For various reasons I need to better understand the gory details of how modern hardware actually works, especially NUMA systems. My first stop on my tour of modern hardware is memory, specifically all the gory details of DDR3 memory (I’ll start worrying about DDR4 when I can buy it).
Continue reading My computer memory cheat sheet Category: Tech
Everything about technology but product reviews
Losing exceptions in C#, there has to be a better way!
A nasty problem I've been tangling with for a while now is that C# likes to eat exceptions. If one is already in an exception context and another exception gets thrown then the first exception, by default, is just lost. I explore below some ways to deal with this and honestly they all suck. Does anyone have a better idea?
Continue reading Losing exceptions in C#, there has to be a better way! State diagrams for Paxos made simple
I was reading through Paxos made simple and I really wished there were state diagrams to help explicate the protocol. So I wrote them up and share them below. Please keep in mind that the diagrams just explore naive Paxos, that is single value, no distinguished proposer or distinguished learner. So this version of Paxos is pretty useless in practice but it completely captures the core mechanisms that make Paxos work (with the exception of how to pick a distinguished learner). Please note that this article is intended to be used by someone going through Paxos made simple. It is an adjunct, not a replacement.
Continue reading State diagrams for Paxos made simple Wrapped or Native Paxos?
So let's say I want to build a nice highly consistent multi-data center store, something like Megastore. Most everyone at this point has something like Bigtable already deployed in their data centers. What they typically don't have is a way to keep different instances of their table stores guaranteed consistent with each other across DCs. Megastore steps in to address this issue. But this begs a fundamental question - what's better, to wrap a Paxos coordinator on top of existing table stores or to build a new Paxos native storage service?
Continue reading Wrapped or Native Paxos? Average, percentiles and measuring service performance
Measuring the performance of services is tricky. There is an almost irresistible desire to measure average performance. But measuring service performance using averages is pretty much guaranteed to provide misleading results. The best way (I know of anyway) to get accurate performance results when measuring service performance is to measure percentiles, not averages. So Do Not use averages or standard deviations, Do use percentiles. See below for the details.
Continue reading Average, percentiles and measuring service performance Distributed Storage Reading List
My technical wanderings of late at Microsoft have taken me into the realm of massively distributed storage. Of course, I've been here before but this time I need to bring some other folks along. So I was asked to put together suggested readings to help people come up to speed. I thought the list might be of general interest so I'm posting it here.
What do you think? Is this a good list? A bad one? What would you suggest?
Continue reading Distributed Storage Reading ListSharing sparse disk image bundles across OS X machines
Normally using my Mac is a simple joy. But recently I created a sparse disk image bundle on my main OS X box and wanted to share it with other OS X boxes. This is quite possible but requires some very arcane commands to make work. I explore those commands below.
Continue reading Sharing sparse disk image bundles across OS X machinesUser IDs – managing the mark of Cain
Facebook's latest privacy debacle was driven by their failure to properly manage user IDs. This is not a new problem area and as the EFF points out, Facebook has done this before. So while I don't know if Facebook will be interested in this post, those who care about protecting their user's privacy in an age of data sharing may want to have a look at the threats and defenses needed to share user IDs across sites. Securing user IDs isn't easy.
[Update 10/22/2010: Changed the title and intro and added three new sections at the end.]
Continue reading User IDs – managing the mark of CainOAuth 2.0 Bearer tokens – unsafe at any speed?
Eran's latest article raises a number of specific security threats by way of arguing that bearer tokens are irredeemably insecure. In this article I examine the attacks Eran calls out and demonstrate that they are already addressed by OAuth 2.0. Eran's article does bring up the interesting question of - do we need defense in depth for the tamper resistance and confidentiality provided by SSL/TLS?
Continue reading OAuth 2.0 Bearer tokens – unsafe at any speed?Bearer Tokens, Discovery and OAuth 2.0
Part of my day job is working on adding discovery to OAuth 2.0. This article provides a summary of some of that work. So I was more than a little concerned when I saw a blog article from Eran Hammer-Lahav, the editor of OAuth 2.0, asserting that OAuth 2.0 couldn't support secure discovery. Very worried that something was terribly wrong I carefully read Eran's article. I summarize below what I believe his concerns are and explain how I believe those concerns would be addressed by extensions to OAuth 2.0 to support discovery. I also explain how Eran's article helped me find a flaw in my own proposal and how I propose fixing that flaw.
Continue reading Bearer Tokens, Discovery and OAuth 2.0