“Last week I wrote a piece called “Programmers: how to make the sysadmin love you“. The feedback has convinced me it needs a counterpart; something written from the perspective of the systems guy trying to get along with the dev team. Having offended all the programmers of the world (not to mention several Americans who don’t know what a fag packet is) it’s time to do the same for you systems folk.”
via mockyblog
October 28, 2010
Sysadmins: how to make the programmers love you
Programmers: how to make the systems guy love you
“As a coder working for an organisation you are focused on building something to meet a defined spec. This spec will say things like “background should be blue”, “tabulated interface for user management” and “should not crash”. It may come with a set of images stitched together by a UI designer of how the site/app/thing is expected to look – either crayoned on the back of a fag packet or more likely mocked up in Photoshop so the UI programmers can pull it apart again for the logos and buttons. In a really good spec you’ll find a storyboard defining how it should behave, ready-made content and all the copy up front. We wish.”
via mockyblog
October 27, 2010
Using MySQL as NoSQL – A story for exceeding 750,000 qps on a commodity server
“Most of high scale web applications use MySQL + memcached. Many of them use also NoSQL like TokyoCabinet/Tyrant. In some cases people have dropped MySQL and have shifted to NoSQL. One of the biggest reasons for such a movement is that it is said that NoSQL performs better than MySQL for simple access patterns such as primary key lookups. Most of queries from web applications are simple so this seems like a reasonable decision.
Like many other high scale web sites, we at DeNA had similar issues for years. But we reached a different conclusion. We are using “only MySQL”. We still use memcached for front-end caching (i.e. preprocessed HTML, count/summary info), but we do not use memcached for caching rows. We do not use NoSQL, either. Why? Because we could get much better performance from MySQL than from other NoSQL products. In our benchmarks, we could get 750,000+ qps (queries per second) on a commodity MySQL/InnoDB 5.1 server from remote web clients. We also have got excellent performance on production environments.
Maybe you can’t believe the numbers, but this is a real story. In this long blog post, I’d like to share our experiences.”
October 24, 2010
Firesheep
“It’s extremely common for websites to protect your password by encrypting the initial login, but surprisingly uncommon for websites to encrypt everything else. This leaves the cookie (and the user) vulnerable. HTTP session hijacking (sometimes called “sidejacking”) is when an attacker gets a hold of a user’s cookie, allowing them to do anything the user can do on a particular website. On an open wireless network, cookies are basically shouted through the air, making these attacks extremely easy.”