Hey, it's HighScalability time!

Awesome explanation of how to build a PID controller to fly a rocket! (BPS.space via Orbital Index)



Number Stuff:

667%: spike in malicious phishing emails exploiting concerns over COVID-19 since the end of February

1,500,000,000,000,000,000: Folding@Home Reaches Exascale Operations Per Second for COVID-19.

88: (44%) of the 200 cities we analyzed have experienced some degree of network degradation over the past week compared to the 10 weeks prior. However, only 27 (13.5%) cities are experiencing dips of 20% below range or greater.

90%: of all ZipRecruiter-advertised jobs that required advanced-A.I. skills are in California, Washington, New York and Massachusetts.

1 exabyte: customer data stored by Backblaze.

44 million: use Microsoft teams. It grew by 12 million users in one week. Slack has 12 million users. Slack added 7k customers in 7 weeks.

70%: ride reduction at Uber.

$5.7 billion: invested in space startups in 2019. 63% increase over the $3.5 billion invested in 2018.

$483 million: Samsung Electronics's AWS spend. And they own Joyent.

1 billion: eBay HDFS file system objects.

7%: COVID related reduction in Overcast usage on weekdays. 18% on weekends.

20 million: record number of active users playing games on Stream.

6,100: mean the number of reported open-source vulnerabilities, up from 4,100 last year.

-455: temperature in space (degrees Fahrenheit).

Quotable Stuff:

@dabit3: In light of the Coronavirus outbreak, many companies are moving away from REST and GraphQL and back to SOAP

@benthompson: The tech industry warned about the impact of the coronavirus in January, closed its offices in WA and CA in early March (to great effect), and has enabled millions to work from home with basically zero hiccups.

@bencurthoys: Hey @AWS, any plans to let people cancel reserved instances in the current pandemic crisis? No one can use my services, but I'm still paying you full whack for them whether I shut the servers down or not.

Google: Affected customers may experience elevated error rates that surface across multiple Google Cloud Platform services. Currently known products that are impacted are: Dataflow, BigQuery, DialogFlow, Kubernetes Engine, Cloud Firestore, App Engine, Cloud Functions, Cloud Monitoring, Cloud MemoryStore, Cloud Spanner, Cloud Storage, Cloud Composer, Cloud Dataproc, Cloud KMS, Cloud Container Registry, Compute Engine, Cloud IAM, Cloud SQL, Firebase Storage, Cloud Healthcare API, Cloud AI, Firebase Machine Learning, Data Catalog and Cloud Console.

Verizon CEO: Web traffic spiked 20% in one week amid coronavirus shutdown

Corey Quinn~ In the world of cloud you aren't billed for what you use, but rather what you forget to turn off.

@benedictevans: Mobile traffic down slightly [in the UK] (people are using WiFi at home) and UK roaming traffic is down 55% in the last 5 days.

@benedictevans: MTN (250m mobile users, mostly in Sub-Saharan Africa) ~50% smartphone penetration (entry price is now $20) But only ~40% of the base are active data users. Average data use is 2.8 gig/month, growing 46% Y-on-Y

@AmyZenunim: i'm programming in Go now it feels like they've mashed the worst parts of C and Javascript syntax together, with the package dependency hell of early-2010s Ruby, and the elitist community of early-2000s Linux fanboys. oh, and Google owns it

Mendel Rosenblum: a colleague, Balaji Prabhakar, and I have been working on a new clock sync algorithm that can synchronize clocks down into the single-digit nanoseconds

tptacek: As a threshold concern, a 2020 web security class needs to be teaching about SSRF, the most important current web bug class. OAuth flows would be another thing I'd hope to see covered.

@QuinnyPig: An all-upfront reserved instance for a db.r5.24xlarge Enterprise Multi-AZ Microsoft SQL server in Bahrain is $3,118,367. I challenge you to find a more expensive single @awscloud API call.

ZEYNEP TUFEKCI: The phrase flatten the curve is an example of systems thinking. It calls for isolation and distancing not because one is necessarily at great risk from COVID-19, but because we need to not overwhelm hospitals with infections in the aggregate. Also, R0 is not a fixed number: If we isolate ourselves, infectiousness decreases. If we keep traveling and congregating, it increases. Flattening the curve is a system’s response to try to avoid a cascading failure, by decreasing R0 as well as the case-fatality rate by understanding how systems work.

blowski: In my experience, many websites are an extension of their CEO's ego. They don't have the money to build a website that is both unique and usable, but there's no way they want to look everyone else - so they drop the requirement to be usable.

