WingNews logo WingNews GitHub [2]

kowsik's comments

kowsik | 11 years ago | on: “Anthem was the target of a very sophisticated external cyber attack”

Ultimately, the web is an attack vector that no one is immune to. Did you read the Syria hack recently? Just a skype chat with an attractive opposite-gender is enough to download a piece of malware masquerading as a picture you really want to see. While the human aspect has always been a key element of getting hacked, products that claim to distinguish the good vs. bad are failing big time. And this has been the pillar of enterprise security (classifying good against bad) for the last 20 years and is starting to show its age.

kowsik | 11 years ago | on: “Anthem was the target of a very sophisticated external cyber attack”

True that about the security engineers, but they are at the mercy of products that claim to distinguish good from bad and this has never worked, IMHO. How the hell can you write signatures against malware/documents/web-sites/files/attacks/blah when there's so much diversity and quantity of stuff to keep up with?

Disclaimer: I built the first IPS to be commercialized and yes we used signatures amongst other things.

kowsik | 13 years ago | on: The Highs and Lows of Side Projects

Depends on what your expectations are. I built https://www.delayed-tweets.com for myself and I'm a heavy user of it and I tinker with it when I have time (Heroku + Stripe, if you want to know). If it also becomes a source of income, so be it. Otherwise, it costs me just a little more than using an alternate service to do the same thing (like HootSuite, Buffer, etc). But, I get to tinker with it on the side, learning new things and making little improvements as I have time. So 6 months from now, I don't have to be disappointed that it didn't go anywhere. A side project is exactly that, something that you tinker with while you still have a day job.

kowsik | 13 years ago | on: Show HN: Circular, an open source clone of Buffer

Very cool - just a few weeks ago, I spent two weekends (8 hours total) building https://www.delayed-tweets.com. Sinatra on Heroku + Stripe along with a bunch of gems to connect up to Facebook, Twitter and LinkedIn. It's mainly for my personal use right now, but awesome to see others having simliar needs to schedule and cross post social updates.

[edit] The "big" monthly cost for this project for me is primarily the SSL add-on. Everything else amounts to nothing since I have no long running dynos, even for resque.

kowsik | 14 years ago | on: 10 Million hits a day with Wordpress using a $15 server

Regarding ease of use, if you are a dev, there's always toto or jekyll. Throw in disqus for commenting and you are pretty much done. Each blog is just a simple haml/erb/liquid template and git push is all you need to get a new page/blog up.

kowsik | 14 years ago | on: Linus Torvalds on C++

I've been writing C and C++ for a long time (kernel and user mode) and what I find is, it takes a fair bit of discipline when writing C++ code (like hiding new/delete for stack-only objects or ensuring operator= works for heap objects and so on). Debugging with STL and templates can be PITA since the error messages are so convoluted in most compilers. One thing I would agree on Linus, is the talent pool of disciplined C++ programmers is pretty scarce. There are tons more C programmers that have enough OO experience of faking vtables and building structs-with-callbacks to simulate class inheritance and what not.

kowsik | 14 years ago | on: Wordpress on Heroku

the cedar stack has a writeable file system, though no persistence across dyno recycles/restarts.

kowsik | 14 years ago | on: 9 million hits/day with 120 megs RAM

I can only speak for http://blitz.io. We generate an account-specific UUID which becomes a URL that you need to make available on your app (adding a route in ruby/node.js or uploading a txt file). Before each load test we check that your UUID is available on the app. Even if your UUID is leaked, this is not a problem, since it's unique to your account. Unless of course, your Google/Facebook account gets compromised. We currently, do not support password logins. It's either OAuth/FB Connect or SSO through our partners.

kowsik | 14 years ago | on: Speed Limit of PaaS - 64K TCP Ports

You have to think about concurrency. If there were a total of 64K simultaneous requests to that physical instance, each of which is running 100+ apps because it's multi-tenant, this drastically reduces the number of ports available to each app. With evented IO, a socket could be open for 250 ms (db query taking time) that sucks up a port causing a potential DoS on the other apps.
page 1
more