying to do and how do you want to advance your career. In this podcast we will discuss four kind of areas where you can programming for GIS. GIS Admin Programming GIS Desktop Programming GIS Web Programming  GIS Server Programming Enjoy
26:57
January 27, 2019
Episode 82 - Cross Origin Resource Sharing (CORS)
If you ever go a website and there some images you liked to reference in your page or blog. You would copy the link, and put in your blog.  Only to find out that the image looks broken?  You copy the link again and paste it in URL and it opens fine?  This is an effect of CORS or cross origin resource sharing.  https://husseinnasser.com/courses
14:06
January 19, 2019
Episode 81 - ArcGIS Server Talk - SOE vs SOI
 ArcGIS Server is a technology that allows you to pull your heavy work load on the backend and isolate the clients from complexity of the database by exposing HTTP services instead of low level TCP database. You can also extend the server capability by writing your own extensions.  In this episode ArcGIS Server talk we will talk about two ways you can extend your ArcGIS server, Server Object Extensions and Server Object Interceptors. Server Object Extension  Extends the MapServer to allow you to write your own logic that cannot be easily done by built - in Feature Server or Map server. Or it is more performant to do it.   Users create new excavation I want to auto-calculate the price of the excavation based on the soil type, whether there are trees, rocks.  Server Object Interceptors  You don’t write new thing you instead intercept existing calls to query and applyEdits to inject your own logic to pre or post processing. Lets say every-time any application tries to write to the service, you want to verify that the edit is permissible. Include water marks to all images that are downloaded. Learn more about SOE vs SOI here http://enterprise.arcgis.com/en/server/latest/publish-services/linux/about-extending-services.htm
17:32
January 6, 2019
Episode 80 - MIME Sniffing
Any content served through HTTP “should” include meta data about its type. This is so the browser/client knows what to do with the content it receives. For example, if the content type header is an image the browser will preview it, if it is HTML it will render the markup and execute any javascript code. Content type however is optional and web masters sometimes don’t set it, which leave the browsers wondering about the content type it is consuming. So browsers had to implement parsing and “sniffing” techniques to detect the type of content when a content type header was not served. However, this caused security problems and attacks that we explain in this video! So to prevent sniffing, web servers can return X-Content-Type-Options: nosniff which opts out browsers from sniffing the content. Media type: https://en.wikipedia.org/wiki/Media_type#Common_examples Cheers! Hussein Nasser
11:16
January 4, 2019
2018 was a great year
Thank you so much guys for a great year! I love you. -Hussein 2018 was a great year:    Created, edited and posted 120 software engineering youtube videos with over 1.1 Million impressions   Published 75 podcasts with over 8k plays    Self Published a new GIS book   Published two programming online courses  #hustle
01:43
December 31, 2018
Episode 79 - Availability vs Scalability
This is the final episode of 2018. We will discuss the difference between Availability vs Scalability in software services. Availability What does it mean for my software to be available?  software, service, application is designed in way so it can be available to consumers despite situation  Will your service be available if Host Failure Maintenance  Upgrading Security updates Available doesn’t necessarily mean performant. Scalability What does it mean for my software to be scalable?  The ability for the software to handle the increase of workload or data growth Assume photo sharing app, retrieving 1 photo with details. If in normal conditions you service can serve 100 requests per minute, will doubling resources double the output?u If the volume of data increases will your query still perform? A software is scalable when it is designed in a way so that adding more resources will handle more users  
20:16
December 31, 2018
Episode 78 - Geodatabase Talk - Subtypes
In this episode we discuss the concept of subtypes in the geodatabase, subtype layers and much more!
15:00
December 27, 2018
Episode 77 - Authentication vs Authorization
In this episode we discuss the difference between authentication and authorization.
