Igeometry Podcast

In this video, I go through how I overcome procrastination as a software engineer.  What is Procrastination? 0:00How to Defeat  * Reward based system - a reward after achieving  1:20* discipline, remembering why started this, your goal 3:16* Professional - I need to do the work and ship 6:10 --- Support this podcast: https://anchor.fm/hnasr/support

2020 retrospective Intro 0:00 Goals 0:50 Teaching vs Documenting 4:30 Channel Growth 7:40 2021 10:50 --- Support this podcast: https://anchor.fm/hnasr/support

0:00 Intro 1:00 Summary of the Outage 4:00 Detailed Analysis of the Incident Report On Dec 14 2020 Google across the globe suffered from an outage that lasted 45 minutes nobody could access most of Google services. Google has released a detailed incident report discussing the outage, what caused it, technical details on their internal service architecture and what did they do to mitigate and prevent this from happening in this in the future In this video, I want to take a few minutes to summarize the report and then go into a detailed analysis. You can find youtube chapters to jump to the interesting part of the video. pick your favorite drink, sit back relax, and enjoy. Let's get started. let's start with an overview of how the google id service works, the client connects to Google authentication service to get authenticated or retrieve account information The account information is stored in a distributed manner between the different service ids for redundancy. when an update is made to an account on the le

The Backend Engineering Show Live with Hussein Nasser episode 10 we discuss many great questions!! Indexing Woes, The Secret to Backend Interviews, What is on my Bookshelf? Backend Engineering Show --- Support this podcast: https://anchor.fm/hnasr/support

Exposed Postgres instances are being ssh into and used as a botnet to mine bitcoin, in this video we explain how does that happens.   the trick is the COPY FROM PROGRAM command --- Support this podcast: https://anchor.fm/hnasr/support

At 3:47 am PST almost all google services went down including, gmail, youtube, drive, docs, meet, nest , google maps and many more. It took close to an hour to bring them back up. We still don’t know what caused this outage, in this video we will try to make sense from what we have gathered so far. A detailed analysis video will follow once we get a response from google symptoms Could not sign in to google (account not found) Could not authenticate if you already have a token Services not require authentication also fails to retrieve certain account information (profile, YouTube comments) Guess -> Borg Service that provide authentication, authorization went down, a fix? Storage qouta issue? https://twitter.com/googlecloud/status/1338493015145504770 https://www.tomsguide.com/news/gmail-and-youtube-down-several-google-services-are-not-working-latest-updates Google down? Realtime status, issues and outages for the UK | Downdetector Google Workspace Status Dashboard --- Support this podcast: https://a

When the private key of a matching public key that belong to a certificate is leaked, an attacker can intercept server hello, use their own dh parameters sign it with the stolen private key and ship it to the client effectively doing MITM. This is extremely dangerous and we have no way in the client to know a MITM has happened. That is why a certificate sometimes has to be revoked, and in this video I’m going to discuss those revocation techniques. 0:00 How Certificate Works 3:00 Certificate Revocation List 4:10 OCSP 7:00 OCSP Stapling --- Support this podcast: https://anchor.fm/hnasr/support

In The Backend Engineering Show Live, we discuss Impostor syndrome and Staying Motivated in software engineering field. --- Support this podcast: https://anchor.fm/hnasr/support

Oblivious DoH is a technology that separates IP addresses from queries, so that no single entity can see both at the same time. Cloudflare, Apple & Fastly worked on this and did a good write-up of the tech, we discuss it in this video https://blog.cloudflare.com/oblivious-dns/ https://blog.cloudflare.com/oblivious-dns/ --- Support this podcast: https://anchor.fm/hnasr/support

Oracle introduces a Game Changer Feature in MySQL that allows for OLAP & OLTP workloads in a single database. This is huge let us discuss https://www.oracle.com/emea/news/announcement/oracle-announces-mysql-database-service-with-integrated-analytics-engine-2020-12-03.html https://dev.mysql.com/doc/mysql-analytics/en/mysql-analytics-introduction.html 0:00 Intro 1:40 History of ETL 7:00 How Kafka Helped Data Warehouse 8:20 How RAPID Solves this 11:14 MySQL Database Service Analytics Engine (RAPID) Architecture 14:00 Loading Data 18:00 Summary --- Support this podcast: https://anchor.fm/hnasr/support

In The Backend Engineering Show Live we will have a casual Q&A around QUIC Outline  HTTP/1.1 Trouble HTTP/2 Trouble QUIC Handshake QUIC 0RTT HPACK vs QPACK Why HTTP/3 --- Support this podcast: https://anchor.fm/hnasr/support

