The Backend Engineering Show with Hussein Nasser
535 episodes - English - Latest episode: about 2 months ago - ★★★★★ - 5 ratingsWelcome to the Backend Engineering Show podcast with your host Hussein Nasser. If you like software engineering you’ve come to the right place. I discuss all sorts of software engineering technologies and news with specific focus on the backend. All opinions are my own.
Most of my content in the podcast is an audio version of videos I post on my youtube channel here http://www.youtube.com/c/HusseinNasser-software-engineering
Buy me a coffee
https://www.buymeacoffee.com/hnasr
🧑🏫 Courses I Teach
https://husseinnasser.com/courses
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Episode 136 - Sidecar Proxy (Pros and Cons)
March 08, 2020 03:56 - 26 minutes - 18.5 MBA sidecar proxy is an application design pattern which abstracts certain networking features, such as inter-service communications, monitoring and security, timeouts, retries, communication protocols, away from the main architecture to ease the maintenance of the application as a whole. In this video I’d like to talk about how we classically do things: Library Pattern getComments HTTP1:1/JSON Add features retries/timeout /hardcode the server name what it changed/add new server to load ba...
Episode 135 - mySQL 8.0 has a new feature called Atomic DDL and it is not what you think
March 05, 2020 03:29 - 6 minutes - 4.63 MBMySQL 8.0 supports atomic Data Definition Language (DDL) statements. This feature is referred to as atomic DDL. An atomic DDL statement combines the data dictionary updates, storage engine operations, and binary log writes associated with a DDL operation into a single, atomic transaction. The transaction is either committed, with applicable changes persisted to the data dictionary, storage engine, and binary log, or is rolled back, even if the server halts during the operation. I discuss my...
Episode 134 - gRPC
February 29, 2020 20:00 - 1 hour - 54.7 MBgRPC (gRPC Remote Procedure Calls[1]) is an open source remote procedure call (RPC) system initially developed at Google in 2015[2]. It uses HTTP/2 for transport, Protocol Buffers as the message format. In this video I want to explore gRPC, go through examples, pros and cons of gRPC. Client/ Server communication SOAP HTTP (REST) WebSockets Client Libraries gRPC gRPC Demo todos gRPC Pros and Cons Pros Fast two/uni and request Unform One library to rule them all Progress feedbac...
Episode 133 - Firefox fixes a bug that prevented users from signing into the Royal Bank of Canada (73.1)
February 26, 2020 04:54 - 5 minutes - 3.12 MBFirefox version 73.1 fixes a bug that prevented users from signing into Royal Canadian Bank (Firefox fixed a bug that prevented Canadians from signing in to their bank royal Canadian bank) what caused it? Lets get into it * Users will sign in and will get blank page. * Cause Beacon API and HTTP/2 * Bug has been there forever Sources https://bugzilla.mozilla.org/show_bug.cgi?id=1613943#c16 🏭 Software Architecture Videos
Episode 132 - Optional Chaining and nullish coalescing coming to Javascript, how useful are they and when can you use them?
February 23, 2020 14:05 - 13 minutes - 9.07 MBSome cool new features are coming to the Javascript language namely Optional chaining and nullish coalescing how useful are they? lets discuss So Optional chaining and nullish coalescing are coming to the Javascript language. I think it is already in the Javascript Engines (V8, SpiderMonkey, JavascriptCore and Chakra) which will be picked up by other clients such as browsers, node js , dino other stuff .. Cool stuff lets get into it. Show them (chrome devtools) Where is it available? Nod...
Episode 131 - Firefox deprecates support for TLS 1.0 and 1.1 ( THIS IS GREAT! BUT .... )
February 17, 2020 19:50 - 12 minutes - 8.68 MBWe are one step closer to a more secure web. Firefox disabled TLS 1.0 1.1 It’s a big change that I am very happy about but not everyone is. Let's discuss . Resources https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ https://www.openssl.org/~bodo/ssl-poodle.pdf Firefox disabled TLS 1.0 1.1 It’s a big change that I am very happy about but not everyone is. Lets discuss Resources https://hacks.mozilla.org/2020/02/its-the-boot-for-tls-1-0-and-tls-1-1/ https://www.open...
