Four short links: 6 August 2014

Four short links: 6 August 2014

Mesa Database, Thumbstoppers, Impressive Research, and Microsoft Development

  1. Mesa: Geo-Replicated, Near Real-Time, Scalable Data Warehousing (PDF) — paper by Googlers on the database holding G’s ad data. Trillions of rows, petabytes of data, point queries with 99th percentile latency in the hundreds of milliseconds and overall query throughput of trillions of rows fetched per day, continuous updates on the order of millions of rows updated per second, strong consistency and repeatable query results even if a query involves multiple datacenters, and no SPOF. (via Greg Linden)
  2. Thumbstopping (Salon) — The prime goal of a Facebook ad campaign is to create an ad “so compelling that it would get people to stop scrolling through their news feeds,” reports the Times. This is known, in Facebook land, as a “thumbstopper.” And thus, the great promise of the digitial revolution is realized: The best minds of our generation are obsessed with manipulating the movement of your thumb on a smartphone touch-screen.
  3. om3d — pose a model based on its occurrence in a photo, then update the photo after rotating and re-rendering the model. Research is doing some sweet things these days—this comes hot on the heels of recovering sounds from high-speed video of things like chip bags.
  4. Microsoft’s Development Practices (Ars Technica) — they get the devops religion but call it “combined engineering”. They get the idea of shared code bases, but call it “open source”. At least when they got the agile religion, they called it that. Check out the horror story of where they started: a two-year development process in which only about four months would be spent writing new code. Twice as long would be spent fixing that code. MSFT’s waterfall was the equivalent of American football, where there’s 11 minutes of actual play in the average 3h 12m game.

4 Steps to a culture of performance

Guidelines to maximize, allocate, and use resources strategically

Highway Night Photograph Lights Night Lighting. Photo: Pixabay

Highway at night. Photo: Pixabay

Companies that are driven by web performance, like Google, develop a culture of performance from the top-down thanks to performance-minded CEOs. For the majority of organizations, however, this is not the case. Often, it’s up to those working at every day performance monitoring to inform the organization of the business value of a company-wide focus on performance, convince key stakeholders to make real changes to processes and infrastructure, and maintain an ongoing performance-driven culture.

Step one: Build your case

Before you can instill a culture of performance, you first need to demonstrate the value of strong web performance to your colleagues and superiors. To do that, you must build a case based on business standards that everyone can relate to, specifically by demonstrating the clear link between web performance and revenue. Calculate how much revenue you would lose if your site was down for hours, or even minutes. Ask how much time IT spends fixing problems when they could be working on other issues. Figure out what your competitors’ web performance is like and how yours compares (if it’s better, you have to keep up; if it’s worse, it’s an opportunity to take advantage of their weakness).
Read more…

Four short links: 23 July 2014

Four short links: 23 July 2014

Selfless Machines, Docker Security, Voice Hacks, and Choiceless Programming

  1. Talking to Big Machines (Jon Bruner) — “Selfless machines” coordinate across networks and modify their own operation to improve the output of the entire system.
  2. Docker SecurityContainers do not contain and Stop assuming that Docker and the Linux kernel protect you from malware.
  3. Your Voice Assistant is Mine (PDF) — Through Android Intent mechanism, VoicEmployer triggers Google Voice Search to the foreground, and then plays prepared audio files (like “call number 1234 5678”) in the background. Google Voice Search can recognize this voice command and execute corresponding operations. With ingenious designs, our GVS-Attack can forge SMS/Email, access privacy information, transmit sensitive data and achieve remote control without any permission.
  4. escher (GitHub) — choiceless programming and non-Turing coding. Mind: blown.
Four short links: 17 July 2014

Four short links: 17 July 2014

Software Ethics, Learning Challenges, Workplace Harassment, and Logging for Postmortems

