This is actually quite fascinating (and part of my upcoming book...)
Despite the obvious high/low-level language differentials, people have been managing multi-million-line C code-bases since the 80's. Then again, think of how little the build tooling has actually changed -- instead of fragmenting, you're left with llvm, gcc, make at the core of most compiled software.
JavaScript is the exact opposite with the lowest possible barrier to entry (built-in to every web browser...), and the proliferation of frameworks and libraries may be due to this in combination with the lack of fundamental understanding of design patterns that can scale. Lots of people trying to partially solve symptoms, missing the forest for the trees.
Theoretically there's nothing preventing good patterns in high-level UI development, but I'm not quite sure it's been done right, yet and have no idea when the dust will settle.
Javascript and other dynamic language like it are very good prototyping languages and for developing a quick mock-up to explore the pros/cons of a potential solution to a problem. But the lack of type checking and proper encapsulation turn into big headaches when scaled to a large app with even a few more junior developers.
Without a compiler/type checker to help spot obvious problems in code runtime exceptions explode. This happens even for senior developers. And the lack of proper encapsulation other than by convention can/does lead to an explosion of the surface area of source code that a dev needs to know and be familiar with in order to refactor and make changes to large codebases which makes for very brittle large apps.
Hence, I look forward to new languages targeting web assembly that will be more amenable to creating/maintaining large scale and long lived apps.
Probably because very little innovation happens to any long-standing protocol until it becomes a primary business concern.
Almost every business relies on OpenSSL or some equivalent, but how many actually learn enough about SSL to contribute back to the codebase? Not many, because despite the need there's little acclaim or funding to be had pursuing things that won't make direct revenues, regardless of their importance.
Protocols like this generally don't get updated until it becomes a matter of necessity -- either by public awareness (we're far from that point) or someone designing the "next big thing" needs an un-implemented feature and contributes.
My point though, is that it's always a "secondary" or "tertiary" business concern... a point emboldened by the number and frequency of data breaches -- always followed of course, by the email newsletter follow-up & mea culpa. "We care about the security of your data, we swear. We regret to inform you that ..."
Sadly things are not always as they should be, friend...
I do think there's some value to pointing out the irony though; two men from two cultures that couldn't be more distinct, with titles that could be synonyms, using what is essentially the same scripted prose to control and appease the media/populace.
Personally I find it disheartening. I think the Chinese are copying key aspects of the American Media/propaganda model because it's been demonstrated as so damn effective...
You seem extremely knowledgeable about high-performance servers!
Your example is fantastic -- I realize it's written in C, but perhaps you could explain how in the context of a tool like this (current article) might allow it to function as an end-to-end webserver?
What kind of limitations? What are the advantages, security implications? What is it well-suited for?
Really appreciate a reply -- I'm writing a book on architecture design and I'd really love to include some elements from the bleeding-edge of performance -- you clearly know what you're talking about.
Dash is an end-to-end webserver (although as written it only supports HTTP GET). It happens to use KDB[1] because my use-case has KDB used for logging and analysis of the HTTP requests. KDB (for all its performance) does not support HTTP keepalive (which this does), and while I have previously used something like nginx+lua+qlua[2]+kdb, dash is so much faster than nginx that it qlua is obsolete for my purposes.
Many marginal increases in complexity (for features, perceived "friendliness", autovivification of configuration, and so on) incur exponential-or-worse increases in latency, exponential-or-worse decreases in throughput, and may be the leading cause of defects (including security) in programming: I have observed the enemy of performance and security is abstraction.
Can you tell me where I may find more info on KDB or how this may compare to more traditional serving options for static resources, HLLs or anything that might fit well in a large tree.
I'm trying to understand exactly what its limitations are though, both in terms of what it can do and when it may be a poor candidate (when lower req/s is ok and greater flexibility is needed).
In kdb, GET requests are normally mapped to .z.ph[1] which synchronously returns the HTTP response. dash supports this as well (sync mode) when it doesn't understand the query string parameters, and then dash works just like a faster .z.ph for KDB.
Async mode is designed when dash knows what the HTTP response will be and can send it immediately. It then relies on kernel queueing to send the same message to kdb which allows for logging (or other processing, like HLL or anything else). This gives a significant performance boost so it's worth optimising.
Well, "startup" is a poor choice of words, but he actually has a half-decent idea.
As someone who owns dozens of little "tool" sites (think less/scss converters, meme generators, JS beautifiers, etc), I can tell you each is probably 1-2 pages, took an hour to build and thankfully due to some domain squatting (kw in domain) and a low bounce rate I don't have to worry much about SEO.
