The Backend Engineering Show with Hussein Nasser (Hussein Nasser)
Explorez tous les épisodes de The Backend Engineering Show with Hussein Nasser
| Date | Titre | Durée | |
|---|---|---|---|
| 18 Sep 2020 | How I Got "Slightly" Better at Communicating my Ideas Effectively as a Software Engineer | 00:08:11 | |
In this video, I explain how I got better at communicating my thoughts, opinions and ideas and how making content on YouTube Channel actually helped. I still have a long way but I found that making content and continuously trying to get better at delivering the core point helps. | |||
| 10 May 2021 | How HAProxy forwards 2 Million Requests Per Second? - The Backend Engineering Show | 00:47:41 | |
In this show, I go into detail on how HAProxy achieved 2 million HTTP requests per second. This is a very well-written article that discusses how the HAProxy team benchmarked the product on a 64 core ARM machine leading to over 2 million requests per second. There are many components and low-level points that I try to elaborate on, timestamps below. 0:00 Intro 2:40 Summary of the Article 11:55 Latency and Throughput in HAProxy 2.3 vs 2.4 21:00 How TCP Connections Affects Performance 28:00 Maximum Packets we can get in 100Gbps Network? 35:00 How 64 Cores are divided between workloads 40:00 Tail latencies HAProxy 2.3 vs 2.4 42:50 How TLS Affects Performance? HAProxy Blog https://www.haproxy.com/blog/haproxy-forwards-over-2-million-http-requests-per-second-on-a-single-aws-arm-instance/ Support my work on PayPal Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑🏫 Courses I Teach https://husseinnasser.com/courses | |||
| 24 Feb 2021 | 3 New Ways to Crash your NodeJS Server, Update Node JS today! (Feb 2021 Security Update) | 00:10:55 | |
Nodejs Updates are now available for v10.x, v12.x, v14.x and v15.x Node.js release lines for the following issues. 0:00 Intro 1:50 HTTP/2 Unknown Protocol 4:24 Localhost6 DNS Rebinding 6:55 Integer overflow OpenSSL Resources https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/ | |||
| 29 May 2021 | Tor’s Connection Establishment - The Backend Engineering Show with Hussein Nasser | 00:34:46 | |
In this episode, I will discuss Tor’s circuit Establishment which is the core of the Tor protocol. https://svn-archive.torproject.org/svn/projects/design-paper/tor-design.pdf Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑🏫 Courses I Teach https://husseinnasser.com/courses | |||
| 16 Feb 2022 | What does it take to break Bitcoin’s encryption? | The Backend Engineering Show | 00:32:28 | |
I stumbled upon a research calculating how big of quantum computer required to break bitcoin public key encryption. It will take them 300 million quantum bits to find the corresponding private key given a public key. That wasn’t really the most instructive thing really from that research. The interesting thing is how bitcoin design carefully hides information about the original owner which makes breaking it really challenging. In this episode I discuss what does it take to break bitcoin encryption. 0:00 Intro 3:00 Public Key Cryptography 6:30 Bitcoin Keys ( Private key/public key and bitcoin address) 8:18 Why do we need a Bitcoin address 11:13 How minors verify transactions 17:30 When is the bitcoin public key visible? 19:12 The Wallet 20:47 What does it take to break bitcoin? -find wallet.dat file which contain all the keys, some upload that online -obtain public key from digital sign during a transaction posting. If someone used that public key , obtained the private key, then used it to generate a new ransaction to a different address before this transaction get posted. -have a bitcoin address in mine satoshi, find out the public key not possible, then find out the private key from the public key, you can take all the time you need here. Because once you find those puppiest you are off to the races 25:20 Bits of security 28:00 My thoughts Resources https://avs.scitation.org/doi/10.1116/5.0073075 | |||
| 15 Dec 2021 | The Log4j vulnerability | The Backend Engineering Show | 00:35:41 | |