@houlihan_rick: Avoid slow transactions in Lambda by setting @DynamoDB connect timeout to 100ms. Default is 60 secs, and Lambda functions can hang for awhile waiting if a connection request gets dropped en route to the table. I have seen this twice lately, dropping connect timeout fixed both.

@cliff_click: Actually, GC CAN be slower than malloc. In high churn rate apps, malloc can be recycling memory in-cache whereas GC typically burns thru a generation before repeating addresses... all out of cache. I can totally show ~5x speedups on streaming java using object pools vs GC. :-(

mgraczyk: No, having worked on explore sourcing and ranking I can tell you with certainty Instagram does not do the same thing [suppress ugly people].

@rafalwilinski: Short story why #GraphQL is not always a great choice for Single-Table Design in @dynamodb - you can't really predict all access patterns. Our devs started requesting _everything_ on login with 7 or even 8 levels of nesting.

Alan Kay: The Internet was done so well that most people think of it as a natural resource like the Pacific Ocean, rather than something that was man-made. When was the last time a technology with a scale like that was so error-free? The Web, in comparison, is a joke. The Web was done by amateurs.

Memory Guy: What this leads us to is an expectation that 2020 will be a down year in the chip market, yet this is something that Objective Analysis was already predicting based on excessive capital spending in 2018. The anticipated CapEx-driven oversupply will be accompanied by a demand downturn that will cause more immediate damage to semiconductor revenues. This situation will not last. Since demand is likely to rise back to the trend line, then the future shortage that we have already been predicting is likely to happen on time, driven by insufficient capital spending. The net impact of COVID-19 will be to cause an earlier downturn in 2020 than would have otherwise occurred, but the impact is unlikely to go beyond that.

f_fat: I’ve reimplemented a JSONEncoder and JSONDecoder in pure Swift. That means no third party libraries, no use of Foundation. The encoding/decoding is about 1.5-2x faster on macOS and 8-10x faster on Linux.

antoineMoPa: There is another [open source] model: - Write some software and share it in 1970 - Now everyone is using it without knowing i

Arthur Holland Michel: ARGUS had 1,854,296,064 pixels, enough imaging power to spot an object six inches wide from an altitude of 25,000 feet in a frame twice the width of Manhattan. It generated 27.8 gigabytes of raw pixel data, enough to fill six DVDs, every second. Downloading the raw data in real time would require an internet connection 16,000 times faster than the fastest wireless internet service available in the United States in 2017. Just processing all the pixels put the Xbox-styled computer’s 33,000 processing elements through 70 trillion operations each second.

@ZLevyMD: We are now a monolith. We started with a medical ICU, surgical ICU, cardiac ICU, neurosurgical ICU, and a cardiothoracic ICU, plus a dozen mixed specialty floors. Every floor and unit is becoming a COVID unit. There is no more specialization — we’re all treating one thing.

@mipsytipsy: I am convinced there are many, many (most?) software companies out there with 2x, 3x, 4x+ the headcount they really need to build and support their core product. But they never understood their breaky, flaky systems, so they had to plaster over the problems with people.

@bodil: There is no emotion, there is peace. There is no passion, there is serenity. There is no ping, there is panic. There is no response from the DHCP server, there is despair.

Wisen Tanasa: Lock-in cost = Migration cost - Opportunity Gain

@mjasay: love @timbray's comment: "In AWS engineering, we develop stuff and we operate stuff. I think the second is more important" (But even if not *more* important, it's at least equally important)

Lock Picking Lawyer~ I see this paradigm so often. It seems like every lock maker met up 20 years ago and came up with this terrible design and agreed that would be the industry standard.

nikhilsimha: Used to work at fb in an infra team. Their abstraction for job scheduling (Tupperware) is about 5 years behind - something like Borg or EC2/EMR. Something like that is a fundamental reason why fb can’t do cloud as it is right now. Plus, the infra teams do operate like product - impact at all costs. Which to most management translates to short-term impact over technical quality. It would be a true 180 in terms of eng culture if they could pull off a cloud platform. An example is how they bought Parse and killed it, while firebase at google is doing extremely well. Having said all that, I think focusing on impact over technical quality is probably the right business decision for what they were trying to do at the time - drive engagement and revenue.

SABINE HOSSENFELDER: The core idea of Superdeterminism is that everything in the universe is related to everything else because the laws of nature prohibit certain configurations of particles (or make them so unlikely that for all practical purposes they never occur). If you had an empty universe and placed one particle in it, then you could not place the other ones arbitrarily. They’d have to obey certain relations to the first. This universal relatedness means in particular that if you want to measure the properties of a quantum particle, then this particle was never independent of the measurement apparatus. This is not because there is any interaction happening between the apparatus and the particle. The dependence between both is simply a property of nature that, however, goes unnoticed if one deals only with large devices. If this was so, quantum measurements had definite outcomes—hence solving the measurement problem—while still giving rise to violations of Bell’s bound. Suddenly it all makes sense!