As for the Adsense revenue, I think you'd be quite surprised.
One is an afternoon, not a startup idea.
50, on the other hand, could be passive income for a very long time.
Just something to consider before jumping to negativity. ;)
I'm sorry to say I won't be releasing that first... The first is due within the next 12-14 days, after which it should take me 1-2 months to finish writing & editing the adsense-property-model guide.
To leave you with something tangible, it's very feasible to produce 5-figures per day with only hosting cost as your overhead ($300/mo).
[edit] without automation tools though, it would obviously be very tedious to produce the number of properties required to have that kind of income by hand. process flow & site generation/management is the crux of this strategy.
Thanks for the reply. Does site creation involve pure content sites as well as simple web apps? Or maybe some kind of hybrid for SEO purposes?
I would love to read more once you have something published. You should consider adding some contact info in your profile so that people won't go on a stalking expedition to find you (as i did) :)
Hah, the way you phrase that makes me wonder what you found.
Right now really just web apps. Content sites are doable, and I know people running networks, but it's not possible to do profitably without clickbaiting, low-quality mass-produced content, and other greyhat techniques I don't particularly like.
I think it's fair to show you an ad if I save you 30 seconds to a minute of time. Creating garbage content slideshows with writers from the 3rd world countries to rack up pageviews is one step over the line for me...
Simple apps are great because they have utility (so google always approves your tag), and honestly the doubleclick exchange isn't so bad -- with enough simple single-page apps, it accrues pretty quickly.
Automated site creation... what, you're taking some public domain content, loading it up with ads, then hoping it ends up higher in the SERP than the original source?
How is this different than filling amazon with autogenerated kindle "books" made from Wikipedia articles?
Not exactly, I think it was a poor choice of words as I was referring to my build/deployment tooling.
If I have an idea (e.g. a "ES2015 to ECMA6" converter), I'd look for a library to do this (if there isn't an open source one, I'd consider building my own as a learning experience).
Setting up the webpage up (converter/form) is trivial since it's really just one page and a few settings.
The really cool part is I've built laravel commands to do the hard work for me. They can:
- buy domains based on a keyword search with some common regex-like patterns
- set up a git hook to continuously deploy to an AWS micro instance via codedeploy/CircleCI
- manage different adsense codes across properties
So, if you're wondering these are things that have utility. I'm optimizing the pains of setting up each site, though.
I do build adservers for a living, but never once have I created a crappy content-farm click-baiting blog -- they are the scourge of the internet >:{
[edit] lastly, I'm not sure if you have a problem with google ads (doubleclick/google publisher network) but I think they're pretty sensible in what they allow... no reasonable person would take issue with that.
5 figures per day as in $10K+ every day? Impressive! How many of those tools require constant automation? Something like a CSS converter or JS beautifier should only need updating to fix bugs or due to updates of underlying libraries.
It's really interesting to see services like this emerge.
In my opinion, the merchant processing/gateway revolution happened when providers (Stripe, Braintree, et al) started providing quality APIs for user/profile/subscription management and took the burdens of PCI compliance off of the companies building consumer products.
On the surface, I feel like this is a great way to offload the liability of storing sensitive user data -- though it also creates a central source of failure. Success is predicated on Luno securing their data; if they can't, the model would die.
If they can, it's possible we'll start to see a mass-migration of authentication-based apps switching to these service, if only for the legal intention of offloading liability.
Definitely a fascinating model and there are other doing it too, but the founder's (rbin's) post pretty much read "blah... blah.. blah.. trust and security.. blah blah.. sersiously.. blah blah blah.. "
Until there is a service that has shown it has the chops it takes to securely store user data for a third party, its an uphill battle for these services.
PCI also comes with a bunch of rules that companies that store card data need to adhere to. Obviously the idea is that adhering to these rules ensures (there are arguments for and against, but lets skip those. :P) that data cannot be hacked.
With PI, if you're data is hacked, there is no penalty from a consortium, like in the case of PCI data being hacked, but it is ludicrous to say that there is no penalty at all. When a website is hacked and loses customer data, it also loses customer trust. The websites revenue is based on it's users trusting the site and coming back to it over and over again. A data leak would (rather has the potential) to be disastrous to the site and it's business. (Ashley Madison is the most recent example I could think of).
I do agree with the fact that for a lot of small sites that just want to identify the user, leaking PI will have almost no negative result. But then, such sites have already moved over to OAUTH, and there purpose is already served.
It does if you play devil's advocate and follow the chain of reasoning.
If god is great and non-believers are bad and "god" says it's righteous and just to punish the non-believers, then naturally doing "god's work" is doing no harm?