In this episode of the backend engineering show, I discuss the log4j vulnerability (CVE-2021-44228 also known as log4shell) that took the Internet by storm. 0:00 Intro 1:00 log4j 5:30 How the attack started 11:00 Attack with DNS 17:00 Remote Code Execution 23:00 Remedy 31:00 Scanning References https://nvd.nist.gov/vuln/detail/CVE-2021-44228 https://youtu.be/oC2PZB5D3Ys 🧑🏫 Courses I Teach https://husseinnasser.com/courses Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg | |||
| 22 Feb 2022 | Should NodeJS Support HTTP/3? | 00:14:12 | |
It looks like there is demand for bringing QUIC and HTTP/3 to NodeJS, someone donated $1000 dollar to make it happen. However, what are the use cases for supporting HTTP/3 in Nodejs? I talk about whether HTTP/3 should come to NodeJS in this video. https://rysolv.com/issues/detail/863986ce-c8d5-466d-abf4-476d3177452d | |||
| 04 Feb 2021 | UUIDs are Bad for Performance in MySQL - Does Postgres Win? Let us Discuss | 00:21:00 | |
MySQL is clustered by default on the primary key which means inserts have to be ordered, let us discuss why UUID (random in nature) has bad performance in MySQL and whether postgres wins here. We will also explain why Sequential Writes are Faster than Random in MYSQL and https://www.percona.com/blog/2019/11/22/uuids-are-popular-but-bad-for-performance-lets-discuss/ | |||
| 29 Dec 2017 | IGeometry Podcast - Intro | 00:04:10 | |
First podcast - intro - welcome to IG podcast
| |||
| 18 Nov 2020 | Is FireFox HTTPS only Mode The death of HSTS? | 00:08:11 | |
FireFox Enables HTTPS Only Mode, let us discuss https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/ What does it mean?
| |||
| 31 Dec 2018 | 2018 was a great year | 00:01:43 | |
Thank you so much guys for a great year! I love you. -Hussein
2018 was a great year:
Created, edited and posted 120 software engineering youtube videos with over 1.1 Million impressions
Published 75 podcasts with over 8k plays
Self Published a new GIS book
Published two programming online courses #hustle | |||
| 23 Jan 2022 | Multi-tenancy architecture | The Backend Engineering Show | 00:26:16 | |
Multitenancy refers to placing two or more clients, customers or tenants so they share a single resource. The idea behind Multitenancy is to save on resources instead of giving each client its own resource (storage, app, memory, network etc..). You slice each part and give it to dedicated client. The number one rule is those tenants shouldn’t be aware of the existence of other tenants, they need to be completed isolated, no one tenant can read or influence the other’s tenant share. If this is confusing don’t worry I’ll go through examples in this episode of the backend engineering show. 0:00 Intro 2:50 Ssd Multitenancy 6:45 Database Multitenancy 10:14 Networking Multitenancy (SDN) 16:55 VMs and Containers Multitenancy 19:00 Application Multitenancy | |||
| 30 Jun 2020 | What is TCP Fast Open and how can it speeds up Web Application | 00:12:29 | |
TCP Fast Open Spec https://tools.ietf.org/html/rfc7413#section-1 | |||
| 16 Mar 2019 | Episode 93 - Microservices | 00:17:15 | |
Microservices (Explained by Example)
Microservices technology is a new pattern of software engineering that has been popularized recently. In this video we will explain what microservices are, their pros and cons by example.
A lot of companies have moved in the early 2010 such as twitter and netflex to the microservices architecture.
Microservices technology is a pattern where you can break down big application into smaller services and what previously is a function call is now a network call GET or POST through HTTP.
In order to explain what microservices are, we need to explain how a traditional classical application looks like. Here is an example ..
Instagram
View Picture, list comments, likes and Picture and Location.
Picture
Likes
Comments
Picture API (Thumbnails)
Likes API
Comments API Most popular comments
Pros:
Polyglot architecture
Easy scaling for microservices that needs scaling.
