ianl's comments

Super excited to see this launch.. Nix at its core is incredibly unique but hard to access.

Whats next on the roadmap?

Beautiful

Manifold | Backend API Engineers and CLI Engineers | Halifax, NS | Remote, Fulltime, https://www.manifold.co

At Manifold, we help developers discover and use innovative tools and technologies; so you can focus on building, not managing, your applications. Each new cloud service we use today introduces complexity in the form of another bill, account to manage, credential to secure, and code to deploy.

Today we’re solving this problem through Torus and the Manifold platform. Torus simplifies your development workflow by enabling you to store, share, and organize secrets across services and environments. While, Manifold allows you to build and offer cloud services to developers without having to worry about billing, identity, and credential distribution (An example of one such service: JawsDB).

We’re a small, remote-friendly venture-backed company based in Halifax, Canada with teams in Toronto and San Francisco. With a shared passion for making developers lives easier and our backgrounds reflect that, having worked at the likes of Red Hat, Heroku, and Salesforce.

Apply for the Backend / API Engineer at https://jobs.alongside.com/details/backend--api-engineer/160...

Apply for CLI and Integrations Engineer at https://jobs.alongside.com/details/cli-and-integrations-engi...

At it’s heart, Torus is public-key infrastructure, users/machines derive and encrypt asymmetric key pairs from their password. These key pairs are then uploaded and signed by the Torus server using a key endorsed by our root signing keys (always kept offline in a sealed and secured environment).

This enables Torus to establish a web of trust (much like gpg), allowing clients to retrieve and validate (by navigating down the web of trust) public signing and encryption keys for other users or machines. Using these validated keys, clients can encrypt secrets for each other without ever sending the secret (or any material used to encrypt it) to the server.

Vault, on the other hand, operates under a centralized encryption model with all secrets encrypted using keys encrypted by the root master key. For a vault cluster to boot up, the vault must be unsealed which complicates it’s high availability story — for a cluster to cold start it must have access to the master key.

The onus is on operators to properly store, transmit, and leverage the master key to unseal the vault which requires a certain level of sophistication to do properly. If the root key were to be lost or compromised, then all of the secrets would be as well.

Torus uses a decentralized model and builds on-top of the privilege of least privilege — users and machines only have access to the secrets they require. Making it far easier to operate as a cloud service (no cold start problem) and ensure that we never have access to your secrets.

We don’t see Torus as only a security tool, instead, we see it as a productivity tool by focusing on making it super easy to set, audit, and rotate secrets when a machine is compromised, developer leaves, or key is committed to git.

With Torus, you can use our fine grained access controls to model exactly how your organization divvies up access and responsibilities. You can give a team (users or machines) access to everything, a specific environment, or even a specific service instance within an environment.

Only users or machines with explicit access can retrieve the encrypted secrets from our servers and they are never written to disk in plain-text.

With our worklog(1) feature, we make it really easy to rotate secrets when a team member leaves, commits them to git by accident, or a machine is compromised by listing out every secret they could access cryptographically.

For small teams and deployments, we want to make it easy for them to keep their secrets out of git without having to securely manage and deploy heavier tooling such as Vault or Keywhiz.

1) https://www.torus.sh/docs/latest/commands/organizations#work...

At Manifold(1), we built Torus from the ground-up to solve a consistent pain when building cloud apps: securely storing, sharing, and rotating secrets used to build, run, and deploy code. Our goal is to make it simple for anyone, not just the security savvy, to keep their secrets out of git and off disk.

To do this, we designed our security model (host and cryptography architecture) for hosting in the cloud to ensure we never have access to any of the keys used to encrypt or sign secrets — they’re derived from a user’s password and never forwarded along. We’ve posted more information in our documentation(2).

The server is currently closed source, with plans to open source it. The client (where all cryptographic operations happen) is open source.

1) https://www.manifold.co/ 2) https://www.torus.sh/docs/latest/internals/crypto

Manifold | Frontend Engineers and Fullstack Engineers | Halifax, NS | Remote, Fulltime, https://www.manifold.co

At Manifold, we help developers discover and use innovative tools and technologies; so you can focus on building, not managing, your applications. Each new cloud service we use today introduces complexity in the form of another bill, account to manage, credential to secure, and code to deploy.

Today we’re solving this problem through Torus and the Manifold platform. Torus simplifies your development workflow by enabling you to store, share, and organize secrets across services and environments. While, Manifold allows you to build and offer cloud services to developers without having to worry about billing, identity, and credential distribution (An example of one such service: JawsDB).