08:07
December 22, 2018
Episode 76 - Database Locks
Hussein's Courses 📐⟶ https://www.husseinnasser.com/courses Hussein's Books 📒⟶ https://www.husseinnasser.com/books In this episode of #softwaretalk I'm in beautiful San Francisco for the weekend. Our topic today is database locks. Stay Awesome! Hussein
06:11
December 16, 2018
Episode 75 - Arcade - The ArcGIS Scripting Language
In this episode we discuss the ArcGIS scripting language Arcade. New to GIS? Checkout my books and courses here https://husseinnasser.com/books
07:30
December 13, 2018
Episode 74 - Short vs Long Geodatabase Transactions
We discuss the difference between short and long transactions in the geodatabase
06:29
December 9, 2018
Episode 73 - Consistency
We discuss consistency in this episode
04:49
December 7, 2018
Episode 72 - The Evolution of the Feature Service
In this episode I talk about how the feature service came to be. From local shape files through the enterprise geodatabase to the beautiful HTTP protocol services. Https://husseinnasser.com
17:02
December 6, 2018
Episode 71 - Best Programming Language for 2019 (Rant)
Hussein's Courses 📐⟶ https://www.husseinnasser.com/courses Hussein's Books 📒⟶ https://www.husseinnasser.com/books I don’t usually do rants. f you are new software developer, pick a language and write software. There is no best programming language. Each programming language has its own of pros and cons. Stay Awesome -Hussein
08:01
December 5, 2018
Episode 70 - What is Back-end Development ?
In this episode I explain the backend development, its history, how it came into existence and where it is going. I also share with you my latest online course Python on the Backend. http://www.husseinnasser.com/courses
08:26
November 26, 2018
Episode 69 - The Beauty of HTTP
We discuss the HTTP protocol and explain its elegance and how it is powering the microservices architecture.
06:04
November 24, 2018
Happy Thanksgiving!
Happy Thanksgiving!
00:36
November 22, 2018
Episode 68 - Geodatabase Talk - ObjectID
Hussein's Courses 📐⟶ www.husseinnasser.com/courses Hussein's Books 📒⟶ www.husseinnasser.com/books ObjectId (among others) is a system field that is added to a geodatabase table. In this episode we discuss best practices in coding against this field. Checkout my new book (learn gis programming with ArcGIS online and Javascript 4.9 API) ! www.husseinnasser.com
11:32
November 19, 2018
Episode 67 - Pull, Push and the Long- Poll
In this episode we discuss the difference between the HTTP client pull, server push and the long poll also known as #HTTP ASYNCHRONOUS polling.
10:02
November 16, 2018
Episode 66 - YouTube Audio and Video Streaming in the mobile app
As a software engineer, I like to reverse engineer applications and see how it was made. This episode we discuss how YouTube handles audio vs video streaming. When you minimize the app,
06:25
November 16, 2018
Episode 65 - ArcGIS Server Talk - 6080
Port 6080 is interesting, we talk little bit about it in this episode.
08:42
November 14, 2018
Episode 64 - ArcGIS Server Talk - When to use Sync vs async gp service?
If you go to the geoprocessing service in Manager you might have noticed that there is an option to run asynchronously. In this episode we explain when you might want to do this!
07:29
November 12, 2018
Episode 63 - Geodatabase Talk - SDE Intercepts
Sde intercept Any operation performed on ArcGIS ends up eventually to the geodatabase as a set of one or more queries. A “zoom-in” or pan operation translates to multiple queries to the underlying geodatabase. SDE intercepts always you to intercept and take a look at those queries to diagnose slow operations in your enterprise geodatabase. It also helps pinpoint where the bottle neck is and how can you optimize your app or geodatabase. https://support.esri.com/en/technical-article/000010355
12:08
November 11, 2018
Episode 62 - Load Balancer vs Reverse Proxy
Most of the time a Load balancer is a reverse proxy but a reverse proxy is not necessary a load balancer. Reverse proxy takes a request from client and forward it to “a server” doesn’t care of the server is overloaded or down or not just forwards it. Load balancer stores state about each server behind it, how overloaded each server is, and what server is down, and smartly forward request to a server to balance the load across all the group. So a load balancer is a special case of a reverse proxy but smarter!