Better Team management, each microservice is a team
Easier to innovate certain areas.
Each microservice can pick their own database
Scale busy services instead of entire system
Cons:
Very complicated to implement, network call, service discovery
Very Difficult to debug
Hard to find where the fault is
Network calls fails adds complexity.
5:00
6:50 proxy vs reverse
| |||
| 29 Feb 2020 | Episode 134 - gRPC | 01:19:37 | |
gRPC (gRPC Remote Procedure Calls[1]) is an open source remote procedure call (RPC) system initially developed at Google in 2015[2]. It uses HTTP/2 for transport, Protocol Buffers as the message format. In this video I want to explore gRPC, go through examples, pros and cons of gRPC. Client/ Server communication
Client Libraries gRPC gRPC Demo
gRPC Pros and Cons Pros
Cons
Can you create your own protocol?
| |||
| 03 Sep 2021 | TCP/IP turns 40 | The Backend Engineering Show | 00:29:16 | |
Let us take a moment to appreciate the TCP/IP design by discussing it.
| |||
| 11 Apr 2021 | Can NULLs Improve your Database Queries Performance? - The Backend Engineering Show | 00:22:41 | |
In this episode, we will discuss NULLs in database systems. I’ll go through the following: What is Null? NULLs persistence
When NULLs are naughty
When NULLs are useful
Support my work on PayPal Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑🏫 Courses I Teach https://husseinnasser.com/courses | |||
| 03 Nov 2020 | Installing This Twilio Malware NPM Package Opens a Backdoor on Your Developer Machine | 00:19:59 | |
SonaType detected a Malware in NPM registry imitating to be Twilio package that opens a reverse connection to a remote server and allows attacker to access your local machine content. Let us discuss Since this command is unix specific it won’t work on Windows https://blog.sonatype.com/twilio-npm-is-brandjacking-malware-in-disguise Resources SSH Tunneling https://youtu.be/N8f5zv9UUMI Ngrok https://www.youtube.com/watch?v=pR2qNnVIuKE | |||
| 19 Feb 2024 | The Beauty of Programming Languages | 00:18:17 | |
In this video I explore the type of languages, compiled, garbage collected, interpreted, JIT and more. | |||
| 01 Mar 2021 | S3 compliant MinIO Suffers an Server Side Request Forgery vulnerability, lets discuss | 00:10:45 | |
MinIO, an S3 Compliant object-store suffered from a Server Side Request Forgery Vulnerability in early Feb 2021 which has been fixed quickly and addressed. In this video we go through the bug and what can we learn from it | |||
| 11 Nov 2021 | Postgresql index bloat | The Backend Engineering Show | 00:27:53 | |
Postgresql database implements MVCC by creating a new row version for any update/delete/or insert. While this is a sound implementation to support concurrent transactions reading old version of the rows, it does have some side effects and this is what I want to discuss in this episode of the backend engineering show. 0:00 Intro 1:00 Postgres MVCC design 6:42 MVCC on other databases 11:15 Side-effects of Row-versioning 17:00 Postgres HOT optimization 19:50 How Index bloat affects Performance 24:20 How Postgres 14 Addresses index bloat Cards: 14:12 b-tree https://www.youtube.com/watch?v=a1Z40OC553Y Resources https://www.postgresql.org/docs/14/btree-implementation.html#BTREE-DELETION | |||
| 24 Sep 2020 | When to Build a Stateless vs Stateful Back-ends using the right protocols (UDP, TCP, HTTP, QUIC, WebSockets) | 00:09:06 | |
In this video I explain how communication protocols are built on top of each other and how each protocol can be stateful or stateless. We need to understand this in order to know which protocol to use to build the right backend. | |||
| 25 Feb 2021 | Which DBMS will Implement QUIC First? Can the QUIC Protocol improve Database Performance in Web Applications? | 00:13:04 | |
In this video, I discuss why QUIC will make a great communication protocol for databases and how it solves a critical problem with stateless web applications. Web applications use database connection pooling to establish database connections on the backend. But that creates other sorts of problems. | |||
| 11 May 2020 | Machine Learning Occupancy Detection System being deployed in California | 00:10:35 | |
Metroexpress lane is implementing a Machine Learning Occupancy Detection System which I found interesting. In this video I discuss machine learning, supervised learning, labeling and much more. | |||
| 09 Feb 2020 | Episode 129 - Node JS Releases a Fix for an HTTP Request Smuggling Vulnerability | 00:12:17 | |
Node JS Releases a Fix for an HTTP Request Smuggling Vulnerability, we discuss the attack and the fix in detail.