Mikael Ronstrom: Using numbers produced already with MySQL Cluster 7.6.10 we have shown that NDB Cluster is the world's fastest Key-Value store using the Yahoo Cloud Serving Benchmark (YCSB) Workload A. We reached 1.4M operations using 2 Data Nodes and 2.8M operations using a 4 Data Node setup. All this using a standard JDBC driver.

Marc Andreessen: SpaceX and Tesla were not lean startups. They were very big, ambitious. They raised a lot of money. The big question, the question I’m noodling around, is what about the efforts where you have to say, “This thing is going to take $300 million?” It just is. There’s no shortcut and there’s no minimum viable product. It is going to take $300 million, and that $300 million has to be reserved ahead of time.

Geoff Huston: The situation points to the uncomfortable conclusion that as far as the security of the Internet is concerned, we are placing undue reliance on a security framework that at best offers same week service in a nanosecond world

FireEye: Beginning this year, FireEye observed Chinese actor APT41 carry out one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years. Between January 20 and March 11, FireEye observed APT41 attempt to exploit vulnerabilities in Citrix NetScaler/ADC, Cisco routers, and Zoho ManageEngine Desktop Central at over 75 FireEye customers. Countries we’ve seen targeted include Australia, Canada, Denmark, Finland, France, India, Italy, Japan, Malaysia, Mexico, Philippines, Poland, Qatar, Saudi Arabia, Singapore, Sweden, Switzerland, UAE, UK and USA. The following industries were targeted: Banking/Finance, Construction, Defense Industrial Base, Government, Healthcare, High Technology, Higher Education, Legal, Manufacturing, Media, Non-profit, Oil & Gas, Petrochemical, Pharmaceutical, Real Estate, Telecommunications, Transportation, Travel, and Utility.

Stanislas Dehaene: Most of the computation in the brain is unconscious. Whether it is face recognition or word recognition or understanding the meaining of a sentence, this is something whose end result is conscious but the process is not. Learning is the construction of a mental model.

ridiculous_fish: Xoogler here, circa 2015. My reaction is that this is a very google3 (i.e. web services) centered book. But Google contains multitudes and it feels wrong to ignore them. For example the book has a section called "How Code Review Works At Google." And it goes on to describe strictly the google3 process. But Chrome, ChromeOS, GoogleX, others have different processes. If Google has a proven model, why do so many of its projects deviate from it? During my time there, the Android team was recruiting internally, advertising "come work on Android, we don't require Readability." It was seen as an internal competitive advantage to reject these processes! What does that say about how they are perceived internally? I speculate that Android and Chrome and others have distinct processes for a good reason, and that the book is unknowingly slanted towards web-service style engineering.

Sacha Altay: Mercier and Sperber say that reason is a tool that evolved to solve particular problems related to communication, like evaluating information provided by others, convincing family or tribe members with arguments, and justifying one’s behavior to protect and improve one’s reputation in a complex social world. Their theory makes novel and testable hypotheses, like that reason works best when people argue with each other rather than reason alone, and that we evaluate arguments more objectively than we make them.

Stathis Maneas: When choosing among drive types/models, our results indicate that from a reliability point of view, flash type (i.e., eMLC versus 3D-TLC) seems to play a smaller role than lithography (i.e., 1xnm versus 2xnm eMLC) or capacity

Steven Swanson: Memory systems are on the verge of a renaissance: Scalable, persistent main memories (e.g., Intel’s 3DXPoint) are the first new technology to enter the upper layers of the memory hierarchy in 50 years. They bring a fundamentally new capability (i.e., persistence), a dramatic increase in capacity, and an array of complications (e.g., asymmetric read and write performance, power limitations, and wear out). This combination of characteristics raises a deceptively simple but fundamental question: What should we do with persistent main memory

Useful Stuff:

Soft Stuff:

microsoft/coyote (article): a programming framework for building reliable asynchronous software. Coyote ensures design and code remain in sync, dramatically simplifying the addition of new features. Coyote comes with with a systematic testing engine that allows finding and deterministically reproducing hard-to-find safety and liveness bugs. Coyote is used by several teams in Azure to design, implement and systematically test production distributed systems and services.



googleforgames/agones (article): a library for hosting, running and scaling dedicated game servers on Kubernetes.



google/oss-fuzz: continuous fuzzing of open source software.

Pub Suff: