Blog

Facebook’s on an evil mission. It wants to convince you that the web is broken. So Facebook recently introduced Relay. To explain why you “need” Relay instead of REST, they made a series of claims about why REST is broken.

These claims are false.

A few months ago, I talked about why I don’t like React. One of the reasons is that I believe Facebook, and frameworks like React, are undermining the Open Web. This may not be intentional. I certainly don’t think it is the intention of the developers on those projects. But I’m less confident in the motivations of the people running the companies behind these frameworks. And, either way, they aren’t good for the Open Web.

Logstash is successful enough that Elasticsearch, Logstash, and Kibana are known as the ELK stack. At Panda Strike, we use the ELK stack and have several Elasticsearch clusters. But we take the L out, and use Fluentd instead, even though “EFK stack” sounds more awkward.

Here’s why.

Building HTTP APIs means finding common ground with developers who can use any programming language they want. But in any given era of history, the lingua franca is the language that is most likely to be mispronounced. More so even than JavaScript, HTTP is the Web’s lingua franca, and it has a similar, universally misunderstood status.

One of the most important things to understand about HTTP is that it has a type system.

There’s been a lot of excitement lately about React. React seems to have bumped Angular from the top of the hippest-framework mountain. This is unfortunate, because both of these frameworks are bad for your application’s health. They’re also bad for the entire software industry. For new applications, please, for the love of all things open, use Web components instead.

React’s design is bad. I could give you a lot of specifics—separation of concerns, coupling views with models, the focus on needless optimizations, the importance of supporting open standards—but I’m going to tell you a story, instead. The story is about a startup with a popular product and lots of venture capital. This startup decided that they wanted to make their Web app extra special. Like many who came before them, they decided that HTML and CSS just weren’t quite good enough for them.

The Agile Manifesto was written in mid-February of 2001, and it made the tech industry a better place. But it was written by people, not gods, and its day is fading. Likewise, the Scrum development methodology helps people build stuff, but it has flaws. So let’s talk about what Panda Strike does instead of Scrum and Agile, and why.

We’ll start with the biggest flaw in the Agile Manifesto.

[Bastion host(s)][bastion host] are a useful and important component of a system management infrastructure. A bastion-host, in this context, is actually more properly, but more obscurely, called a [jump server]. In this post I will simply use the term [bastion host]. It is the most commonly used term for the system’s function: a server, which has undergone security hardening steps, that is the operational and administrative control point for systems and hosts in a datacenter (or AWS Region).

On the last point about AWS Regions: I will touch on some powerful capabilities of bastion hosts, AWS Security Groups, and cross AWS account-access that we use here at Panda Strike.