Somewhat unsurprisingly, I’m arriving late, but thankfully still find some breakfast being served, nice :)
I have just have enough time before the next talk starts to chat with a person from Zendesk (they’re one of the sponsors and actually paid for all the coffee, thanks!). Zendesk seem to be all over the radar recently - hosting a “wine & dine” aka “we’re hiring” event a few weeks ago and coming up high in a recent review of best places to work at; good for them.
I also manage to catch one of the organisers, to whom I express my surprise that this event is free, in the sense that there’s food & even an afterparty in a nearby bar (venue is provided by Microsoft, who have been pushing for a “engineer-friendliness” for a while now, so not surprising), but he doesn’t reveal his tricks of trade. I suppose its all down to generous sponsors.
OK, time for some talks.
Think twice before dropping ACID and throw your CAP away
This was a good talk to start the day, Andrew presents a good and fairly detailed material about important aspects of databases, data reliability and how to pick the database for your next project. Protip: don’t believe what the vendors tell you, demand for extensive and third-party testing results to prove their claims.
The dark side of the Internet of things
This was one of the talks I was looking forward to. Sadly Dipesh was a bit hard to understand and within minutes the audience is more restless & chatty than they were during the previous talk; its like a classroom where most kids aren’t paying attention.
Thankfully the speaker improves as he goes along and the audience is back and lauging, especially when Dipesh starts showing real-life exploits & pwnages (unfortunately not performed by his trully), but nonetheless entertaining.
He proceeds to show Shodan and I’m amazed that the majority of the audience didn’t know this service. They boggled when shown the list of open webcams and giggled, quite naturally I suppose, when Dipesh actually connected to one or two of them. I was somewhat disapointed that Dipesh didn’t issue a reminder to respect peoples’ privacy, the fact that their webcams are open doesn’t mean we should spend our days looking at them. Sure, we’ve all done it at least once, because you just can’t believe that all those webcams are on the public Internet, you have to see it for your self. But the danger lies in the disconnect between your actions and results, created by the distance between you, the watcher, and the object. Its how politicians can make decisions without ever feeling the pain they’re causing, or how a soldier pulls the trigger on a drone in a country oceans away, its not the same as being there and doing it, that requires a lot more gut or lack of empathy.
Of course we trust our WiFi
This talk presented an idea - build yourself a WAP with open source firmware that allows you to tunnel all the traffic via the VPN, while using the free wireless network, such as in a cafe or public outdoor space, underneath.
In a nutshell, you just bridge the WAP to the existing open WiFi network and run OpenVPN on it, to tunnel you to your chosen exit point. Once you’re associated to this AP, all of your traffic is then tunnelled. It occurs to me now that with this setup, any device within the range of your WAP and WPA password (or the WiFi is open to start with) can associate and use the tunnel as well, so effectively you run a public VPN service :)
Of course if you just want to get online with a single device, like your laptop or phone, you can configure the VPN tunnel directly from your device. Having a bridged WAP however is useful when you’re with a group, like when attending a Kopi.JS meetup or maybe working remotely from a coffee shop with several colleagues.
Serverless
This talk was another introduction into serverless computing and what’s all that about. Kinda heard it all before (and imagined most of the people have as well, but given that each talk was voted for by the attendees in advance, I guess they didn’t).
One thing I learned is that there’s a serverless framework (of course there’s a framework), from a company with an imaginative name of serverless. It actually looks fairly decent, and their Event Gateway especially might be interesting, but it requires you to have an account with serverless, so one way or another they have you locked in if I’m reading it right.
The end
Unfortunately I didn’t have time to attend the rest of the talks & even the afterparty. The latter I was especially gutted about, considering this conference was organised by some of the same people who did GopherCon Singapore, and that afterparty was absolutely having it! Oh well, I suppose there will be time for that at the next gig. See you all there!