The Backend Engineering Show with Hussein Nasser

Some cool new features are coming to the Javascript language namely Optional chaining and nullish coalescing how useful are they? lets discuss So Optional chaining and nullish coalescing are coming to the Javascript language. I think it is already in the Javascript Engines (V8, SpiderMonkey, JavascriptCore and Chakra) which will be picked up by other clients such as browsers, node js , dino other stuff .. Cool stuff lets get into it. Show them (chrome devtools) Where is it available? Node JS not yet (13.9 V7.9) (https://github.com/nodejs/node/blob/master/doc/changelogs/CHANGELOG_V13.md#13.9.0) Resources V8 release v8.0 · V8 Optional Chaining https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Optional_chaining Nullish coalescing https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Nullish_coalescing_operator

We are one step closer to a more secure web. Firefox disabled TLS 1.0 1.1 It’s a big change that I am very happy about but not everyone is. Let's discuss . Resources https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ https://www.openssl.org/~bodo/ssl-poodle.pdf Firefox disabled TLS 1.0 1.1 It’s a big change that I am very happy about but not everyone is. Lets discuss Resources https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ https://www.openssl.org/~bodo/ssl-poodle.pdf

Google engineer Alyssa Wilk discovers a critical security bug related to whitespaces in header values. Envoy and Node JS fix this by releasing a security patch. let us discuss it. tags: envoy, envoy proxy, envoy security, envoy proxy whitespace, Alyssa Wilk

Node JS Releases a Fix for an HTTP Request Smuggling Vulnerability, we discuss the attack and the fix in detail.

In April 2019 Google blocked sign-ins from Embedded Browsers to avoid man in the middle phishing attacks. In this video, we discuss why.    https://security.googleblog.com/2019/04/better-protection-against-man-in-middle.html?m=1

PostgresSQL version 12 has been released, let's go through the features that I think are most interesting and cool. #softwarenews   Feature Matrix https://www.postgresql.org/about/featurematrix/   - Allow adding columns to Index (GIST) https://www.postgresql.org/about/featurematrix/detail/314/  - COPY FROM WHERE COPY FROM ... WHERE  - More native support of JSON objects https://www.postgresql.org/docs/12/functions-json.html#FUNCTIONS-SQLJSON-PATH  - Reindex concurrently (slow but allows writes) https://www.postgresql.org/docs/12/sql-reindex.html#SQL-REINDEX-CONCURRENTLY - Performance on large partitioned tables - Stored Generated Columns

Google just released the latest version of Chrome (80) and one of the interesting features making a big change to the default cookies that might actually prevent CSRF forever. Let’s discuss this.   #softwarenews  *  Same Site Attribute * Break some apps * Devs must explicitly set None;secure * Will this end CSRF    Resources  https://youtu.be/GPz7onXjP_4  https://www.chromestatus.com/feature/5088147346030592    News Theme 2 by Audionautix is licensed under a Creative Commons Attribution license (https://creativecommons.org/licenses/by/4.0/) Artist: http://audionautix.com/

Load balancing is process of balancing incoming requests to multiple machines, processes or services. In this video we will explain two types of load balancers, layer 4 and layer 7. Layer 4 - haproxy, NLB  Pros  - great for simple packet-level load balancing  - Fast and efficient doesn’t look at the data  - More secure as it cant really look at your packets. So if it was compromised no one can look  - Uses NAT  - One connection between client and server NATed  Cons  - Can't do smart load balancing based on the content, such as switch request based on the requested media type  - Cant do microservices with this type  - Has to be sticky as it is a stateful protocol (all segments) Layer 7 (Nginx , haproxy) This type of proxy actually looks at the content and have more context, it knows you are visiting the /users resources so it may forward it to a different server. Essential and Great for microservices , it knows the content is video:image etc..

NginX is an open source web server written in C and can also be used as a reverse proxy and a load balancer. In this video, I want to go through the following topics in NginX What is NginX? 2:25 Current & Desired Architecture 4:58 Layer 4 and Layer 7 Proxying in Nginx 8:40 Example 10:25 Install Nginx (mac) 13:30 Nginx as a Web Server 15:00 (webserver.conf) Static context location root 20:00 regular expression 27:00 proxy pass 30:30 Nginx as a Layer 7 Proxy 33:30 Proxy to 4 backend NodeJS services (docker) 37:00 IP_Hash load balaning 43:00 Split load to multiple backends (app1/app2) 46:00 Block certain requests (/admin) 49:00 NGINX as a Layer 4 Proxy 51:30 Create DNS record 1:01:08 Enable HTTPS on Nginx (lets encrypt) 1:05:08 Enable TLS 1.3 on Nginx 1:14:00 Enable HTTP/2 on NGINX 1:17:10 Summary 1:20:10 Cards 3:40 proxy vs reverse proxy https://www.youtube.com/watch?v=ozhe__GdWC8&t=1s 8:50 OSI Model https://www.youtube.com/watch?v=7IS7gigunyI 10:00 L4 vs l7 load balancer https://www.youtube.com/watch?v=aKMLgFVxZYk 34:00 spin up docker app https://www.youtube.com/watch?v=vmSMrQ8Ev9w&t=14s 44:26 stateless vs stateful https://www.youtube.com/watch?v=nFPzI_Qg3FU 1:16:30 TLS video https://www.youtube.com/watch?v=AlE5X1NlHgg&t=8s

In this podcast I explain what database partitioning is and illustrate the difference between Horizontal vs Vertical Partitioning, benefits and much more.   Why Partitioning?