Igeometry Podcast

In this episode of the backend engineering show, I discuss database clustering. This is also known as table clustering, clustered index or Index organized table all names represents the same thing. I will talk about the benefits of clustering and also the disadvantages of implementing clustering. This feature is also implicitly implemented in certain databases. More readings https://www.postgresql.org/docs/14/sql-cluster.html https://oracle-base.com/articles/8i/index-organized-tables https://docs.microsoft.com/en-us/sql/relational-databases/indexes/clustered-and-nonclustered-indexes-described?view=sql-server-ver15 https://dev.mysql.com/doc/refman/5.7/en/innodb-index-types.html Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

In this video, I’ll explain synchronous vs asynchronous operations and then discuss examples where this shows up. In programming, real-time messaging, database systems, and operating systems. 0:00 Definition Synchronous vs Asynchronous 4:15 sync vs async In Programming 7:50 Sync vs Async In Real-time messaging 17:00 Sync vs Async In Database Replication 23:50 Sync vs Async in Database Commits 29:30 Sync vs Async in fsync Operating System cache Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

In this episode of the Backend Engineering show, I'll discuss the advanced section settings in the Application Pool in Internet Information Services in IIS. Chapters 0:00 Intro 0:30 What is an Application Pool 3:00 IIS Multi-processing 5:18 .NET CLR Version 6:00 32-bit apps 6:21 Pipeline Mode (CGI vs ISAPI vs Native) 8:45 Max Queue 10:18 CPU Limiting 16:00 Processor Affinity 20:00 Summary --- Support this podcast: https://anchor.fm/hnasr/support

While the benefits of partial indexes can have a great impact on your database system performance, the implications are also great if misused. Let us discuss partial indexing (Also known as filtered indexes in SQL Server) Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

Replication is the process of pushing changes from the master node to worker replica nodes in a database system to allow for horizontal scalability. One of the methods of replication is statement-based which is popular in MySQL. In this episode of the Backend Engineering Show, I explain why statement-based replication is actually a bad idea. Resources https://www.youtube.com/watch?v=jsWwFL_iqVM https://dev.mysql.com/doc/refman/8.0/en/replication-sbr-rbr.html https://engineering.fb.com/2021/07/22/data-infrastructure/mysql/ https://eng.uber.com/postgres-to-mysql-migration/ --- Support this podcast: https://anchor.fm/hnasr/support

This episode of the backend engineering show is sponsored by my friends at RedisLabs. I’m going to break this video into three sections, we will first define features that qualify a primary database? Then we will see if Redis actually check the boxes of a primary database and finally we explore the features of Redis that take it beyond a primary database. I was personally surprised by most of those. Chapters 0:00 Intro 1:00 What Qualifies a primary database 3:00 Does Redis Check the boxes? 7:40 beyond Redis Resources Try Free: https://bit.ly/3hWr1Uj Redis Advantages: https://bit.ly/3ztx2xw Martin Fowler talking about Impedance Mismatch: https://bit.ly/36ZEOD8 Transactions: https://bit.ly/3wTMKAw ACID 0.5 MM Ops/Seconds on AWS: https://bit.ly/3ruMB5s Consistency and Durability: https://bit.ly/3wYNLr8 Watch and Rollbacks: https://redislabs.com/blog/you-dont-need-transaction-rollbacks-in-redis/#:~:text=Redis%20has%20a%20main%2C%20single,is%20required%20to%20implement%20WATCH Redis Enterprise https://redislabs.co

There was a two hours DNS outage on a company called Akamai that broke several services today July 22, 2021, https://appleinsider.com/articles/21/07/22/akamai-dns-problem-causing-wide-internet-issues Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

IIS (Internet Information Services) is Microsoft's Windows web server. It is feature-rich and very easy to enable. I have been using it for a long time but I noticed I never actually make a video about it. In this video, I'll explore the IIS binding and explain all the options in that form. I might make more videos in the future to explore different aspects of this web server. Videos mentioned Leaky abstractions https://youtu.be/4a3bI7AYsy4 HTTP/2 Limitations https://youtu.be/CUiBVTcgvBU OCSP Stapling https://youtu.be/g08Omc1wi0s Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

In today's show I go through the NodeJS Security Releases for the month of July 2021, lots of interesting vulnerabilities to discuss. 0:00 Intro 1:00 CVE-2021-22918 - libuv DNS Out of bounds Crash 3:40 CVE-2021-22921 - Node Windows installer Local Privilege Escalation 7:30 CVE-2021-27290 - ssri Regular Expression Denial of Service (ReDoS) Resources https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/ https://hackerone.com/reports/1211160 https://snyk.io/vuln/SNYK-JS-SSRI-1085630 --- Support this podcast: https://anchor.fm/hnasr/support

