&yet

One of the most talked about presentations at RealtimeConf 2013 was yeti Lance Stout and Philipp Hancke's demonstration of WebRTC signaling over XMPP, resulting in a federated video call within the browser.

This demo caught the attention of The VoIP Users Conference, or VUC a weekly, live discussion about all the telephony things, which began in 2007. Lance and Philipp will be joining the VUC community on December 27 at noon (Eastern Time) to discuss the potential of WebRTC as an interoperable tool to communicate within established protocols.

Philipp and Lance have been working together for some time on projects (strophe.jingle and Stanza.io, respectively) that push forward the ability of developers to utilize XMPP in tandem with the web, specifically WebRTC.

Join their conversation two weeks from today on Friday, December 27, at the VoIPUsersConference.org, or track it on their Google+ community.

At &yet, we give Thanksgiving bonuses. The tradition has become something outward-focused.

Software developers hold an exceptionally privileged place in society. We feel not guilty, but grateful for this—yet we fervently believe to whom much has been given, much is required.

Last year, the thrust of our Thanksgiving bonus was providing each of our team one day of paid time off per month to donate to making the world a better place, with us matching any gifts toward that organization.

This year, we have several Thanksgiving announcements:

Next week, yetis Adam Baldwin and Luke Karrys will be traveling to San Francisco to speak at the second Node Summit, December 3-4. Node Summit brings together developers, leaders, and other technologists to discuss Node.js and its role in the future of the web and computing.

Adam will be there representing both ^Lift Security, and The Node Security Project, an ambitious open-source project he founded with the goal of auditing every single module in npm. Adam will be discussing Node.js security with Bert Belder of StrongLoop, Charlie Robbins of Nodejitsu, and Daniel Shaw of The Node Firm.

Luke will be speaking during NodeTalks on client solutions with Glenn Scott, of the Creative Artists Agency (CAA), and they'll discuss the challenges they faced on a recent project involving two different development teams coming together for the creation and deployment of a production node app and API to Microsoft Azure.

The Node Security Project is also a sponsor of Node Summit, so if you're interested in attending, use the discount code SPEAKERFNF to get a 25% discount to the event, and while you're there swing by NSP's booth and grab a sticker. Tickets are available at NodeSummit.com.

I’m gonna wax philosophic for a moment.

I’m sure you’ve heard the joke that the code you wrote six months ago is always terrible code. It’s a feeling we all share I’m sure.

Here's the thing: It’s not totally true, and the reason it's not true is choice.

When you are writing software you are perpetually making choices. Now, choice is a funny thing because we as humans cannot know the future. We are bound in time. The consequences of our choices are closed to us, as well or ill-informed as we happen to be it doesn’t matter.

This year's RealtimeConf was the most complex and ambitious thing I've ever been part of. At final count, we had 400 people involved in the making of the event. (What's quite humorous is we had 200 attendees, and 100 of those included among the contributors.)

Taking into account our staff expenses, we "only" lost $230,000 putting on RealtimeConf. We had several members of our team focused mostly full-time on the event for over six months. If our team worked for free, we would have still lost around $50,000. (Incidentally, we are very grateful to our very generous "tip jar" contributors.)

The assumption most people have made (and most certainly will make based on the above) is that we've decided not to reprise the conference because we overextended ourselves and lost too much money.

Yes, it was a ton of work—but the large ensemble involved truly loved doing it and I believe the vast majority would gladly do it again. Now, it was a bit of an intense time for me because I'd also committed to speaking at JSConf EU and LxJS in the month prior to the conference. But the amazing work of Mel, Amy, Mike, Jenn, Kathryn, Ben, and the rest of our team made that possible.

And Bang uses a service called Intercom for support communication and notifications. We were recently notified that Intercom was affected by a security breach of one of their database providers, MongoHQ. For the sake of transparency, we want to pass the information along to our users.

Intercom found that 1 out of the 30 databases on MongoHQ had been accessed and states:

"The data we store on MongoHQ is limited. The user records are not labeled with the customer name, product name, or domain name of the app with which they are associated. We don't store Intercom account information, passwords, billing information, or any Intercom messages or conversations, on MongoHQ."

More detail on the breach is provided by Intercom on their website.

Today, yeti Henrik Joreteg, will be discussing WebRTC on the weekly podcast, The Web Ahead. The hour long show allows host Jen Simmons the opportunity to chat one on one with each week's guest on the burgeoning technologies and platforms that are pushing the web forward.

Henrik is author of the popular library, SimpleWebRTC and lead developer for Talky, a tool we built for simple video chat and screen sharing. He's also heading up the effort to push WebRTC forward at IsWebRTCReadyYet.com.

Henrik first spoke on WebRTC at JSConf Brazil and built AT&T's WebRTC focused att.js, which was showcased by AT&T at CES earlier this year. He spoke recently about WebRTC, first on a Realtime Data panel at EdgeConf this past September, and again at RealtimeConf 2013, in Portland a few weeks ago. Henrik will also be speaking at Cascadia.js later this month.

