Systems Management News has up an interview with Ron Gorodetzky, enterprise architect for Digg. It’s an interesting look at the challenges Digg faced scaling to meet it success (over 26 million unique visitors a month). They’re using a LAMP stack (Linux, Apache, MySQL, PHP), with MogileFS as their backend distributed file system. To help manage their infrastructure, Digg uses Puppet.

Ron highlights a commom problem all architects face when they try to scale their software: the database.

“The first pain point we hit was just database stuff. The first thing you’ll notice is when you start to grow these queries, the database can’t commit as much time to committing a certain query as it used to,” said Gorodetzky. “You’ll find the normal things that work, suddenly don’t. You’ll find that, one day, you’ll see a spike in your graphs telling you that something’s going slower. Once you do that, you get to the point where the database part is as fast as it can be, you cache things.

You can read the full article HERE.

A group of researchers from Indiana University, Harvard Medical School, et. al have completed the first map of the outer layer of the brain. While this is cool research, I think people tend to extrapolate this stuff out too far… more on that later. Here’s a quote I found interesting:

“This is one of the first steps necessary for building large-scale computational models of the human brain to help us understand processes that are difficult to observe, such as disease states and recovery processes to injuries…” [emphasis mine]

As an engineer, I’m more interested in modeling the brain for artifical intelligence reasons (call me narrow and selfish if you want). To be clear, I don’t believe that simply cloning the brain will create a living conciousness… I’m more interested in augmenting our existing reasoning power (controversial, I know).

I tend to question the comments made by one of the researchers (maybe I’m reading too much into it):

“We can measure a significant correlation between brain anatomy and brain dynamics. This means that if we know how the brain is connected we can predict what the brain will do.”

Maybe on some generic scale, but I consider us more than just a biological computer. I’ll lay out why I believe this using inductive logic. First, I believe people are fully responsible for their own actions (using the Bible as my base). To be responsible, a person has to be able to make a choice about what actions they will take (free-will vs determinism). Now, assume we are just a biological computer, with predictable, deterministic actions. If this is true, then our behavior is dictated by our biology and we only appear to have free-will. Without free-will, we are not responsible for our actions. Thus, this can’t be true.

Okay, now some would argue that we are a biological computer but with some non-deterministic properties. If this is the case, we still have no responsibility for our actions because they are simply slaves to these random fluctuations. Thus, I hold firm to my belief that we have a soul that transends the physical.

You can read the full results of the study HERE. Or as a PDF.

Okay, I love stories like this: someone’s found a loophole in the AT&T/iPhone marketing schemes. Apparently, the cheapest way to get an unlocked iPhone is to sign up for a 2 year contract with AT&T, get a subsidized iPhone for $199, and then cancel the contract and pay the early termination fee. Again, this only applies if you want an UNLOCKED iPhone… if you’re okay with AT&T, just keep the subsidized plan. You can read the full article at Gizmodo HERE.

Here’s the math from the Gizmodo article:

$299 - 16GB iPhone w/contract
$36 - Activation
$175 - Early Termination Fee
$70 - One month of service

Total Price Using The Shady Method: $580

So…

8GB iPhone Canceled: $480
16GB iPhone Canceled: $580
8GB iPhone Unlocked from AT&T: $599
16GB iPhone Unlocked from AT&T: $699

Are we missing something?

Okay, so I’m on this research kick to investigate the infrastructure solutions of some of largest distributed systems in the world. Given that most of those are internet companies… well, that should explain the trend in my posts (more to come).

Baseline has a good article (albeit a little dated… 2006) describing Google’s server infrastructure and some of the history behind it. Google really pioneered the use of COTS (Commodity Off-The-Shelf) hardware to reduce cost; an idea that works great in some situations. They’re up to around 450,000 servers worldwide now… quite impressive. Click HERE to read the full article.

Here’s an except I found interesting regarding their infrastructure history:

Google and its information-technology infrastructure had humble beginnings… when the server infrastructure consisted of a jumble of PCs scavenged from around campus.

“But this is the start of the story,” he adds, part of an approach that says “don’t necessarily do it the way everyone else did. Just find some way of doing it cheap and effectively—so we can learn.”

By 1999, the Google.com search engine was running in professionally managed Internet data centers run by companies like Exodus. But the equipment Google was parking there was, if anything, more unconventional, based on hand-built racks with corkboard trays…

His team assembled racks of bare motherboards, mounted four to a shelf on corkboard, with cheap no-name hard drives purchased at Fry’s Electronics. These were packed close together (like “blade servers before there were blade servers,” Merrill says). The individual servers on these racks exchanged and replicated data over a snarl of Ethernet cables plugged into Hewlett-Packard network switches.

… corkboard, huh… not a good idea:

Later Google data centers tidied up the cabling, and corkboard (which turned out to pose a fire hazard) vanished from the server racks.

Read the rest…

Okay, I’m always interested to know how things work… especially when there is a correllation to what I’m working on (large distributed systems). Data Center Knowledge has a summary of Wikipedia’s back-end infrastructure and links to more in-depth presentations. Take the plunge if you’re nerdy enough…

Click HERE to read the article.

Click HERE (PDF) for the in-depth details.