| |||
| 16 Feb 2019 | Episode 90 - You will be Judged | 00:21:23 | |
It is a long weekend with the president day on Monday. Which means it is another good opportunity to create more art. Whether that is a new ArcGIS pro Add-in or a new map, a painting, a new piece of poetry or music. This also means more chances to get discovered, which means more chances to get criticized. I get criticized all the time now that I have bigger exposure and this is our topic for this podcast coming up,
| |||
| 06 Nov 2022 | OpenSSL new vulnerability | 00:10:27 | |
Two new vulnerabilities in openssl were discovered, we discuss them in this video https://www.openssl.org/news/secadv/20221101.txt | |||
| 21 Aug 2021 | How Redis efficiently snapshots gigabytes of memory to disk (forking) | 00:04:36 | |
I discuss the concept of process forking, copy on write (COW) aka shadowing, and how Redis the in-memory database take advantage of that for asynchronous snapshotting, https://redis.io/topics/persistence | |||
| 24 Dec 2020 | 2020 Retrospective | 00:12:57 | |
2020 retrospective
| |||
| 06 Feb 2018 | Episode 25 - Cash in on your passion | 00:08:01 | |
This episode is pulled from my vlog right after I finished Gary vee book Crush it. Today I finished @garyvee book Crush it (Cash in on Your Passion). I read alot of books but dont necessary review them in my SM. However this book is different, though written 9 years ago and some technologies are dead but that in itself shows this guy jumps on bleeding edge technologies like there is no tomorrow which I love. Never mind, that book actually inspired me to twist Gary’s ideas in the software engineering realm. And that is the topic of the vlog, you are passionate about 8 bit video game development? Build a community around it. You really genuinely love the assembly language? Build software with assembly and make videos and show your love, you will be surprised how many engineers share your interest. Cant wait for Gary’s new book Crushing it! - I would really like to thank my YouTube mentor @robertoblake for introducing me to such passionate person.
| |||
| 06 Jul 2018 | Episode 35 - ArcGIS Server Talk - Pooling | 00:11:12 | |
Discussing Connection Pooling in ArcGIS Server
| |||
| 28 Jan 2023 | Your DNS queries will eventually look like this (0x20 DNS encoding) | 00:26:20 | |
Correction: Google is implementing the proposal originally submitted by researchers from Georgia institute of tech. I incorrectly said in the video that google is proposing this . Google is finally implementing a proposal from 2008 by researchers from Georgia institute of technology to make DNS cache poisoning . https://astrolavos.gatech.edu/articles/increased_dns_resistance.pdf https://datatracker.ietf.org/doc/html/draft-vixie-dnsext-dns0x20-00 0:00 Intro 2:00 How DNS Work 5:00 DNS Cache Poisoning 14:00 gOoGLe dot CoM 16:20 ASCII 0x20 casing 18:30 Randomizing the casing with encryption 22:30 limitations of this proposal 24:00 Credits | |||
| 11 Jul 2022 | Amazon Aurora Supports Postgres 14 | 00:12:13 | |
Amazon Aurora PostgreSQL-Compatible Edition now supports PostgreSQL major version 14 (14.3). Let us discuss this news. https://aws.amazon.com/about-aws/whats-new/2022/06/amazon-aurora-supports-postgresql-14/ 0:00 Intro 1:00 Database on the Cloud options 3:45 Amazon Aurora supports Postgres 14 6:00 Postgres 14 vs Postgres 13 | |||
