1. 1

    An interesting quote I stumbled upon last week “The ‘s’ in IoT stands for ‘secure’ “ - quite an apt comment I thought. The whole nature of “IoT” is connectivity no matter the costs, users for some reason see the benefit of having their fridge connected to their home WiFi, but the vendors (as a majority) never release a firmware patch or update in the wake of new vulnerabilities, this was apparent earlier this year with the findings of KRACK.

    Vendors now are too interested in shipping a working product, as opposed to a well tested extendible product, because they want to force you to buy new products when yours gets old, or if they add a facetime feature so you can facetime your groceries from work. No wonder so many people struggle for money these days, people just get sucked in.

    With regards to the article, TLS (and SSL) provide security between the connection origin and the destination, if your cheap device was rooted at another point, this becomes worthless.

    1. 2

      I have always used an old school IBM mechanical keyboard, the latest trends seem to have keyboard layouts as shown in the article, does this actually improve comfort and feel better after 8hours of constant use? I was looking at trying one out, but none of my friends have one, and I don’t live anywhere near a place that would have one for demo. Thanks.

      1. 2

        For me, the split keyboard was the largest improvement.

        I blew out an arm on an IBM Model M, had to switch to kinesis, and now ergodox. The largest issue was that my wide shoulders meant my hands were turned outwards when on the keyboard, and that put strain on the inside of my wrists.

        With my current setup, the distance between my F and J keys is twenty three inches (just checked), allowing my arms and wrists to relax.

        1. 2

          This depends on your typing style, I think. For me the change to a columnar stagger and the change to using an fn layer for numbers and punctuation made a much bigger difference in comfort than going to a two-piece keyboard; I guess because of the reduced finger travel?

      1. 2

        I would love to run OpenBSD on my servers, for some of the reasons noted in this article, high code quality and the desire to run a clean system, however these same reasons also make it not such a great choice. When you administer a server, you unfortunately need to install an obscure package, or a library that doesn’t have an openbsd package, and then it just becomes a pain. At least with FreeBSD I never run into these issues, I can build everything from source, or if I need one program that I don’t want to build, I can just install a binary blob. I really admire the OpenBSD project for its principles and what it does for the open source community, but as am operating system I don’t personally get on with it.

        Also due to the scale in which FreeBSD is used commercially, as opposed to some of the other projects, you find more guides on line, so when you inevitably come across a ports build error (installing said obscure package) the solution is never far away.

        1. 1

          I just started writing JS for our internal CRM and other applications, and although it doesn’t really bother me, I do find it strange how npm install (some package) takes so long, like I can build packages from source in FreeBSD quicker than I can install one module in npm. If the code behind this ever makes it to a local application, it would certainly be a big improvement. It probably only works in development though, as when bundling your applications, you may need a file that turbo hasn’t fetched, and depending on your builder picking this up, it could cause a few headaches/problems debugging production runtime errors.

          Regardless of the above, the software engineering behind this sounds very impressive and it’s nice to see a startup actually solve a real world problem.

          1. 2

            If npm speed is bothering your, I highly recommend trying https://yarnpkg.com/ – it can pretty much be used as a drop-in replacement for npm that just makes everything faster (and takes up less of your drive space)

            1. 1

              Up until I read the post in this thread, I have never heard of yarn, I have only been writing JS for a few months now. I have just given it a quick whirl and it seems fairly decent,I will see how it fairs over the next few months and how it compares etc, thanks :-).

              1. 2

                I moved from yarn back to the official npm client when they released v5. npm currently also caches packages :)

          1. 1

            Very cool, and I need to do something very similar for an upcoming project, this helped a lot!

            1. 5

              I’m setting up my base station for amateur radio! I just got a power supply and antenna for my IC-7100, and I’ll be listening on the air soon.

              1. 1

                Nice, I always wanted to get into ham radio but never managed to make enough free time.

                1. 1

                  It’s never too late! http://www.eham.net/newham/

                  1. 1

                    What discouraged me was the sheer amount of real estate a setup would take on my desk. I don’t have the luxury of having a free room to dedicate to the hobby, so my study would have to house all the extra kit, which I simply don’t think it would!