Episode 130 - Envoy fixes a critical security bug related to HTTP headers with whitespaces
February 11, 2020 00:05 - 9 minutes - 6.23 MBGoogle engineer Alyssa Wilk discovers a critical security bug related to whitespaces in header values. Envoy and Node JS fix this by releasing a security patch. let us discuss it. tags: envoy, envoy proxy, envoy security, envoy proxy whitespace, Alyssa Wilk
Episode 129 - Node JS Releases a Fix for an HTTP Request Smuggling Vulnerability
February 09, 2020 17:56 - 12 minutes - 11.2 MBNode JS Releases a Fix for an HTTP Request Smuggling Vulnerability, we discuss the attack and the fix in detail.
Episode 128 - Google blocks Embedded browsers sign ins to avoid MITM phishing attacks
February 09, 2020 15:19 - 7 minutes - 5.3 MBIn April 2019 Google blocked sign-ins from Embedded Browsers to avoid man in the middle phishing attacks. In this video, we discuss why. https://security.googleblog.com/2019/04/better-protection-against-man-in-middle.html?m=1
Episode 127 - PostgreSQL 12 has some interesting new features, Is it worth the upgrade?
February 09, 2020 01:58 - 16 minutes - 11 MBPostgresSQL version 12 has been released, let's go through the features that I think are most interesting and cool. #softwarenews Feature Matrix https://www.postgresql.org/about/featurematrix/ - Allow adding columns to Index (GIST) https://www.postgresql.org/about/featurematrix/detail/314/ - COPY FROM WHERE COPY FROM ... WHERE - More native support of JSON objects https://www.postgresql.org/docs/12/functions-json.html#FUNCTIONS-SQLJSON-PATH - Reindex concurrently (slow but allows write...
Episode 126 - Will the New Chrome version 80 finally end Cross-Site Request forgery?
February 04, 2020 22:09 - 11 minutes - 5.08 MBGoogle just released the latest version of Chrome (80) and one of the interesting features making a big change to the default cookies that might actually prevent CSRF forever. Let’s discuss this. #softwarenews * Same Site Attribute * Break some apps * Devs must explicitly set None;secure * Will this end CSRF Resources https://youtu.be/GPz7onXjP_4 https://www.chromestatus.com/feature/5088147346030592 News Theme 2 by Audionautix is licensed under a Creative Commons Attribution ...
Episode 125 - Layer 4 vs Layer 7 Load Balancing
January 29, 2020 23:17 - 37 minutes - 21.5 MBLoad balancing is process of balancing incoming requests to multiple machines, processes or services. In this video we will explain two types of load balancers, layer 4 and layer 7. Layer 4 - haproxy, NLB Pros - great for simple packet-level load balancing - Fast and efficient doesn’t look at the data - More secure as it cant really look at your packets. So if it was compromised no one can look - Uses NAT - One connection between client and server NATed Cons - Can't do smart ...
Episode 124 - NginX
January 20, 2020 04:20 - 1 hour - 59.7 MBNginX is an open source web server written in C and can also be used as a reverse proxy and a load balancer. In this video, I want to go through the following topics in NginX What is NginX? 2:25 Current & Desired Architecture 4:58 Layer 4 and Layer 7 Proxying in Nginx 8:40 Example 10:25 Install Nginx (mac) 13:30 Nginx as a Web Server 15:00 (webserver.conf) Static context location root 20:00 regular expression 27:00 proxy pass 30:30 Nginx as a Layer 7 Proxy 33:30 Proxy to 4 backen...
Episode 123 - Horizontal vs Vertical Database Partitioning
January 02, 2020 00:43 - 11 minutes - 7.96 MBIn this podcast I explain what database partitioning is and illustrate the difference between Horizontal vs Vertical Partitioning, benefits and much more. Why Partitioning?
Episode 122 - ARP
December 31, 2019 19:38 - 15 minutes - 10.6 MBARP Address Resolution Protocol is a protocol that maps IP address to a mac address so hosts can be addressed. I want to make a video explaining ARP because it is starting to surface a lot in different videos that I’m making such as man in the middle, load balancing, and security.