09:59
November 5, 2018
Episode 61 - ArcGIS Server Talk - Max SOC Heap Size
We discuss the max heap size property on the arcgis server admin. Enjoy
17:31
October 30, 2018
Episode 60 - ArcGIS Server Talk - Database Schema Lock
In this episode of arcgis server talk we discuss the database schema lock option in manager. Advantages and disadvantages of having your service acquire a lock.
07:50
October 29, 2018
Episode 59 - Geodatabase Talk - Split
We discuss how split work, the split policy on the domain and the split editing model.
11:45
October 28, 2018
Episode 58 - The Art of Software Troubleshooting
In this episode of #softwaretalk we discuss the art of software troubleshooting. We can become better software engineers by aiming to excel at our craft. Not just find a bug, but track its cause. Not just find a bad performing workflow in the app but find out what causes the performance bottleneck. Do the due diligence. Enjoy this episode guys www.husseinnasser.com
13:08
October 20, 2018
Episode 57 - ArcGIS Server Talk - ApplyEdits
In this episode, we talk about applyEdits method on the feature service REST API. Enjoy Grab my Administering ArcGIS for Server book and learn more about Installing and configuring ArcGIS for Server to publish, optimize, and secure GIS services. http://husseinnasser.com/books
09:59
October 19, 2018
Episode 56 - Geodatabase Talk - Undo edits through services
In this episode we discuss how using the new ArcGIS Server version management service we can undo edits even after the service goes down!
08:56
October 15, 2018
Episode 55 - When to Fix the bugs?
In software development, introducing a new feature or functionality always introduces bugs specially in a large software. In this episode we discuss should we fix all the bugs that get introduced from a new feature or install the feature and worry about the bugs later? #agile
05:57
October 13, 2018
Episode 54 - Stateful PHP Service
Throw back me using PHP and apache to build a stateful service.
08:03
October 8, 2018
Episode 53 - Product Architect vs Solutions Architect
In this episode of #softwaretalk, we discuss the differences between the software product architect and a solutions architect. We start by defining the difference between a software product and a solution. Then we discuss the responsibilities of product architect vs solution architect. If you are interested to be a solution or product architect or engineer you came to the right place. Cheers Hussein
12:41
October 7, 2018
Episode 52 - Geodatabase Talk - Archiving
Archiving is used to store or keep track of state of rows even after they are edited in older state. In this episode we discuss how can you do archiving in the geodatabase.
07:33
October 6, 2018
Episode 52 - ArcGIS Server Talk - Logging
In this episode of ArcGIS Server Talk we discuss logging.
11:04
October 5, 2018
Episode 51 - Geodatabase Talk - DDL vs DML
In this episode we explain the difference between ddl and dml, with respect to the geodatabase
11:48
October 5, 2018
Episode 50 - Geodatabase Talk - SDE
The communication between the client and the enterprise geodatabase is done through the spatial database engine. We explain that layer in this episode.
10:09
October 3, 2018
Episode 49 - User Experience vs API - What Comes First?
Any modern software or application that we build must have a backend API (Application Programming Interface) whether design in C++ IMPL Interfaces Or HTTP REST Architecture, and a Front End User Experience to consume this API which could range from a mobile app to a voice device. This is an open discussion, when you as a software engineer want to design a new application, what do you start first? Front-End User Experience? Or the Back-end API? We discuss the pros and cons of both. I enjoyed making this episode! Enjoy guys Hussein Nasser
16:03
September 30, 2018
Episode 48 - ArcGIS Server - Asynchronous Geoprocessing Service
We explain how the asynchronous geoprocessing service works in ArcGIS. We also briefly explain the difference between synchronous vs asynchronous request. Enjoy !
05:30
September 29, 2018
Episode 47 - How to become a Better Software Engineer? (Rant)
There is no secret, no magic potion, no pill or book or a “new” programming language that will make you a better software engineer. To be a better software engineer you have to write more software. Write silly software, write fart software, write stupid software, write bad performant software. Write enough software to give the edge to be better than other software engineers and software developers.