Go to 5by5's website to hear today's podcast with Henrik and Jen.

We made the RealtimeConf, in large part, to bring the Web and XMPP communities together. This year, we've seen huge strides in these two communities coming together. Most recently Lance Stout (an &yet team member), and Philipp Hancke were elected into the XMPP Standards Foundation (XSF) Council. This council is the five people in charge of approving extensions to XMPP. It is encouraging to see two people who have been contributing to XMPP tools for the web elected to this council.

Mike "Bear" Taylor (another &yet team member) was also re-elected to the board, which has been making the advantages of XMPP clear to developers over the years. But XMPP has always been a tough-sell for web developers.

JavaScript is ill-equipped to deal with streaming XML. Additionally, modern development tends to use language data structures (namely JSON) for APIs, databases, and protocols. As such, web developers have a difficult time dealing with XMPP, finding XML stanzas to be archaic.

Web developers are a pragmatic bunch, preferring simple interfaces rather than difficult-to-implement interfaces, regardless of additional benefits. Due to this, the XMPP community has changed their attitude and tactics. They used to try and convince web developers to use XMPP whereas now they are bringing XMPP to web developers with more web-friendly interfaces.

After years spent compiling, eight months of writing, editing and rewriting, figuring out the process for epublishing and learning how to use Gumroad (which we highly recommend!) – Human JavaScript is finally available.

As an experiment, we released it a week ago to see what the reaction would be and so far the feedback has been overwhelmingly positive. Here's what people have said about Human JavaScript in the past week:

"...required reading for every JavaScript Developer." @svenlito

"Human Javascript is one of these books I would have loved to have read two years ago. Great book!" @normanrz

Inspired by a tweet from @seriouspony, we are offering a special discount scholarship ticket with the aim of increasing the number of amazing women part of the RealtimeConf community. (We already have some truly incredible women part of this community, but we'd sure love to see more.)

This ticket is just $399 for women who will commit to submitting a talk at next year's RealtimeConf.This includes admission to RealtimeConf and WebRTC Camp. (Don't miss checking out the RealtimeConf content.)

This is a savings of over $600 off the ticket price and there will be a limited number of these tickets available.

Given the significant role women have played on making our team better and that 8 of the 10 best conference talks I've heard in 2013 were delivered by women, this is an investment in the future quality of overall culture and presentations at RealtimeConf.

People have a very special distaste for telecoms.

Between wiretapping, egregious data roaming and text messaging charges, the unreadability of our phone bills, and carrier lock-in, we have plenty of reasons. Add in the fact that we consider ourselves entirely dependent on them and we're all the more resentful and cynical.

But forget the traditional telecoms for a minute.

Google, Microsoft, Apple, and Facebook are truly the new telecoms—each within the last few years has built or bought a communication platform of their own.

Wouldn't it be cool if someone built a federated, interoperable, open source, and super hackable "Skype killer" built on WebRTC and XMPP and released it at RealtimeConf?

I had the privilege to attend EdgeConf 2013 as a panelist and opening speaker for the Realtime Data discussion.

It was an incredible, deeply technical conference with an interesting discussion/debate format.

Here's the video from the panel:

Hapi is a web framework created by Walmart Labs that has many bells and whistles, including built in support for input validation and authentication, as well as a powerful plugin system.

In this online course, Introduction to Building APIs with Hapi, you will learn how to create a simple API, including query parameter and payload validation. We will also look at how to load and configure plugins.

Plan on spending some time on September 25, 2013 say, around 11am (PDT) with Nathan LaFreniere, our resident dev/ops badass, as he guides you through Hapi land and leads a Q&A to fill you in on any lingering questions.

LaFreniere is an endlessly talented developer with expertise in both building custom production systems and supporting complex realtime web apps. He's also created and contributed to a number of open source projects, many of which have become fundamental to our development process at &yet.

Our response to another dev community's vulnerabilities says more about our personal insecurity than it does about their code's insecurity.

Full-stack web developers are generally a smart bunch—some exceptionally so, especially when you consider the increasing amount of complexity that must be navigated to build a modern web application.

Developers are universally defensive about the security of their code—and even moreso, their chosen tools.

Over the past year, there have been widely publicized vulnerabilities in Rails and Ruby. We've admittedly seen developers in other communities point and laugh. In turn, the Node ecosystem has seen its share of vulnerabilities, including one that a couple evenings ago generated a prominent Twitter dustup between leading developers in different communities (which I'm intentionally not going to link to).

We are canceling RedisConf 2013 due to lack of interest from attendees and sponsors.

We have contacted the handful of ticket holders and we will be doing our best to help them work out their preferences.

Ben Arent is still going to put together a great (but informal) Redis get-together on the same date in Portland, tentatively including a Redis hackathon in the morning and a meetup with talks in the afternoon where Salvatore Sanfilippo will be giving a full-length talk. These will be followed by an invitation to the RealtimeConf opening party.