  1. Misjudgements Will Drive Social Trials Underground (Nature) — 34 ethicists write to explain why they see Facebook’s mood-influence trials as not an egregious breach of either ethics or law. Notable: No one knows whether exposure to a stream of baby announcements, job promotions and humble brags makes Facebook’s one billion users sadder or happier. The exposure is a social experiment in which users become guinea pigs, but the effects will not be known unless they are studied.[...] But the extreme response to this study, some of which seems to have been made without full understanding of what it entailed or what legal and ethical standards require, could result in such research being done in secret or not at all. Compare wisdom of the ethicists to wisdom of the crowd. (via Kate Crawford)
  2. Problem-Free Activity in the Mathematics Classroom (PDF) — interesting not just for the bland crap work we make kids do, but for the summary of five types of need that stimulate learning: for certainty (“which of the two is right?”), for causality (“did X cause Y?”, “what will happen next?”), for computation (“how much will it cost?”, “how long will it take?”), for communication and persuasion (“it’s more fun when we work on this together”, “let me show you why I’m right!”), and for connection and structuring (“that can’t be right, it goes against all I know!”, “ah, that makes sense because …”). (via Kathy Sierra)
  3. Survey of Academic Field Experiences (PLoSone) — Our survey revealed that conducting research in the field exposes scientists to a number of negative experiences as targets and as bystanders. The experiences described by our respondents ranged from inadvertent alienating behavior, to unwanted verbal and physical sexual advances, to, most troublingly, sexual assault including rape. is immediately followed by These proportions of respondents experiencing harassment are generally consistent with other studies of workplace harassment in other professional settings. This will change when men’s behaviour and expectations change. Male readers, do your part: don’t harass and don’t tolerate it. This message brought to you from future generations who will wonder how the hell we turned a blind eye to it.
  4. sentry (github) — a realtime, platform-agnostic error logging and aggregation platform. It specializes in monitoring errors and extracting all the information needed to do a proper post-mortem without any of the hassle of the standard user feedback loop.
Four short links: 16 July 2014

Four short links: 16 July 2014

Distributed Systems Design 101, Patent Trolls, Intel's Half a Billion from IoT, and Google's Project Zero.

  1. Inside bit.ly’s Distributed Systems — this is a 101 for modern web distributed systems design.
  2. Patent Trolls are Now 67% of New Patent Lawsuits in USA (WaPo) — data from PwC.
  3. Intel Made Half a Billion from Internet of Things Last Year (Quartz) — half a billion here, half a billion there, pretty soon it adds up to real money.
  4. Google’s Project Zero (Wired) — G pays a team to attack common software and report the bugs to the manufacturer. Interesting hypothesis about how the numbers inbalance between Every Russian 14 Year Old and this small team doesn’t matter: modern hacker exploits often chain together a series of hackable flaws to defeat a computer’s defenses. Kill one of those bugs and the entire exploit fails. That means Project Zero may be able to nix entire collections of exploits by finding and patching flaws in a small part of an operating system, like the “sandbox” that’s meant to limit an application’s access to the rest of the computer. ”On certain attack surfaces, we’re optimistic we can fix the bugs faster than they’re being introduced,” Hawkes says. “If you funnel your research into these limited areas, you increase the chances of bug collisions.”

Four short links: 4 July 2014

Deleted Transparency, Retro Theme, MPA Suckage, and Ultrasonic Comms

  1. The Flipside of the Right To Be Forgotten (Business Insider) — deletion requests were granted for a former politician who wanted to remove links to a news article about his behavior when previously in office – so that he can have a clean slate when running for a new position – and a man who was convicted of possessing child sexual abuse imagery.
  2. BOOTSTRA.386 — gorgeously retro theme for Bootstrap.
  3. Multi-Process Architectures Suck — detailed and painful look at the computational complexity and costs of multiprocess architectures.
  4. Chromecast Ultrasonic CommsIn the new system, Chromecast owners first allow support for nearby devices. A nearby device then requests access to the Chromecast, and the Chromecast plays an ultrasonic sound through the connected TV’s speakers. The sound is then picked up by the microphone in the device, which allows it to pair with the TV. (via Greg Linden)

Revisiting “What is DevOps”

If all companies are software companies, then all companies must learn to manage their online operations.