15:22
September 28, 2018
Episode 45 - Geodatabase Talk - Domains
Today’s topic is geodatabase domains.
10:45
September 27, 2018
Episode 44 - Is Coding Easy?
Welcome to the first episode of software engineering talk. This series we pick a topic and casually talk about it. In today’s episode, we try to answer the question is Coding easy?
12:30
September 17, 2018
Episode 43 - Never underestimate a coding task
In this episode of software engineering by example we discuss how software engineers should be empathetic and never underestimate and brush a problem as simple. We have to give it some thoughts and think it all the way through.
08:58
September 15, 2018
Episode 42 - Geodatabase Talk - Stateful DB Connection
This episode I explain what is a stateful connection and how that compare to traditional vs the new branch versioning model. We also explain Pros and cons of the stateful connection (with a DMV example :) )
12:52
September 7, 2018
Episode 41 - Geodatabase Talk - High Isolation
We explain the difference between Isolation and High Isolation from a geodatabase point of view.
08:42
September 4, 2018
Episode 40 - Geodatabase Talk - Registration types
We discuss briefly the 5 registration types in the enterprise geodatabase. Unversioned, unversioned with archiving, versioned, versioned with archiving and branched versioned.
12:14
August 23, 2018
Episode 39 - Geodatabase Talk - Versioning
We discuss the concept of versioning (high isolation) in the geodatabase.
08:04
August 14, 2018
Episode 38 - Geodatabase Talk - Workspaces
We discuss the geodatabase connection which is called a workspace,
04:22
August 6, 2018
Episode 37 - Geodatabase Talk - Tables
We discuss the table artifact in the geodatabase.
11:42
August 3, 2018
Episode 36 - Geodatabase Talk
This is a new series that discusses the Esri geodatabase technology!
14:32
August 1, 2018
Episode 35 - ArcGIS Server Talk - Pooling
Discussing Connection Pooling in ArcGIS Server
11:12
July 6, 2018
Episode 34 - ArcGIS Server Talk - Process isolation
Process isolation
11:32
July 4, 2018
Episode 33 - ArcGIS Server Talk - Site Clusters
Server site cluster discussion
06:34
June 26, 2018
Episode 32 - ArcGIS Server Talk - Server Site
Discussion about server site, port 6080,6443, configuration store and creating and joining existing site
15:10
June 24, 2018
Episode 31 - Arcgis Server Talk
Discussing arcgis server technology part 1
07:21
June 15, 2018
Episode 30 - Disk
Discussion on Persisted storage in the disk while taking a walk in Bahrain 🇧🇭 . Enjoy.
06:38
March 4, 2018
Episode 29 - Who is Hussein Nasser?
In this podcast I talk about my story. Where did I come from? What did I study? What jobs did I have? Why did I start my blog and Youtube Channel? How did I write my books? Why did I move to the United States? and much more.. Stay Awesome guys and Enjoy the podcast. Hussein
29:16
March 4, 2018
Episode 28 - What is GIS?
Discussion on GIS geographic information system my career since 2005. Enjoy
04:28
February 8, 2018
Episode 27 - Why Coding is Hard?
We discuss we some people are intermediated by programming or find it hard to learn. Spoiler alert it is our fault as educators.
05:19
February 8, 2018
Episode 26 - Caching
Caching explained simply.
05:04
February 7, 2018
Episode 25 - Cash in on your passion
This episode is pulled from my vlog right after I finished Gary vee book Crush it. Today I finished @garyvee book Crush it (Cash in on Your Passion). I read alot of books but dont necessary review them in my SM. However this book is different, though written 9 years ago and some technologies are dead but that in itself shows this guy jumps on bleeding edge technologies like there is no tomorrow which I love. Never mind, that book actually inspired me to twist Gary\u2019s ideas in the software engineering realm. And that is the topic of the vlog, you are passionate about 8 bit video game development? Build a community around it. You really genuinely love the assembly language? Build software with assembly and make videos and show your love, you will be surprised how many engineers share your interest. Cant wait for Gary\u2019s new book Crushing it! - I would really like to thank my YouTube mentor @robertoblake for introducing me to such passionate person.