Episode 121 - What happens when you type google.com into your browser address box and hit enter?
December 30, 2019 01:41 - 47 minutes - 32.3 MBIn this video I want to go through what really happens under the hood when you type google.com and you hit enter in a browser. This is inspired by alex’s github page below, it is a great detailed description of what happens. I did however add more details to certain areas and I removed some stuff like keyboard events and low level operating system like that. So if you are interested stay tuned! https://github.com/alex/what-happens-when 5:30 HSTS https://youtu.be/kYhMnw4aJTw 19:30 tcp vs u...
Episode 120 - What is Fail-over? Achieving High-Availability
December 28, 2019 21:41 - 20 minutes - 18.6 MBFailover is the technique of switching to a redundant backup machine when a certain node goes down. This is a very common implementation for achieving high availability and it is often mixed with different load balancing techniques such as layer 4 and layer 7 balancing. In this video i want to go through following * What is Failover? 1:47 * ARP - Address Resolution Protocol 3:00 * VIP & VRRP 5:40 * High-availability Example 12:12 Cards 4:00 ARP 12:50 docker javascript 18:00 OSI Model ...
Episode 119 - HAProxy
December 23, 2019 17:17 - 1 hour - 42.7 MBHAProxy is free, open source software written in C that provides a high availability layer 4 and layer 7 load balancing and proxying . It has a reputation for being fast and efficient (in terms of processor and memory usage). In this video I want discuss the following Current & Desired Architecture 2:30 HAProxy Architecture 5:50 HAProxy as TCP Proxy & HTTP Proxy (Layer 4 vs Layer 7) 17:00 ACL (Access Control Lists) 19:20 TLS Termination vs TLS Pass Through 20:40 Example 24:23 ...
Episode 118 - SSL Stripping and HTTP Strict Transport Security
December 23, 2019 00:59 - 18 minutes - 17 MBHSTS or HTTP Strict Transport Security is a mechanism to force clients to communicate in HTTPS with a web server if both support this protocol. In this podcast, I talk through this tech.
Episode 117 - Database Engines
December 20, 2019 12:50 - 1 hour - 46.4 MBDatabase engines or storage engines or sometimes even called embedded databases is software library that a database management software uses to store data on disk and do CRUD (create update delete) Embedded means move everything in one software no network client server. In this video I want to go through the few popular database engines, explain the differences between them and finally I want to spin up a database and change its engine and show the different features on each engine Timeco...
Episode 116 - Database Sharding
December 18, 2019 17:05 - 59 minutes - 54.9 MBDatabase Sharding Crash Course (with Postgres examples) Database sharding is process of segmenting the data into partitions that are spread on multiple database instances to speed up queries and scale the system. What is sharding? sharing key / partition key Consistent Hashing Horizontal partitioning vs Sharding Example Pros and cons What is Sharding? 1:30 Consistent Hashing 4:50 Horizontal partitioning vs Sharding 7:36 Example 8:45 Spin up Docker Postgres Shards 10:02 Write to ...
Episode 115 - Varnish HTTP Accelerator
December 18, 2019 17:00 - 51 minutes - 47.3 MBVarnish is a reverse proxy web accelerator Written in C designed to improve HTTP performance by using server side caching. In this video I’m going to go through how Varnish works, we will spin up a Varnish docker container and finally talk about the pros and cons of this tech. Agenda Classic HTTP Architecture How Varnish Works? HTTP Setup - Varnish HTTPS Setup - Varnish with Caddy as TLS Terminator. Varnish Pros & Cons Summary Pros Cache & prefetching documents Resolve DNS hos...
Episode 114 - HTTP/2
December 18, 2019 16:57 - 24 minutes - 22.4 MBshort is a major revision of the hyper text transfer protocol that improves the performance of the web. It uses a binary protocol and multiplexing. In this video I want to go through how HTTP/2 works, its pros and cons and show the performance difference between HTTP 1.1 and HTTP/2 Http/1 request has to wait for a response And if you used up your connection response you can send anything else. Source Code: https://github.com/hnasr/javascript_playground/tree/master/staticpage So hack ! 6 tcp c...