MongoDB, Postgres, Microsoft SQL Server, or MySQL, or any other database manages concurrency control differently. There are two methods, pessimistic and optimistic, both have their pros and cons. Let explore how different databases implement this and what is the effect on performance/scalability. This is often known as Optimistic vs pessimistic locking. Although I don't really like to use locking with this because it confuses the story. 0:00 Intro 2:20 What is Concurrency Control 6:00 Pessimistic Concurrency Control 14:50 Optimistic Concurrency Control Resources https://www.postgresql.org/docs/13/mvcc.html http://source.wiredtiger.com/develop/architecture.html https://docs.microsoft.com/en-us/troubleshoot/sql/performance/resolve-blocking-problems-caused-lock-escalation Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

@MrRajputHacker @Th3Pr0xyB0y found critical universal XSS (an XSS that affects the entire browser, not just one page) on Microsoft Edge. They responsibly reported the bug and detailed it in their article. Let us discuss Resources https://cyberxplore.medium.com/how-we-are-able-to-hack-any-company-by-sending-message-including-facebook-google-microsoft-b7773626e447 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34506 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34475 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

In this episode of the backend engineering show I'll discuss the difference between b-tree and b+tree why they were invented, what problems do they solve, and the advantages and disadvantages of both. I'll also discuss the limitation of implementing b-tree over b+tree and how Discord ran into a memory limitation using b-tree Mongo. Check out my udemy Introduction to Database Engineering course https://husseinnasser.com/courses    Learn the fundamentals of database systems to understand and build performant backend apps 0:00 Data structure and algorithms 1:30 Working with large datasets 6:00 Binary Tree 8:30 B-tree 19:30 B+ tree 22:00 B-tree vs B+ tree benefits 25:00 MongoDB Btree Indexes Trouble 30:00 Summary working with a billion row table (Members only) https://youtu.be/wj7KEMEkMUE indexing video https://youtu.be/-qNSXK7s7_w Discord moving from MongoDB to Cassandra https://www.youtube.com/watch?v=86olupkuLlU https://blog.discord.com/how-discord-stores-billions-of-messages-7fa6ec7ee4c7 Mo

SSH Wormable, Written in Bash and VERY hard to detect. Let’s discuss the DarkRadiation ☢️ Ransomware. This new ransomware is cut from a different cloth. Let us discuss * SSH Wormable * Encrypts with AES (OpenSSL) * It mutates so anti-viruses can’t catch it * Bash * Still under development https://www.trendmicro.com/en_us/research/21/f/bash-ransomware-darkradiation-targets-red-hat--and-debian-based-linux-distributions.html Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

The ALPACA attack stands for application layer protocol confusion attack and discovered by a group of German computer scientists. Let us spend some time analyzing how this attack really works and how dangerous this is. Resources https://alpaca-attack.com/ALPACA.pdf https://var.thejh.net/http_ftp_cross_protocol_mitm_attacks.pdf https://github.com/RUB-NDS/alpaca-code https://github.com/RUB-NDS/alpaca-code/blob/master/testlab/servers/files/nginx-attacker/html/upload/ftps.html https://twitter.com/lambdafu/status/1404567396443164683 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

This Indian computer scientist uncovered a severe bug that allows anyone to view private content. Let’s see how he did it.    https://link.medium.com/goNhkJgv9gb Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

It is inevitable that a backend service will need to get restarted to pick up a new code change, configuration change, or get out of an invalid state. In this show, I'll discuss why do we need restart services and what alternative ways are there to get around it. And then I'll talk about how to achieve a zero-downtown restart and it is not straightforward as one might think. Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

CAP stands for Consistency, Availability, and Partition tolerance. Understanding the CAP theorem can help engineers make better design choices when building distributed systems. In this show, I will explain the CAP theorem and how you can use it to make tradeoffs in your backend design. You probably already are using the CAP theorem without even knowing. Resources https://www.infoq.com/articles/cap-twelve-years-later-how-the-rules-have-changed/#:~:text=The%20CAP%20theorem%20states%20that,to%20network%20partitions%20(P). Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

Fastly, a very popular CDN went down and took down many services, let’s talk about what could have caused this. Resources https://status.fastly.com/incidents/vpk0ssybt3bj https://twitter.com/fastly/status/1402221348659814411?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1402221348659814411%7Ctwgr%5E%7Ctwcon%5Es1_c10&ref_url=https%3A%2F%2Ftwitter.com%2F https://apple.news/ASVV6TIepT8GPIEDjFbyNRg Support my work on PayPal https://bit.ly/33ENps4  Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join

On May 27, 2021, Klarna, a popular fintech company has suffered a serious exposure of personal data which caused a planned outage. Resources https://twitter.com/KezStew/status/1397845638956605440 https://www.klarna.com/us/blog/detailed-incident-report-incorrect-cache-configuration-leading-to-klarna-app-exposing-personal-information/ https://en.wikipedia.org/wiki/Klarna#cite_note-22 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join