08:01
February 6, 2018
Episode 24 - Bleeding Edge Technologies
New technologies appear every day. We ask the question should software engineers learn new emerging technologies as soon as they come in? We answer yes and We bring in badass Gary vee as a successful example of someone who tackle any new social media app.
05:13
February 1, 2018
Episode 23 - Why JSON is so Popular?
We discuss how JSON became popular. It isn\u2019t some fashion trend, its convenience. We also discuss how XML was invented as an interchange format.
04:43
January 31, 2018
Episode 22 - Latency
Discussion of latency across the entire software stack. Enjoy
05:15
January 29, 2018
Episode 21 - RDBMS
We discuss relational databases. Their properties and scalability.
12:30
January 26, 2018
Episode 20 - Cool feature in git
I discovered git submodules today. I talk about how I found them and how they helped my code reusability.
04:13
January 24, 2018
Episode 19 - Python as a Web Server
We answer the question can Python runs on the backend and serve REST end points
04:48
January 24, 2018
Episode 18 - Memory Leaks
We discuss memory leaks. What are they? How they happen? How dangerous can they be?
05:14
January 24, 2018
Episode 17 - UX ... then REST
We discuss how an engineer can save tremendous design and architecture efforts at the backend building the REST services by actually starting with the user experience. As usual with an example. Cheers y\u2019all
04:59
January 23, 2018
Episode 16 - TheDragon fights Engineers too
We talk about how the we are meant to create beautiful art and how the resistance (the dragon) is stopping us from putting that work out there.
04:59
January 23, 2018
Episode 15 - I Wrote Bad Front-End Code
While building an Alien Invasion javascript game I wrote some bad code that froze my chrome. I discuss the unscalable piece of code and go through how I discovered it and how to fix it.
07:15
January 19, 2018
Episode 14 - Learn Software By Doing
With new technologies it becomes overwhelming for engineers to learn. We discuss one of the best ways to learn the new technologies by doing projects using them. Step out of your comfort zone and build apps using those tech!
05:48
January 19, 2018
Episode 13 - Do Developers Make Lousy UX?
In this episode we discuss why lot of people think Developers make unusable and lousy user experiences and interfaces. We take examples of Windows vs Mac and a throw back from a blog post I wrote 10 years ago. Enjoy
09:33
January 18, 2018
Episode 12 - Stateless vs Stateful
We discuss stateless and stateful client / server architecture using instagram as an example.
09:59
January 16, 2018
Episode 11 - Persistence
We discuss how persistence at the client side. We bring Siri, Whatsapp and Twitter s examples of dealing with persistence of draft, lost and unsent messages .
12:42
January 13, 2018
Episode 10 - Scalable Software
We discuss software scaling in three tiers. The front end, the backend and the middle. We take instagram as an example for all three tiers.
14:31
January 12, 2018
Episode 09 - Advice to new Software Engineers
This podcast is for software engineers that just started their career and facing pressure from outside world to divert their path. Keep doing what you love.
09:59
January 8, 2018
Episode 08 - UX and Software Architecture
Does the user experience derive the software architecture or vise versa? Can user experience help determine what backend database you end up using? We discuss both styles of engineering and talk about pros and cons. Enjoy
11:27
January 5, 2018
Episode 02 - Stuck at your job?
In this episode we discuss how can you make a change to your career. I also talk about my experience a little. Enjoy
09:59
January 2, 2018
Episode 01 - Sync vs aSync
We discuss two programming styles both have their advantages and disadvantages. Enjoy
14:59
December 29, 2017
IGeometry Podcast - Intro
First podcast - intro - welcome to IG podcast
04:10
December 29, 2017