(One good thing is most everyone interested in RedisConf is also interested in RealtimeConf. In fact, there are only a couple of people who bought a ticket to RedisConf without accompanying it with a ticket to RealtimeConf and we're offering them to convert their RedisConf ticket to a full RealtimeConf ticket, saving $300.)

Web technology and security change so rapidly it can be exhausting to keep up.

We like to have lunch-and-learn type meetings at &yet to help keep each other in the loop on what we're learning. In the spirit of these timeless "brownbags," we've decided to create a series of short, introductory online classes.

These bite-sized online classes will be focused on giving you a quick introduction to a topic and the chance to ask questions.

The first class, Securing a Node.js Express App, will be taking place next week on Wednesday, August 28, 2013 at 11am Pacific Time with your guide Adam Baldwin, &yet CSO, ^Lift Security team lead and founder of The Node Security Project.

First—some important news: We've changed the dates.

Early this year, we announced dates for RealtimeConf, RedisConf, and a brand new, WebRTC-focused event. A short time later, our friends at LxJS announced their dates—which were unfortunately the same. We immediately reached out, discussed the mix-up, and determined that we were in the best position to change our dates.

After getting back to the states after being part of a wonderful first-time RealtimeConf EU smashingly organized by Julien Genestoux, we've reset dates and, in the meantime, we've made tremendous headway on conference planning.

Last year, we had a full week of Realtime events and we're just ramping that up a notch, by adding a full day focused on the most exciting realtime technology to hit the web: WebRTC.

We’re happy to be able to announce Karolina Szczur (web, Twitter, GitHub) has joined the &yet team as lead interface designer/developer.

We’ve been familiar with (and in awe of) Karolina’s work for some time and it’s quite an honor to be able to add her to our team.

Karolina has been published in .Net Magazine, served as Editor at Smashing Magazine, and spoken at numerous JavaScript and design conferences around the world. She is also the former UX lead for Nodejitsu and has contributed design to The Node Firm, NodeCopter, and many open source projects.

Protocol buffer encoding is hard.

I really wanted to use them, though, seeing as there's a pretty significant speed increase when you don't have the overhead of HTTP.

Unfortunately, no one had written a node.js library for it. A couple of C bindings existed, but when I tried to use them, they either didn't even compile or I couldn't get them to work. That's when I had one of my all-too-common breakdowns, and decided to write my own. After all, anything for the sake of increased performance, right?

Using Google's specifications, I got started. In order to use protocol buffer encoding in any language, you have to start by writing a definition file to describe what messages exist, and what they contain. That definition is used for both encoding and decoding packets.

For those that don’t know, Ship Week (Ship It Monday, Brio and Úll) are happening right now in Dublin.

For Ship It! Monday we announced that And Bang 2.0 is now Beta, which you can now sign up to join the queue.

And Bang is our team same-page-ification app that helps you and your team celebrate progress together throughout the day and ship like the wind.

To join in the celebrations from home, we decided that it would be appropriate to launch a little something of our own. That something being a rocket, because what the heck, why not?

Buried in email. Overwhelmed by your backlog. Ugh.

We built And Bang cos we're tired of tools that make us feel bad about doing work we love. (Aren't you?)

And Bang is here to help you and your team:

Starting this Friday, our awesome And Bang 1.0 customers will be receiving invitations to the And Bang 2.0 private beta.

We built And Bang because we're tired of tools that make us feel bad about doing work we love. (Aren't you?)

We believe you should do the work you love in a way you love.

Today, we're open sourcing signalmaster.

Paired with SimpleWebRTC.js, this is all you need to set up and serve WebRTC video calls.

Happy WebRTCing!

We're announcing two WebRTC projects today: SimpleWebRTC.js and conversat.io.

WebRTC is one of the most exciting additions to HTML5, enabling direct peer-to-peer connections for video and audio streaming. We’ve been playing with WebRTC for almost a year now, including helping clients like AT&T put it into play.

One conclusion we've come to is that WebRTC should be easier for developers to work with if it's going to gain more adoption. More people should be playing with this new amazing technology, but there's a lot of annoying complexity when working with it. As Mikeal Rogers put it, "It’s about 10x more complicated than WebSockets, and it’s taken 3 years to be where we are with WebSockets."

SimpleWebRTC.js

One of the main focuses of AT&T's Developer Summit at CES in Las Vegas this year was WebRTC.

The AT&T WebRTC API truly untethers user phone numbers from their mobile device. When your phone number on your mobile rings, so can your browser and your tablet. It's the kind of thing that could make answering your phone or making a phone call from anywhere as easy as checking your email is today.

&yet was privileged to play a central role in AT&T's work with WebRTC this year, alongside other partners like Ericsson and Voxeo Labs.

&yet has teamed up with the AT&T Foundry in Palo Alto to deliver several projects this past year. Some were shared at CES and most of those are featured at js.att.io and on AT&T's GitHub account. (Note that at this time, you have to be a registered AT&T Alpha Developer in order to use the API.)