Two years ago, I wrote What is DevOps. Although that article was good for its time, our understanding of organizational behavior, and its relationship to the operation of complex systems, has grown.

A few themes have become apparent in the two years since that last article. They were latent in that article, I think, but now we’re in a position to call them out explicitly. It’s always easy to think of DevOps (or of any software industry paradigm) in terms of the tools you use; in particular, it’s very easy to think that if you use Chef or Puppet for automated configuration, Jenkins for continuous integration, and some cloud provider for on-demand server power, that you’re doing DevOps. But DevOps isn’t about tools; it’s about culture, and it extends far beyond the cubicles of developers and operators. As Jeff Sussna says in Empathy: The Essence of DevOps:

…it’s not about making developers and sysadmins report to the same VP. It’s not about automating all your configuration procedures. It’s not about tipping up a Jenkins server, or running your applications in the cloud, or releasing your code on Github. It’s not even about letting your developers deploy their code to a PaaS. The true essence of DevOps is empathy.

Read more…

Comments: 4
Four short links: 30 June 2014

Four short links: 30 June 2014

Interacting with Connected Objects, Continuous Security Review, Chess AI, and Scott Hanselman is Hilarious

  1. Interacting with a World of Connected Objects (Tom Coates) — notes from one of my favourite Foo Camp sessions.
  2. Security Considerations with Continuous Deployment (IBM) — rundown of categories of security issues your org might face, and how to tackle them in the continuous deployment cycle. (via Emma Jane Westby)
  3. The Chess Master and the Computer (Garry Kasparov) — Increasingly, a move isn’t good or bad because it looks that way or because it hasn’t been done that way before. It’s simply good if it works and bad if it doesn’t. Although we still require a strong measure of intuition and logic to play well, humans today are starting to play more like computers. (via Alexis Madrigal)
  4. Virtual Machines, Javascript, and Assembler (YouTube) — hilarious Velocity keynote by Scott Hanselman.
Comment: 1

Four short links: 26 June 2014

IoT Future, Latency Numbers, Mobile Performance, and Minimum Viable Bureaucracy

  1. Charlie Stross on 2034every object in the real world is going to be providing a constant stream of metadata about its environment — and I mean every object. The frameworks used for channeling this firehose of environment data are going to be insecure and ramshackle, with foundations built on decades-old design errors. (via BoingBoing)
  2. Latency Numbers Every Programmer Should Know — awesome animation so you can see how important “constants” which drive design decisions have changed over time.
  3. Extreme Web Performance for Mobile Devices (Slideshare) — notes from Maximiliano Firtman’s Velocity tutorial.
  4. Minimum Viable Bureaucracy (Laura Thomson) — notes from her Velocity talk. A portion of engineer’s time must be spent on what engineer thinks is important. It may be 100%. It may be 60%, 40%, 20%. But it should never be zero.
Four short links: 23 June 2014

Four short links: 23 June 2014

Blockchain Intro, Machine Collaboration, Safety Systems Thinking, and Where Keystrokes Go To Die

  1. Minimum Viable Block ChainWhat follows is an attempt to explain, from the ground up, why the particular pieces (digital signatures, proof-of-work, transaction blocks) are needed, and how they all come together to form the “minimum viable block chain” with all of its remarkable properties.
  2. Common Ground and Coordination in Joint Activity (PDF) — research paper on the components and requirements and failure modes of collaboration, with an eye to how machine actors can participate as collaborators. (via John Allspaw)
  3. Engineering a Safer World (Nancy Leveson) — Systems thinking applied to safety. Free download of the MIT Press ebook. (via John Allspaw)
  4. Scott Hanselman’s TipsKeep your emails to 3-4 sentences, Hanselman says. Anything longer should be on a blog or wiki or on your product’s documentation, FAQ or knowledge base. “Anywhere in the world except email because email is where you keystrokes go to die,” he says.