                    1. 1

                      A handheld radio is not much bigger than a cell phone and it’s a good first radio to purchase. No need to buy a huge base station until you’ve gotten more familiar with the hobby!

              1. 0

                Isn’t the best practice not to use node for server side code?

                1. 1

                  Works fine, modulo the edge cases of your business logic and its expression in JS.

                  1. 1

                    Hum… no. I’m far from being a fan of Node but I do understand the usage of it. This reads almost as a bare troll to me….

                  1. 2

                    I have just finished writing two Javascript Spa’s (my first time doing any JS work). These two applications save our business over 80man hours a week in what they can offer (opposed to our stock and expensive ERP solution). I have a third to write which will be replacing our old python/html powered CRM system with a full JS front end and separate backend (much like my recent creations) but I just need to decide whether to stay with the Python/Angular stack, or try another language on the backend and possibly Elm for the front end. The backend is 90% sql, so I really don’t see any immediate advantage moving from python (and sqlalchemy which makes maintenance and feature requests super easy)

                    1. 1

                      You could connect to a public proxy and force all traffic through it, it will be slow as hell and very limiting on what services will work.

                      1. 2

                        I really wish there was a first class, stable/maintained docker port for FreeBSD. There are a few forks that are in various states. Last time I tried, I could get my containers running using the local docker client, but trying to connect to it remotely with a newer version of the docker client would fail.

                        Having a solid docker solution would be a big game changer in the FreeBSD world.

                        1. 13

                          Having a solid docker solution would be a big game changer in the FreeBSD world.

                          Perpetuating a level of mediocrity. How about going the other direction and organise things so you don’t need docker as a “solution” in your environment. That would be a far bigger game changer.

                          1. 5

                            +1 docker is an easy way to deploy applications for people with less sys admin experience, but docker more of a development tool, but in my eyes, not the beat deployment technique.

                            If you really want docker on FreeBSD fire up a bhyve instance of Linux on BSD, and run docker there. Emulating Linux on bsd works really well on bhyve, having docker and freebsd together just opens your solid architecture up to problems, run it in a vm and if it eats memory or crashes, it won’t affect the master host.

                            1. 2

                              Yeah, I have a feeling nix + jails would be a better solution overall than docker on freebsd and probably already works fine.

                          1. 10

                            This quote sums up perfectly why I run FreeBSD on all my commercial servers.

                            everything just worked neatly out of the box. I was amazed with the fact that after a few hours with FreeBSD, i had the whole stack running.

                            Solid, reliable and secure. Yes there are more solid choices, yes there are more secure choices, but for me FreeBSD is a perfect balance of both, coupled with expert documentation (which is not unique to FreeBSD, its more of a BSD thing in general). And it’s real documentation from the *BSD website, not stackoverflow answers or out of date third party tutorials.

                            1. 6

                              I have never felt/had the need to look at anything other than Nginx. For us it hasn’t failed in 6years (since we migrated from Apache), not once. Envoy does open up some cool possibilities (to solve problems I don’t yet have).

                              The additional protocol support looks good and it might be a time to re-engineer some of the current setups that we have, but for me, I’ll wait until the documentation expands a bit (and a few more stackoverflow.com questions appear).

                              1. 2

                                We’ve been considering replacing Nginx with something else recently, because we keep hitting situations where Nginx has marked all the upstreams as dead and is returning 502s, but doesn’t provide any information about which upstreams it marked as dead and when. Having more introspection into what’s happening would be nice. (I think the paid version does give you that, but unfortunately that’s a little out of our price range just for more info.)

                                1. 1

                                  That’s interesting and also annoying they have solved the problem in a premium version and not allowed it into the free/open version (as technically it is a bug). Envoy does look really nice, maybe I should give it a whirl on an old BSD server and try and contribute something to the documentation, as if it does everything it claims, it’s going to be very popular.

                              1. 35

                                Startup mistakes are spending too much time thinking about data stores, and not enough time thinking about making money. Personally I believe that so many startups fail because they obsess and re-engineer their tech stack so much. Most startups (if they ever get to making money) change their initial product/offering so much by the time its out there, that the tech stack decisions they made in the early days aren’t as relevant to the problem they actually end up solving. Use a sane default then evaluate if you actually need anything else. So I whole heartedly agree with his statement just use Postgres, and you won’t regret it.