I thought this was pretty cool: There’s a group of amateur observers around the world that have made a hobby out of finding and tracking US spy satellites. They have a site called Heavens-Above where they post their data and provide tools for calculating when a given satellite will be visible in your area. Wired has a great article about this group and what the government has been doing to try and ‘hide’ the satellites from them… it’s harder than you might think.

The article starts off with this interesting anecdotal story:

Sometime around dawn on the first day of the 1991 Gulf War, Ted Molczan was woken by a mysterious phone call. Molczan had been up until 3:30 am in his Toronto apartment, riveted by the televised images of Tomahawk missiles raining down on Baghdad, so he was groggy when the phone rang. A male voice with a thick accent said: “I know you’re involved in satellite tracking. I’m interested in doing a trade.” The caller offered Molczan information on the orbiting patterns of a constellation of eight US satellites. In exchange, he wanted to know the orbits for the CIA’s KH-11 “Keyhole” satellites - from space they can discern an object as small as a softball, and they were sending US forces hi-res digital imagery of Iraq and Kuwait.

You can read the full article HERE.

Nicholas Carr’s article “Is Google Making Us Stupid?” has some good insights (though I think his fears are unfounded). He discusses how new technologies don’t only change the way we work, but also the way we think. He worries that the Internet is causing us to think less, as we now rely on the instant access to information. This is the same argument people made years ago about the use of calculators… they signaled the demise of mathematical education as we know it. That turned out not to be the case, because the benefits far outweighed the drawbacks. The same thing is true about the Internet… yes, we don’t have to retain as much information in our heads, but it allows us to broaden our knowledge far beyond anything that was possible before. Mike Masnick at TechDirt expands on this a little.

Here are some excerpts from “Is Google Making Us Stupid?“… the full article is still worth the read:

The process of adapting to new intellectual technologies is reflected in the changing metaphors we use to explain ourselves to ourselves. When the mechanical clock arrived, people began thinking of their brains as operating “like clockwork.” Today, in the age of software, we have come to think of them as operating “like computers.” But the changes, neuroscience tells us, go much deeper than metaphor. Thanks to our brain’s plasticity, the adaptation occurs also at a biological level.

When the Net absorbs a medium, that medium is re-created in the Net’s image. It injects the medium’s content with hyperlinks, blinking ads, and other digital gewgaws, and it surrounds the content with the content of all the other media it has absorbed.

The Net’s influence doesn’t end at the edges of a computer screen, either. As people’s minds become attuned to the crazy quilt of Internet media, traditional media have to adapt to the audience’s new expectations. Television programs add text crawls and pop-up ads, and magazines and newspapers shorten their articles, introduce capsule summaries, and crowd their pages with easy-to-browse info-snippets.

There was an interesting article this last Friday at the New Scientist about how the contents of encrypted VOIP conversations could still be deduced via traffic analysis. The short version is that many spoken words have a signature to them even when they are encrypted. This signature is related to the size of the data packets used to represent the sound data. Many phonemes in a word have a distinct encoded data size… by analyzing the packet sizes you can deduce the phonemes and thus the spoken word.

This got me thinking I should write about the complex problem of securing a video stream. There are many aspects to securing a video stream: integrity, authenticity, and privacy being the most important. I’m not going to spend time talking about integrity and authenticity, because those are somewhat simpler problems to solve (integritiy = digital signatures, authenticity = digital certificates). The main focus of this post is about privacy; keeping an eavesdropper from deducing the contents of a video stream.

Read the rest…

There’s a good article up on Microsoft TechNet about truths in computer security that never change. I’ve only listed the laws here, but the actual article has a good explanation of each one.

Law #1: If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore.

Law #2: If a bad guy can alter the operating system on your computer, it’s not your computer anymore.

Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore.

Law #4: If you allow a bad guy to upload programs to your website, it’s not your website any more.

Law #5: Weak passwords trump strong security.

Law #6: A computer is only as secure as the administrator is trustworthy.

Law #7: Encrypted data is only as secure as the decryption key.

Law #8: An out of date virus scanner is only marginally better than no virus scanner at all.

Law #9: Absolute anonymity isn’t practical, in real life or on the Web.

Law #10: Technology is not a panacea.

A research group out of Princeton has demonstrated that the bit values in DRAM don’t clear immediately at power-off, but fade over time. The fade time is determined by the temperature, so spraying the DRAM with dust-off can cause the data to remain for ten minutes or more. This technique can then be used to recover disk encryption keys. Here’s the abstract of the paper:

Contrary to popular assumption, DRAMs used in most modern computers retain their contents for seconds to minutes after power is lost, even at operating temperatures and even if removed from a motherboard. Although DRAMs become less reliable when they are not refreshed, they are not immediately erased, and their contents persist sufficiently for malicious (or forensic) acquisition of usable full-system memory images. We show that this phenomenon limits the ability of an operating system to protect cryptographic key material from an attacker with physical access. We use cold reboots to mount attacks on popular disk encryption systems — BitLocker, FileVault, dm-crypt, and TrueCrypt — using no special devices or materials. We experimentally characterize the extent and predictability of memory remanence and report that remanence times can be increased dramatically with simple techniques. We offer new algorithms for finding cryptographic keys in memory images and for correcting errors caused by bit decay. Though we discuss several strategies for partially mitigating these risks, we know of no simple remedy that would eliminate them.

You can read the PDF HERE.