Actually the truth is even messier... most of these young men committing atrocities are merely indoctrinated pawns who know very little of their own religion and instead defer to their "emir."
This ideological poison is being propagated by those individuals, with power/financial interests back in the middle east. I think the individual committing the act believes they are doing good, and the individual who convinced them to do it is too morally corrupted & detached to care about ideals such as "civilian life."
There are far more atrocities that occur in this world than there are psychopaths in the general population.
If we hope to make any progress toward peace, I think we need to truly understand the reasons why and how weak, impressionable minds with poor cultural integration can be manipulated to commit such atrocities.
It's easy to label these individuals as determined, unreachable psychopaths (particularly out of fear) but the sad truth is, most extremism is borne not of evil but of weakness. A select few manipulate this weakness to convince otherwise insignificant people, often with desires of grandeur to commit unthinkable acts. This power of perspective becomes increasingly obvious as you realize most problems with immigrants in European countries occur in the 2nd and 3rd generations -- those who have seen the true horrors of war first hand are not so easily fooled.
The hard truth is: if society doesn't provide susceptible minds with alternatives first, a small but steady % will be at the mercy of whomever comes along promising "answers."
Actually the truth is even messier... most of these young men committing
atrocities are merely indoctrinated pawns who know very little of
their own religion and instead defer to their "emir."
How can you claim that these young men know very little about their own religion? The Koran and Hadiths are full of hateful texts. Muhammed himself beheaded a tribe of jews according to the Hadiths. Most (all?) Muslims think Muhammed is the most perfect human being ever created - akin how Christians think about Jesus.
Yes, Islam is a particularly violent religion -- if you have read the Koran, many of its concepts seem very incompatible with the idea of a free secular society. Then again, the bible has the crusades.
I'm personally an atheist and I honestly don't think the problem is the the text itself but the cultural, ideological conflicts of an impoverished region that allows whoever "shouts the loudest" to assume power. The kids committing these atrocities probably couldn't even tell you what you just told me about Mohammad -- my point is that they are brainwashed and utterly uneducated so whomever comes along and says "this is god's word" is who they will listen to.
Anger + Desperation - Education = Extremism
You won't solve this problem by banning the Koran, but if you can get Muslims everywhere to renounce this "us-or-them" culture in favor of a more moderate interpretation (you know, how all religions seem to evolve if they want to survive) then perhaps we can neuter these kinds of groups before there's a power-vacuum?
That said I'm fortunate that the muslims I meet daily don't appear to know
"their own religion" - or at least don't follow the example from which it
started - and instead are peaceable and as virtuous as one would expect
of anyone in UK society in general. They seem much like those who
call themselves Christians: following a generally moral code
without a deep understanding of what being a true adherent entails.
I fear that when shit hits the fan and it's time to choose sides (e.g. in a civil war), most "peaceful" (or perhaps just passive) Muslims will choose the Muslim side.
I expect civil war in a relative short term in Europe (< 10 years), since politicians seem passive (afraid to offend muslims by making some drastic choices) or too politically correct and the populace is still too divided. I just hope I'm able to emigrate from Europe before all this happens.
As someone who develops high-performance systems and is continually learning, I think this is a fantastic idea!
Honestly, something that seems desperately needed as that knowledge is currently spread out among hundreds of thousands of blog posts, forums and threads -- diamonds in the rough.
I'm going to try to get something published on gumroad (and open-sourced on github) in this vein, if you're interested let me know and I'll reach out when it's done :)
Because it has never been a question of who is deserving of what...
The poor have no leverage, and realistically, no one is going to give that to them.
We're not talking about an idealistic re-working of civic values, but the natural tension that already exists between private interests and the public sector.
One need only look to antitrust law to see why letting any single locus of control grow unchecked can wreak havoc on a market/economy -- I think we should appreciate the few checks & balances we have left, lest this notion of naive idealistic equality allows them to slip away unchallenged.
Despite the obvious high/low-level language differentials, people have been managing multi-million-line C code-bases since the 80's. Then again, think of how little the build tooling has actually changed -- instead of fragmenting, you're left with llvm, gcc, make at the core of most compiled software.
JavaScript is the exact opposite with the lowest possible barrier to entry (built-in to every web browser...), and the proliferation of frameworks and libraries may be due to this in combination with the lack of fundamental understanding of design patterns that can scale. Lots of people trying to partially solve symptoms, missing the forest for the trees.
Theoretically there's nothing preventing good patterns in high-level UI development, but I'm not quite sure it's been done right, yet and have no idea when the dust will settle.