We’re a small, remote-friendly venture-backed company based in Halifax, Canada with teams in Toronto and San Francisco. With a shared passion for making developers lives easier and our backgrounds reflect that, having worked at the likes of Red Hat, Heroku, and Salesforce.

Senior Front-End Engineer apply at https://jobs.alongside.com/details/senior-frontend-engineer/...

Fullstack Engineer apply at https://jobs.alongside.com/details/full-stack-engineer/21147

The github repo can be found at https://www.github.com/goinstant/secure-filters

We are preparing to launch an API in the coming weeks that will allow you to import(and export) your data into GoInstant. We'd love to give you a sneak peak by giving you access to the beta. If you're interested please drop me an email (available in my profile).

GoInstant offers a hierarchical key-value store that is synchronized between all users inside your application. We offer a couple of mechanisms when last-to-write is not sufficient.

You can use set overwrite[1] (similar to redis SETNX) with key expiry[2] to create locks and then leverage our ACL[3] to secure[4] which users and groups can modify the data.

We are currently planning to implement MVCC based transactions and operational transformation primitives into our core Key interface. I can't say when these features will be ready, but we definitely want to get to them!

https://developers.goinstant.com/v1/javascript_api/key/set.h... https://developers.goinstant.com/v1/javascript_api/key/expir... https://developers.goinstant.com/v1/guides/creating_and_mana... https://developers.goinstant.com/v1/overview/security.html

We currently have a comprehensive security model in place which is detailed in our developer documentation at https://developers.goinstant.com/v1/overview/security.html.

We offer fine-grained access control lists that work with our authentication mechanism that gives the developer the ability to determine exactly which users and groups can modify data. You can read more about our ACL implementation at https://developers.goinstant.com/v1/guides/creating_and_mana....

Security is a huge priority for us and will continue to be moving forward, we will continue to work towards building features that enable and documentation that focuses on building secure realtime applications using our Platform.

We're built on a custom architecture and internal protocol, it allows us to internalize a lot of concerns.

We're working on pricing now. No timetable at the moment, but you do get 1 app for free. We know its really important and we're working on it now.

We'd be happy to talk to you further about it and get your feedback.

You don't need a server, we offer our realtime collaborative stack as a service. We're cooking something up right now similar to TogetherJS, if you'd like a sneak peak drop me a email (in my profile).

If you want to build and host your own realtime application take a look at HAProxy (tcp mode in 1.4) for load balancing the incoming websocket connections to your application stack. There has been a lot of success using Node.js with engine.io, socket.io, or take a look at the meta Primus module.

This is awesome, I really like how github has been exposing so many API's lately so we can use their tools in whatever way we see fit by simply tying several api's together.

Hooking this into our CI server and using the Merge API (for keeping PR's up to date) is the next 20-minute task I will take on.

Halifax, Nova Scotia, Canada

GoInstant (http://www.goinstant.com)

GoInstant is a venture-backed startup building a unique co-browsing tool that allows two or more people to surf the web at the same time. It requires no downloads, plugins or installs. People connect in 3 seconds or less and share a web experience in real-time.

Hiring:

* Senior QA Engineer

* Senior Web Developer

* Web Developer

Apply at http://www.goinstant.com/jobs

Halifax, NS (Canada) - http://www.goinstant.com

  Senior QA Engineer
  Senior Web Developer
  Web Developer

http://goinstant.theresumator.com/apply/

GoInstant is a venture-backed startup building a unique co-browsing tool that allows two or more people to surf the web at the same time. It requires no downloads, plugins or installs. People connect in 3 seconds or less and share a web experience in real-time.

We’ve raised $1.7M from top tier investors in Silicon Valley, including Freestyle Capital, Chamath Palihapitiya, Steve Anderson, Reid Hoffman, Yuri Milner and Ed Sim. They are the people who have helped build Facebook, Twitter, Playdom, Heroku, Linkedin, GotoMeeting and more.

We’re currently in private beta with some of the world’s largest B2B SaaS vendors and e-commerce sites, and expanding quickly.

GoInstant is a small, tight knit team building a technically complex and sophisticated system.

The point was he didn't have a resume nor did he do any background checks because he was obsessed with the fact that this guy must be good because he was a former vp of a $100m company.

You can find the video at http://www.youtube.com/watch?v=nbPASJiAfu4

Thanks for the link and reading. I do a lot of coding and have many projects I work on.

Was also curious, do they expect you to know right away, as I usually have a more iterative style right away. I guess what i'm asking is what are the protocols or whats established norms for these interviews? No one has ever really explained to me what they want.