In AWS re-invent, Amazon announced open sourcing Babelfish for PostgreSQL, a SQL Server-compatible end-point for PostgreSQL to make PostgreSQL fluent in understanding communication from apps written for SQL Server. Let us discuss what is this technology and whether if its gonna really move developers away form Microsoft SQL Server to Postgres Resources https://aws.amazon.com/blogs/opensource/want-more-postgresql-you-just-might-like-babelfish/ Chapters 0:00 Intro 1:30 Postgres vs SQLServer 5:20 What is Babelfish? 9:40 Why Babelfish May not Work 10:06 Will Babelfish Includes everything? 11:46 BabelFish is an Extra Layer 13:35 What REALLY is Babelfish? 15:00 Performance --- Support this podcast: https://anchor.fm/hnasr/support

Attackers have been disguising trojans and other malicious codes in post-install NPM packages and developers have been targeted. This is another incident from NPM. NPM needs to step up and solve this problem https://www.zdnet.com/article/malicious-npm-packages-caught-installing-remote-access-trojans/ --- Support this podcast: https://anchor.fm/hnasr/support

AWS US east-1 experienced an outage Nov-25-2020. Amazon has updated us with summary detailing what exactly happened to amazon Kinesis that caused the outage let us discuss it 0:00 Intro 1:00 Tldr (diagram) 7:30 Detailed Analysis of What Happened 25:00 Why Cognito Went Down 31:20 Why CloudWatch Went Down 33:20 Why Lambda and AutoScaling Went Down 35:50 Why EventBridge, Elastic Kubernetes and Container Service Went Down 38:00 Why Service Status Went Down 40:00 Summary https://aws.amazon.com/message/11201/ --- Support this podcast: https://anchor.fm/hnasr/support

AWS US east-1 experienced an outage yesterday, let us discuss what could have been the problem and what amazon did to solve it — Latest Update (6:23 PM PST): We’d like to provide an update on the issue affecting the Kinesis Data Streams API, and other dependent services, within the US-EAST-1 Region. We have now fully mitigated the impact to the subsystem within Kinesis that is responsible for the processing of incoming requests and are no longer seeing increased error rates or latencies. However, we are not yet taking the full traffic load and are working to relax request throttles on the service. Over the next few hours we expect to relax these throttles to previous levels. We expect customers to begin seeing recovery as these throttles are relaxed over this timeframe. Resources https://www.datacenterdynamics.com/en/news/aws-us-east-1-region-suffers-errors-and-outages-impacting-its-status-page/ https://disqus.com/by/disqus_DZeJlmjjGx/ https://downdetector.com/status/amazon/ https://www.youtube.com/watch?v=I

In this video I go through the three type of caching and how it is kept in sync. 0:00 Intro 0:30 What is Caching? 1:20 Spatial Cache 3:30 Temporal Cache 5:00 Distributed cache 6:30 Write-Through Cache 8:00 Write-Back Cache --- Support this podcast: https://anchor.fm/hnasr/support

According to Sumo Logic's research, Redis is now officially the most popular database in 2020 on AWS cloud deployment. Let us discuss some of the reasons why the in-memory database became so popular   https://www.theregister.com/2020/11/23/redis_the_most_popular_db_on_aws/ --- Support this podcast: https://anchor.fm/hnasr/support

Felix Wilhelm of Google Project Zero found an injection Vulnerability affecting GitHub Actions and Workflow Commands specifically related to setting malicious environment variables by parsing STDOUT Resources https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/ https://bugs.chromium.org/p/project-zero/issues/detail?id=2070&can=2&q=&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary&cells=ids https://www.zdnet.com/article/google-to-github-times-up-this-unfixed-high-severity-security-bug-affects-developers/ --- Support this podcast: https://anchor.fm/hnasr/support

A botnot caught scanning the web for .ENV file and harvesting Credentials, API Keys and Passwords. Let us discuss   https://www.zdnet.com/article/botnets-have-been-silently-mass-scanning-the-internet-for-unsecured-env-files/ --- Support this podcast: https://anchor.fm/hnasr/support

The Envoy Proxy fixed two zero day vulnerabilities, from Envoy groups : We are announcing the fixes for two zero days that were identified today: Crash in UDP proxy when datagram size is > 1500. This can happen if either MTU > 1500 or if fragmented datagrams are forwarded and reassembled: https://github.com/envoyproxy/envoy/pull/14122. This issue was already under embargo and a new issue was opened in public GitHub. Proxy proto downstream address not restored correctly for non-HTTP connections: https://github.com/envoyproxy/envoy/pull/14131. This issue was opened publicly recently but the security implications were not clear at the time. This will affect logging and network level RBAC for non-HTTP network connections. Resources https://groups.google.com/g/envoy-security-announce/c/aqtBt5VUor0 0:00 0:20 UDP Proxy Crash 2:15 Incorrect Downstream Remote Address --- Support this podcast: https://anchor.fm/hnasr/support