                                1. 3

                                  I agree with you after reading lots of Hacker News and Barnacles. They should spend almost all their time marketing, listening to customers, building/testing features, and so on. That said, it’s still good to consider this stuff ahead of time to give them templates for what to go on that will reduce operational problems early on and/or in maintenance down the road. Like the OP and your Postgres recommendation. Also, like turnkey Postgres appliances for the cheap hosts they’ll probably be using.

                                  1. 3

                                    100%. I been in numerous failed startups. I’ve seen plenty more. Datastore wasn’t an issue even once…. I’ve seen plenty of startups build on amazing datastores and fail to have any sales and marketing. I’ve seen plenty fail from not having backups, from hiring poorly, from overreaching.

                                    Datastores can hurt when you’re scaling up. But you’re scaling up now. Congratulations.

                                    Agree that defaults make sense. However, equally it’s worth being aware that you’re going to have scale problems whatever you do. Every serious relational database I’ve seen is a beast. Comes with the territory.

                                    1. 2

                                      Yup, going with Postgres at the beginning makes sense, because it gives to freedom to experiment and iterate on your domain in the beginning from a solid foundation. Alas the databases that are more geared towards scaling are currently trickier to work with in the face of changing requirements, so mistakes become magnified to quite a large degree. But you’ll eventually want to move to a different model once scaling becomes an issue.

                                      At the moment my thinking is that you use a RDBMS under the hood, but pretending it’s CQRS/ES, which maintains an nice separation of concerns between reading and writing and the persistence layer, then you are in a better position to switch to something more scalable in the future, whilst maintaining the advantages of in-place migrations in the beginning when requirements are still up in the air.

                                      1. 1

                                        I had never heard of CQRS before, it’s quite interesting. Could you elaborate a bit on ES?

                                        1. 1

                                          Event sourcing…

                                          And I’m with /u/brendan on this: focus on the “why” (design) of separating concerns, not the “how” (transport). It’s a long time between MVP and having load that demands Kafka, RabbitMQ, NSQ, NATS, etc. There are designs that need those early but I squint hard at that because they add a lot of complexity and operational overhead when you’re still figuring out how to solve other problems.

                                    2. 3

                                      Startups don’t exist to make money- they exist to get bought. That’s their profit model: get bought out at a high valuation before your burn outpaces your investment.

                                      1. 5

                                        Startups don’t exist to make money- they exist to get bought.

                                        To be fair, their ability to get bought should depend on their ability to make money, and after these crazy bubble times are over, it will.

                                        That’s their profit model: get bought out at a high valuation before your burn outpaces your investment.

                                        That’s not a profit model though :) It’s a plan for making a return on the time, effort, and money the founders invested in the startup. It’s a gamble too!

                                    1. 10

                                      I have tested today, its incredibly fast. Both with SPA Js applications, standard sites as well etc. The memory usage is much lower than chrome (as promised) so all round I’m a very happy camper. The default style out of the box is also very clean. A big improvement from previous versions.

                                      It will be interesting to see the Servo adoption from smaller browser projects.

                                      1. 2

                                        Seconding the lower memory usage! I’ve been thrilled since I switched over to the nightly and now rarely reach for chrome.

                                      1. 7

                                        I am really looking forward to trying out Firefox /servo for our browsers at work. 90% of all our internal systems are now Web based and Chrome is such a resource hog, it will be interesting to see how it performs on a multitude of tasks. It’s a huge investment by Mozilla and I’m one guilty of saying ‘Yea so write xyz in Rust, it will be so much better’ but when it comes to actually writing anything other than code (other than personal projects) I still have never pushed the button, Mozilla have really preserved with Servo and Firefox investment in a time when desktop browsers are on the decline (and Google makes it hard to use many of their services unless you run Chrome).

                                        Fair play Mozilla, +10 Internet points.

                                        1. 1

                                          Why are people so obsessed with outright speed on basic examples? I am sure that this language produces a fast hello world Web throughput, but for a backend cms, is this even relative?