| 30 Jul 2021 | Can Redis be used as a Primary database? | 00:13:05 | |
This episode of the backend engineering show is sponsored by my friends at RedisLabs. I’m going to break this video into three sections, we will first define features that qualify a primary database? Then we will see if Redis actually check the boxes of a primary database and finally we explore the features of Redis that take it beyond a primary database. I was personally surprised by most of those. Chapters 0:00 Intro 1:00 What Qualifies a primary database 3:00 Does Redis Check the boxes? 7:40 beyond Redis Resources Try Free: https://bit.ly/3hWr1Uj Redis Advantages: https://bit.ly/3ztx2xw Martin Fowler talking about Impedance Mismatch: https://bit.ly/36ZEOD8 Transactions: https://bit.ly/3wTMKAw ACID 0.5 MM Ops/Seconds on AWS: https://bit.ly/3ruMB5s Consistency and Durability: https://bit.ly/3wYNLr8 Watch and Rollbacks: https://redislabs.com/blog/you-dont-need-transaction-rollbacks-in-redis/#:~:text=Redis%20has%20a%20main%2C%20single,is%20required%20to%20implement%20WATCH Redis Enterprise https://redislabs.com/redis-enterprise/advantages/ https://redis.io/topics/transactions#cas https://redislabs.com/blog/you-dont-need-transaction-rollbacks-in-redis/#:~:text=Redis%20has%20a%20main%2C%20single,is%20required%20to%20implement%20WATCH. https://docs.redislabs.com/latest/rs/concepts/data-access/consistency-durability/ | |||
| 16 Mar 2021 | The Second Microsoft Global Outage in less than 6 months | 00:12:44 | |
On March 15, 2021, users couldn’t sign in to Microsoft services the majority of the impact was with teams but other services were affected. A similar outage happened back in Sep 2020 (I covered it here https://www.youtube.com/watch?v=0ozri9APCv0&t=68s) Microsoft 365 Service health status https://twitter.com/MSFT365Status/status/1371546946263916545 | |||
| 07 Jan 2021 | Have a Node JS Server? Update it Now! | 00:07:25 | |
NodeJS Jan 2021 released its security update and its time to go through them! Resources https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/use-after-free in TLSWrap (High) (CVE-2020-8265) HTTP Request Smuggling in nodejs (Low) (CVE-2020-8287) OpenSSL - EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971) | |||
| 23 Feb 2022 | The Slack 2/22/22 Outage | 00:12:11 | |
On 2/22/2022 Slack experienced a 3 hours outage from 6AM to 9AM PST because of a configuration change. That change lead to increase load to their database infrastructure which causes queries to starve. Lets discuss | |||
| 19 Mar 2023 | All Postgres Locks Explained | A Deep Dive | 00:49:11 | |
Get my database engineering course https://database.husseinnasser.com In this video I do a deep dive in all locks obtained by postgres, I learned a lot while making this video and hope you enjoy it. 0:00 Intro 2:30 What are Locks? 5:30 Overview of Postgres Locks 9:10 Table-Level Locks 11:40 ACCESS EXCLUSIVE 17:40 ACCESS SHARE 19:00 ROW SHARE 21:15 SHARE UPDATE EXCLUSIVE 23:30 SHARE 24:50 SHARE ROW EXCLUSIVE 25:18 EXCLUSIVE 25:30 Table Lock Conflict Matrix 28:30 Row-Level Locks 30:00 FOR UPDATE 33:00 FOR NO KEY UPDATE 34:00 FOR SHARE 34:40 FOR KEY SHARE 39:25 Page-Level Locks 42:00 Deadlocks 46:00 Advistory Locks 47:20 Summary
| |||
| 28 Oct 2018 | Episode 59 - Geodatabase Talk - Split | 00:11:45 | |
We discuss how split work, the split policy on the domain and the split editing model.
