Forem: ["Ilker":{...}]

🚀 Orbit OS – Authentication System + Theme Overhaul (Biggest Update Yet)

["Ilker":{...}] — Thu, 25 Sep 2025 02:07:38 +0000

Hey folks 👋

I’ve been working with the CodeHubbers
community on Orbit OS, a collaborative Web OS–style project. This week marks one of the biggest milestones so far — we merged a comprehensive authentication system along with major theme enhancements into the project.

This was our largest PR yet:
41 files changed, 15 commits, +1,888 lines of code 💻🔥

🔑 Authentication System (by @CoderRC)

✅ User registration & login with JWT tokens

✅ Protected routes + authentication context

✅ Profile modals with avatar upload/editing

✅ User preferences synced to MongoDB

✅ Integration with Mongoose

This means Orbit OS is no longer just a demo desktop environment — users can now have accounts, preferences, and identities inside the system.

🎨 Theme & UI Enhancements (by @dailker)

✅ High-contrast theme for accessibility

✅ Improved theme registry + smooth animations

✅ Polished authentication forms with validation

✅ Brand new default OrbitOS wallpaper

✅ Global styling refinements (consistent across all apps)

On top of that, the UI components (taskbar, windows, apps) are now fully theme-aware, so the experience feels more polished and personal.

🖼️ User Experience Highlights

Enhanced taskbar with user info

Real-time avatar preview & editing

Auth forms that look like part of the OS instead of placeholder UIs

Preferences (themes, wallpaper, profile) that persist between sessions

All these changes make Orbit OS feel closer to a real desktop environment rather than just a prototype.

🔍 Why This Matters

Orbit OS started as an experiment — a web-based operating system with a desktop-like UI. With this update:

It’s no longer just visual; it’s user-aware.

Preferences and themes now stick with your account.

Accessibility and inclusivity improved with a dedicated high-contrast theme.

Developers get a scalable foundation for future features (apps, storage, permissions).

📂 What’s Next

Refining file management

Expanding built-in apps

More accessibility improvements

Growing the community via CodeHubbers

👉 Check out the repo here: Orbit OS on GitHub

If you’re into open source, full-stack development, or just love experimenting with futuristic UIs, we’d love to have you contribute!

WebOS Day 3 at CodeHubbers

["Ilker":{...}] — Sun, 21 Sep 2025 13:51:00 +0000

🚀 OrbitOS Update – Hydration Fixes & Calendar + Clock Popup

We’ve been working hard on polishing OrbitOS, and this update brings both stability fixes and exciting new features!

🔧 Hydration Fixes

We tackled server-side rendering mismatches to ensure smoother hydration and more reliable state handling.

📅 Calendar Control + 🕒 Digital Clock

The Taskbar clock is now interactive! Clicking on it opens a beautiful calendar popup with:

A dedicated digital clock card in large monospace font
Year and month navigation (with smooth scrolling + highlights for current year/month)
Click outside to close behavior for a seamless experience

🎨 UI/UX Enhancements

Glass morphism design with backdrop blur
Framer Motion animations for smooth transitions
Today’s date highlighted across all views
Responsive layout for proper positioning and spacing

👉 If you’d like to check out the project or contribute, here’s the repo:

🔗 OrbitOS on GitHub

Zero-Trust Encrypted Chat, seeking feedback

["Ilker":{...}] — Fri, 19 Sep 2025 06:59:19 +0000

I’ve been working on a personal project called Dragon’s Vault, a web-based encrypted chat platform built from the ground up with zero-trust architecture. The core idea is simple but ambitious: even if the server or database is compromised, your messages should remain completely unreadable.

The system uses multi-layer client-side encryption: AES-256-GCM for the first layer, XChaCha20-Poly1305 for the second, and RSA/ECC for key exchange. Everything happens in the browser: the server only ever sees encrypted blobs. Even metadata like timestamps and usernames are encrypted, and encryption keys are stored securely in IndexedDB.

Some of the features currently implemented:

End-to-end encrypted one-on-one messaging

Friend-based system with requests and approvals

QR code sharing for profiles

Real-time notifications

Multiple UI themes (dark, light, ocean blue, neon)

Fully responsive design for desktop, tablet, and mobile

From a development perspective, the project is built with Next.js, a MongoDB backend, and client-side cryptography libraries. There are clear abstractions for encryption, key storage, and authentication, making it easy for contributors to pick up and extend features.