Episode 113 - Collateral Knowledge
December 09, 2019 15:57 - 12 minutes - 6.06 MBSorry about the free form audio and low quality thought I post something here its been while
Episode 112 - Tor (The Onion Router)
November 30, 2019 21:06 - 23 minutes - 13.6 MBTor or (The Onion Router) is a free and open source project for allowing anonymous communication. In this video I want to discuss this technology and explain how it works. What can sniffers really see? Why Tor? Why don’t we just use a VPN? How Tor Works? More about Tor So if you are interested stay tuned. Cards: 6:00 TLS 10:53 symmetric key encryption TimeCodes: Normal Request 1:30 What sniffers see 4:30 Why Tor and not VPN? 6:00 How Tor Works 8:50 More tor info 21:00 Tor Dir...
Episode 111 - Kafka
November 30, 2019 21:04 - 1 hour - 44.7 MBApache Kafka is a distributed stream processing software developed by LinkedIn and written in Scala and Java. In this video I want to focus on the basics on Kafka, talk about how it works give finally spin up a kafka cluster and write a producer and a consumer. Kafka Components _ producer _consumer _topic _partition How Kafka works Example ( Ride sharing ) Spin Kafka cluster Write a producer Write a consumer Kafka Applications Pros and Cons
Episode 110 - Do you need a VPN?
November 03, 2019 20:30 - 15 minutes - 8.89 MBTom Scott Full Video https://youtu.be/WVDQEoe6ZWY Tom Scott is a YouTuber with around 2M subscribers who discusses and specialized in computer security. I always enjoy his videos specially those on computerphile. He recently made a very interesting video titled This video is sponsor by —- We all probably know this is a reaction video to NordVPN Hack. He is really smart and not just because of his accent I wanted to make a video to elaborate on some of the statements that Tom made in his video...
Episode 109 - RabbitMQ
November 03, 2019 20:28 - 42 minutes - 24.5 MBRabbitMQ RabbitMQ is an open source distributed message queue written in Erlang and supports many communication protocols. It was trying to solve the spaghetti 🍝 mesh architecture where every client is communicating with other client in System by introducing an extra layer in the middle. (slide) In this video we will explain basic components of RabbitMQ Such as AMQP, channel, queue, publisher, consumer and some stuff, we will also learn how to spin up a RabbitMQ server and we will finally...
Episode 108 - Redis
October 04, 2019 14:27 - 37 minutes - 21.6 MBRedis is a noSQL key-value store, in memory database first that exploded in popularity in the past few years. In this video slash course, we will explain what Redis is, talk about the in-memory model, the optional durability, replication, clustering publish subscribe and the protocol and finally we will go through examples. During the video I will add time codes to each topic so you guys can jump to the topic that interests you the most. Table of Content and TimeCodes Redis as a NoSQL In...
Episode 107 - GraphQL Pros and Cons, examples and when to use over REST
September 26, 2019 04:35 - 57 minutes - 33 MBGraphQL Pros and Cons, examples and when to use over REST GraphQL is an open source query language developed by facebook that allows clients to formulate queries to get different results. Its main goal is to combine multiple services into one endpoint. In this video we will discuss what is GraphQL, why facebook developed it, go through some examples using github GraphQL API, finally we will discuss the pros and cons and when you should use this technology. What is GraphQL? Examples Pros ...
Episode 106 - Consistency vs Eventual Consistency
August 27, 2019 00:43 - 15 minutes - 8.69 MBConsistency vs Eventual Consistency Consistency is the property of having expected result in view of the data or during reads while working with a database system. It is one of the ACID properties in relational databases. Eventual consistency is another term that was born recently specifcally as NOSQL databases got emerged. In this video we will talk discuss the difference the different kind of consistencies and we will explain what Eventual consistency and how both relational databases and N...
Episode 105 - Relational Databases
August 21, 2019 14:12 - 44 minutes - 25.5 MBACID ACID are four properties of relational database, they Atomocity, consistency, isolation and durability, and I think any one working with a relational database like postgres, mysql, sqlserver oracle, should understand these properties. In this video we will go through the four properties and explain why each is critical to make a relational database we will also talk about why some people are moving to NOSQL database Atomicity All or none. if a failure happened during transaction, db ...