                                          As the article states, backend servers have to perform api calls, database queries etc, using a alpha language with minimal libraries will make this task a lot longer, sure if you just have to deal with json api and basic sql queries, it’s all hunky dory, but then you get a legacy api you need to connect to, possibly using something that’s no longer sexy (edi/soap etc) you start to run into problems and you need advanced data structures for complex sql queries . (I haven’t checked use cases for Crystal, but this is the case for most alpha languages). Using something like golang /python on the backend in my opinion just allows the job to get done, and unless your serving literally 5k plus requests per second, is the speed even a valid metric?

                                          1. 1

                                            Most projects eventually end up doing something interesting in the application logic (in the “slow” language)? I’ve replaced ruby and python code, which was never really “too slow”, but eventually started to feel a bit sluggish with larger loads, with luajit and go and its way faster. It’s not clear there was a hot spot. Just a diffusion of overhead.

                                            You start out processing a request in 10ms. Inevitably that creeps up to 100ms. Or you can choose to start at 1ms and creep up to 10ms.

                                            1. 1

                                              Possibly because your basic examples should be fast. If they aren’t, that raises questions. If Hello World is too slow, you might end up CPU bound. Also, faster languages, in this age of the cloud, are also often cheaper.

                                            1. 3

                                              I used to run the beta, then about 9 months ago switched exclusively to vscode (Atom for me is far to slow to use every day). I didn’t need any of the extra features vscode had, but after using it for the whole of this year, it’s really improved my work flow, plugins just work, great community, easy to switch between languages and have all the features for X language.

                                              I had paid for sublime, and used it for some time, but just never found it more than a tool, if I want something lightweight I’ll use vim. But spending over 6 hours a day in an editor for 9 months solid, I can only say good things about Vscode.

                                              1. 1

                                                Personally for me (as a user of OpenSolaris) what was disappointing for me is when the project forked, it was basically the kernel with a few (at the time partially broken) build scripts. I am glad you posted this, as it now looks like OpenIndiana (among others) is fairly stable with a half decent community, when I get chance, Ill test it out on my Desktop. Since OpenSolaris/Belenix development was stopped, I moved to FreeBSD (zfs support mainly), I did check back in every now and again on the illumos community, but never really saw progress towards a stable server platform.

                                                Having used FreeBSD for 6 years now, I doubt I will switch back to an OpenSolaris based platform, but it will be interesting to see where the project is at.

                                                1. 2

                                                  never really saw progress towards a stable server platform

                                                  SmartOS has been an extremely stable server platform for a long time

                                                1. 8

                                                  Writing web stuff in Go just doesn’t seem like the best fit. It seems that people want to use Go as the next step from rails/django. But most (yes there are plenty of cases where it might be a good idea) of the time the extra performance gained by using Go isn’t even relative/ to the task at hand, the people in this camp most of the time would benefit from re-writing or optimizing their existing code base in their current language. It doesn’t mean Go is a bad language, it just means its not suitable for X task.

                                                  There is a massive trend at the moment for people to have “one programming language to rule them all”. Its like expecting a mechanic to undo every bolt of a car with one tool, its probably achievable, but its not the correct approach. My approach is always, what do I need to do? Can I do this with X language that I normally use, will using this language limit any performance/functionality if yes, will using another language solve this problem? And go from there. Sure we could do all web development in Haskell, but is that really a good idea?

                                                  1. 2

                                                    Sure we could do all web development in Haskell, but is that really a good idea?

                                                    Haha I clicked here from Twitter! “Yes. Yes, it is.”

                                                    1. 1

                                                      He has taken it a bit out of context, sure Haskell is great for some web tasks, but if you have a fresh environment and need to serve 1 static html file, its a pointless exercise. This just adds to my original post saying how some people have an idea they want to use one “super” language for all tasks, which although would give cleaner/more standardized code, its not really the best development practice.

                                                  1. 1

                                                    I used sublime for years, I’ve been using VS Code for the past 8 months and I love it, as someone who spends more than 6 hours a day looking at/using an editor, it makes life so easy. Also, it takes less than 2 minutes to setup a clean install how I like (which can’t be said with Sublime), I used atom as a comparison to VS code, but the speed difference was drastically slower compared to VS code.