I’m sharing this here because I’m looking for:

Feedback – on the security model, UX, and overall architecture

Feature ideas – are there ways to make encrypted social chat more usable without compromising security?

Contributions – anyone who wants to help improve code, add features, or enhance security documentation

The repo is open source: https://github.com/dailker/dragons-vault

I’ve put a lot of thought into balancing strong encryption with usable social features, but this is very much a work in progress. I’d love to hear from anyone interested in privacy-first messaging or client-side encryption. Even small contributions, security reviews, or suggestions are incredibly valuable.

Thanks for reading.

⭐ Star it if you can on GitHub: See project at GitHub

Building Hubbergram: A Secure Telegram Clone in C with Advanced Architecture

["Ilker":{...}] — Sat, 12 Jul 2025 13:35:05 +0000

🚀 New Project is Live on GitHub @codehubbers

Introducing Hubbergram — a lightweight, secure messaging server with a CLI client, built using POSIX-compliant C.

🔗 Check it out: hubbergram GitHub Repository
Huge thanks to Danyyil Serpokrylov for his external support in implementing POSIX compatibility. His contributions made it seamless to integrate the messaging server without encountering header-related build issues.

In an era where messaging security is paramount, I built Hubbergram - a lightweight, secure messaging server that demonstrates how to implement enterprise-grade security features in C. This isn't just another chat application; it's a comprehensive system showcasing modern security practices, encrypted storage, and clean architecture patterns.

Why C for a Messaging Server?

While most developers reach for Node.js, Python, or Go for web services, C offers unique advantages: Performance: Direct memory management and minimal overhead. Security: Full control over data handling and memory allocation. Learning: Understanding low-level networking and system programming. Portability: Runs efficiently on embedded systems and servers alike.

Architecture Deep Dive

The system follows a layered architecture pattern with clear separation of concerns:

Client Layer

CLI Client: Interactive command-line interface for users
HTTP Client: Handles REST API communication and JWT token management

Security Layer

CORS Protection: Prevents unauthorized cross-origin requests
JWT Authentication: Stateless tokens with 24-hour expiry
SHA256 Hashing: Secure password storage with salt

Server Layer

Multi-threaded HTTP Server: Handles 100+ concurrent connections
API Router: Clean endpoint routing (/api/register, /api/login, etc.)
Controllers: Separate logic for authentication, messaging, and location services

Data Layer

Database Encryption: Custom encryption with auto-generated keys
SQLite Storage: Lightweight, embedded database
Structured Tables: Users, messages, and groups with proper relationships

Key Security Features

Database Encryption
// Auto-generated encryption key per installation
void generate_db_key() {
unsigned char key[32];
RAND_bytes(key, sizeof(key));
// Obfuscated storage in header files
}
JWT Token Management
24-hour automatic expiry
Secure token validation on every request
Role-based access control (user/admin)
Privacy-First Location Sharing
Explicit user consent required
Admin monitoring with proper authorization
GPS coordinates with consent management

Technical Implementation Highlights

Multi-threaded Server Architecture
The server uses POSIX threads to handle concurrent connections efficiently:

// Simplified server structure
void* handle_client(void* client_socket) {
// Process HTTP requests
// Route to appropriate controllers
// Return JSON responses
}

RESTful API Design
Clean, intuitive endpoints following REST principles:

POST /api/register - User registration
POST /api/login - Authentication
POST /api/message - Send messages
GET /api/messages - Retrieve message history
POST /api/location - Update location (with consent)
GET /api/locations - Admin location monitoring

Cross-Platform Compatibility
Supports multiple environments:

Windows: MSYS2 with MinGW
Linux: Ubuntu, CentOS, RHEL
macOS: Homebrew dependencies

Building and Deployment

The build system uses Make with automatic dependency management:

One-command build with dependencies

make all

Automatic library installation

make install-libmingw32

CLI client build

make -f Makefile_cli

Security Best Practices Implemented

Password Security: SHA256 hashing with proper salt handling
Session Management: JWT tokens with automatic expiry
Data Encryption: SQLite database with custom encryption
Input Validation: Proper sanitization of all user inputs
Rate Limiting: Protection against brute force attacks
CORS Protection: Secure cross-origin request handling

Real-World Applications

This architecture pattern is suitable for:

IoT Messaging: Lightweight messaging for embedded systems
Enterprise Chat: Internal communication with security requirements
Educational Projects: Learning system programming and security
Microservices: Base for larger distributed systems

Performance Characteristics

Memory Usage: ~2MB base footprint
Concurrent Users: 100+ simultaneous connections
Response Time: <10ms for typical operations
Database Size: Efficient SQLite storage with encryption overhead

Lessons Learned

Security by Design
Implementing security from the ground up is easier than retrofitting. The encryption key generation and JWT implementation were built into the core architecture.
C for Web Services
While challenging, C provides unmatched control over system resources and security. The learning curve pays off in performance and understanding.
Clean Architecture Matters
Separating concerns into distinct layers made the codebase maintainable and testable, even in C.