Episode 104 - REST API - The Good, the Bad and the Ugly
August 07, 2019 13:27 - 25 minutes - 14.7 MBREST stands for Representational state transfer its is an architecture that became very popular in build web APIs. It was the dissertation of Roy Fielding. In this video we discuss what makes an API RESTFUL, the REST APIs constrains, ill the show you an example of a RESTFUL api in github. Representation and State transfer Representational The resource is a representation or meta data, but the actual backend could be something else and stored differently. An Example, could be a use...
Episode 103 - What is an HTTP Proxy? (Transparent, HTTP and Service Mesh Proxy examples)
August 01, 2019 03:45 - 15 minutes - 10.8 MBA proxy is a software that intercepts traffic and forward it to the destination on behave of the client. This extra layer provide several advantages such as caching, load balancing, content filtering and much more. Some implementations of proxy can be used by governments to spy on its citizens. We made a video about proxy vs reverse proxy check it out if you want to learn more about the difference. In this video we will explain the different types of HTTP proxies and the benefits and use cas...
Episode 102 - The Evolution of HTTP (HTTP 1.0, 1.1, HTTP/2, HTTP/3)
July 15, 2019 03:15 - 47 minutes - 38.1 MBHTTP is a protocol for transferring web pages, text, media, binary files and much more. It stands for hyper text transfer protocol and It is what the Internet pretty much runs on. In this video we will learn how HTTP works, how it is secured with HTTPS, will also show how to spin up an Http web server, and we will also go through the evolution of HTTP starting from HTTP 1.0 to HTTP 1.1 to HTTP/2 and eventually HTTP/3 which is still experimental. HTTP anatomy Request (browser, web a...
Episode 101 - NAT Network Address Translation
July 04, 2019 17:22 - 21 minutes - 19.8 MBNAT network address translation is a process of mapping an IP address or IP port pair to another IP address or IP: port. You might be wondering what a software engineer like me doing making a video on a low level networking concept? I have good reasons for that. NAT was originally designed to solve the ipv4 limited IP addresses, but since been used for port forwarding and layer 4 load balancing through the virtual ip address such as Haproxy thats why I decided to make a video about NAT from ...
Episode 100 - TCP Tunneling
June 29, 2019 01:50 - 30 minutes - 17.6 MBTunneling protocol Tcp tunneling Tunneling is the process of encapsulating content from a protocol A into another protocol B, usually because protocol A is blocked or unavailable. In this video we will explain how TCP tunneling works, the applications of TCP tunnels and the pros and cons. Coming up! * TCP Tunneling * Applications * Pros and Cons TCP Tunneling Here is how TCP Tunneling works. Lets say your goal is to access a website that your ISP proxy blocks www.server2.com this is h...
Episode 99 - TLS
June 23, 2019 15:46 - 25 minutes - 14.4 MBTLS which stands for transport layer security is a protocol for securing communication between client and server. Specifically for HTTPS. Thats what the S is stands for. In this video, we will learnq how insecure vanilla HTTP works, HTTPS, then we will learn how HTTPS is possible via the transport layer security and finally we will talk about the improvements in 1.3 that was published August 2018. Vanilla HTTP HTTPS TLS 1.2 handshake TLS 1.3 enhancements Vanilla HTTP Before we ...
Episode 98 - Encryption
June 16, 2019 21:23 - 22 minutes - 13 MBEncryption is the process of scrambling data to protect personal files, secure communication, hide identities and much more. In this video we will learn about the different type of encryptions we will talk about symmetric encryption, asymmetrical encryption, where they are used for and the pros and cons of each one. Symmetric encryption Asymmetrical encrypt Pros and cons of sym va asym Symmetric encryption Might as well just call it classic encryption I would argue and i think thi...