Future Enhancements

WebSocket Support: Real-time messaging without polling
File Sharing: Encrypted file transfer capabilities
Group Messaging: Enhanced group management features
Mobile Clients: Native iOS/Android applications
Federation: Inter-server communication protocol

Conclusion

Hubbergram demonstrates that C remains relevant for modern web services, especially when security and performance are priorities. The project showcases: Modern security practices in systems programming. Clean architecture patterns in C. Cross-platform development techniques. Real-world application of cryptographic principles.

The complete source code and documentation are available on GitHub, providing a solid foundation for anyone interested in systems programming, security implementation, or building messaging systems from scratch.

Whether you're a student learning systems programming or a developer exploring low-level web services, Hubbergram offers practical insights into building secure, performant applications in C.

Technical Stack: C, SQLite, JSON-C, OpenSSL, JWT, SHA256, POSIX Threads
Platform Support: Windows (MSYS2), Linux, macOS
License: MIT
Repository: https://github.com/codehubbers/hubbergram

Why C and C++ Still Matter in the Age of Python and AI

["Ilker":{...}] — Fri, 11 Jul 2025 21:15:14 +0000

From my observation, C developers have a wide range of opportunities, including embedded systems, operating systems, and hardware-level programming. However, in the job market, many tend to gravitate towards game development, as game engines still heavily rely on C or C++. When it comes to writing libraries, C is often not the first choice. This is primarily because developing comprehensive, clean libraries in C requires significant skill, patience, and time, especially due to the complexities of low-level memory management. While some developers create their own libraries for personal use, few share them publicly.

C remains an excellent language, but as technology evolves, it may no longer be viewed as a “modern” language and might gradually fade from widespread use. The rapid rise of AI-driven development has contributed to an influx of new languages and frameworks produced quickly, often lacking proper documentation and stability. This trend is concerning, especially for those whose expertise lies solely in C, as versatility becomes crucial for career growth.

In response to the argument that it makes little sense to invest in C libraries because they will often be executed through higher-level languages like Python, I believe this viewpoint overlooks important technical considerations. Python is a powerful and accessible language, but it is not a replacement for the raw performance and control offered by C and C++. Python’s reliance on bindings to interface with C/C++ libraries introduces overhead and complexity. While these bindings serve as useful bridges, they do not substitute the core capabilities and efficiency of native code.

C and C++ offer unparalleled speed, memory efficiency, and hardware-level control, essential for performance-critical applications such as embedded systems, operating systems, and high-performance game engines. Python, while excellent for scripting, automation, and data analysis, cannot match the deterministic performance and low-level access required in these domains. Additionally, Python’s Global Interpreter Lock (GIL) limits true multithreading capabilities, which can be a bottleneck in concurrent or parallel processing scenariosareas where C/C++ excel.

Ultimately, successful software development requires choosing the right tool for the task. While Python is invaluable for rapid development and prototyping, C and C++ remain foundational for building robust, efficient, and scalable systems. Developers who invest in mastering these languages position themselves well for a broad range of challenging and rewarding opportunities.

Thanks for spending time on TL;DR blog. We gonna keep increasing TLDR buffer limit together ;)

🚀 Big News – Meet everyutil! 🎉

["Ilker":{...}] — Mon, 30 Jun 2025 13:23:42 +0000

Say goodbye to juggling multiple utility packages.

Today, I’m excited to introduce everyutil – a powerful, all-in-one JavaScript utility package built to do everything other utility libraries can... and more!

I'm actively developing and adding new functions day by day to make everyutil the biggest and most complete utility package out there.

**👉 Check it out: github.com/dailker/everyutil

If you find it helpful, please ⭐️ star the repo and share your feedback — it means a lot and helps shape the future of the project.**

Let’s build something great together!

🔧 Why everyutil?

✨ All-in-One: Combines the best features from popular utility packages

🤝 Universal Compatibility: Works seamlessly with all major JS frameworks and linter setups

🔗 Easy to Install: Just run npm install everyutil and you’re ready to go

And this is just the beginning.