Episode 97 - Bandwidth
June 16, 2019 21:16 - 24 minutes - 14.1 MBBandwidth explained from software engineer point of view Bandwidth is measured by how many bits a device is allowed to send/receive in a second. It ranges from your internal network starting from network card all the way to your ISP Internet speed. In this video we will discuss the definition of bandwidth upload vs download speed, the different usage patterns for normal web browsing, streaming, gaming, media production and cloud web servers etc and finally we will show an example of the ...
Episode 96 - Denial of Service
June 16, 2019 05:05 - 22 minutes - 13 MBDenial of Service attacks Dos attacks (denial of service) are type of attack on a server to prevent users from consuming a particular service, usually this is an HTTP web server. This could happen by either saturating the bandwidth of the pipe going to the server or by bringing the server down to its knees so it stops taking requests all together. In this video we will learn about 3 different types of DOS attacks and explain each one by example. Bandwidth based DOS 2:15 Dos Sending Hu...
Episode 95 - TCP vs UDP
June 02, 2019 16:25 - 40 minutes - 23.2 MBTCP and UDP are communication protocols that allows us to send and receive data in a network. We have both for a reason since each has its advantages and disadvantages. In this video we will talk about two protocols, pros and cons of each one and will write tcp and udp server with nodejs showing you these in ACTION. coming up Code! https://github.com/hnasr/javascript_playground/tree/master/tcp Jump Codes 🏷 tcp pros cons(4:12) Tcp demo (19:00) Udp pros cons (24:25) Udp demo (31:25) ...
Episode 94 - When to use GET vs POST?
May 26, 2019 16:49 - 22 minutes - 15.4 MBGet and POST are the most popular http methods used on the web. Each carries its own differences and properties. It can confusing to get to choose when to use POST over GET. In this podcast we will explain the differences, use cases and the benefits of using GET and POST.
Episode 93 - Microservices
March 16, 2019 16:21 - 17 minutes - 13.8 MBMicroservices (Explained by Example) Microservices technology is a new pattern of software engineering that has been popularized recently. In this video we will explain what microservices are, their pros and cons by example. A lot of companies have moved in the early 2010 such as twitter and netflex to the microservices architecture. Microservices technology is a pattern where you can break down big application into smaller services and what previously is a function call is now a network ...
Episode 92 - Attribute Rules
March 16, 2019 16:11 - 9 minutes - 8.6 MBAttribute Rules are scripts that can be authored and placed in the geodatabase to ensure data integrity lets discuss them.
Episode 91 - Public IP vs. Private IP Address
March 10, 2019 18:23 - 15 minutes - 14.1 MBIn this episode we will talk about the difference between public ip and private ip address and casually talk about routers, modems, LAN, WAN and port forwarding.
Esri Dev Summit 2019
February 26, 2019 00:41 - 2 minutes - 2.74 MBJoin me in the upcoming Esri dev summit! Ill be presenting attribute rules and the utility network.
Episode 90 - You will be Judged
February 16, 2019 15:51 - 21 minutes - 12.2 MBIt is a long weekend with the president day on Monday. Which means it is another good opportunity to create more art. Whether that is a new ArcGIS pro Add-in or a new map, a painting, a new piece of poetry or music. This also means more chances to get discovered, which means more chances to get criticized. I get criticized all the time now that I have bigger exposure and this is our topic for this podcast coming up,
Episode 89 - Push vs Pull Notifications
February 14, 2019 22:15 - 15 minutes - 11 MBThis is originally a video that I converted into a podcast I think it is still useful https://www.youtube.com/watch?v=8D1NAezC-Dk Notifications have become part of our daily life. We receive them almost every minute on our phones, tablets, and computers. As software engineers, it is good to understand how notifications work, and what different type of notifications there are (push and pull notifications), the advantages and disadvantages of each. In this video I'll explain how the push n...
Episode 88 - What was wrong with SOAP Protocol?
February 12, 2019 03:21 - 11 minutes - 8.18 MBSoap (Simple Object Access Protocol) has been a popular messaging protocol in the early 2000s. It uses XML as a format with well defined schema, and your choice of stransport protocol. Despite it still being used people have been moving towards #REST architecture and more so #gRPC recently. In this episode we discuss why people moved from #SOAP and what are the advantages and disadvantages of SOAP. Stay Awesome! Hussein Nasser