| |||
| 07 Oct 2020 | We Need to Stop the Microservices Madness - Scaling with Common Sense | 00:47:23 | |
I stumbled upon this interesting article titled Scaling with common sense, the author goes into different topics of the bad practices of pre-mature scaling and optimization specifically with regards to microservices and k8. Let us discuss Resources https://zerodha.tech/blog/scaling-with-common-sense/ 0:00 Intro 3:00 Comparisons are almost always meaningless. 5:30 Scaling starts with well built software. 8:50 Eat healthy and exercise daily. 10:15 KISS, don’t be afraid, and boring better cool. 12:00 The bottleneck is almost always the database. 13:40 RDBMS works, almost always. 15:00 Everyone forgets to index. 17:30 Don’t use an RDBMS. What? 19:40 Networking/IO is really hard. Network as little as possible. 21:20 Connections are hard. Connect little, pool much. 25:00 Latency is THE metric. 26:10 The Internet is the Wild Wild West. 28:40 Caching is a silver bullet, almost. 29:00 Dumb caching is best caching. 29:40 Some application state may not be bad. 31:20 HTTP APIs can be E-Tagged (304) too. 34:12 Allocation is expensive. 37:40 Multi-threading and concurrency are necessary, but hard. 38:30 Some technologies are genuinely slow. Use fast technologies. 39:30 Scaling horizontally, vertically, and “enterprisely”. 40:30 Human impediment. 42:20 My Thoughts on Microservices 🎙️Listen to the Backend Engineering Podcast https://husseinnasser.com/podcast 🏭 Backend Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT 💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2 🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC 🏛️ Software Archtiecture Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9 📩 Messaging Systems https://www.youtube.com/playlist?list=PLQnljOFTspQVcumYRWE2w9kVxxIXy_AMo Become a Member https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join Support me on PayPal https://bit.ly/33ENps4 Stay Awesome, Hussein | |||
| 29 Oct 2018 | Episode 60 - ArcGIS Server Talk - Database Schema Lock | 00:07:51 | |
In this episode of arcgis server talk we discuss the database schema lock option in manager. Advantages and disadvantages of having your service acquire a lock.
| |||
| 06 Jan 2019 | Episode 81 - ArcGIS Server Talk - SOE vs SOI | 00:17:32 | |
ArcGIS Server is a technology that allows you to pull your heavy work load on the backend and isolate the clients from complexity of the database by exposing HTTP services instead of low level TCP database. You can also extend the server capability by writing your own extensions. In this episode ArcGIS Server talk we will talk about two ways you can extend your ArcGIS server, Server Object Extensions and Server Object Interceptors. Server Object Extension Extends the MapServer to allow you to write your own logic that cannot be easily done by built - in Feature Server or Map server. Or it is more performant to do it. Users create new excavation I want to auto-calculate the price of the excavation based on the soil type, whether there are trees, rocks. Server Object Interceptors You don’t write new thing you instead intercept existing calls to query and applyEdits to inject your own logic to pre or post processing. Lets say every-time any application tries to write to the service, you want to verify that the edit is permissible. Include water marks to all images that are downloaded. Learn more about SOE vs SOI here http://enterprise.arcgis.com/en/server/latest/publish-services/linux/about-extending-services.htm | |||
| 07 Feb 2021 | Can China Block the New Encrypted Client Hello TLS Extension? Let us Discuss | 00:29:07 | |
In this video, I will discuss the new TLS extension Encrypted Client Hello which is a new mechanism to encrypt the entire client hello, very interesting and elegantly design but I have my few reservations and criticisms. Let us discuss. Intro 0:00 Classic TLS with SNI 7:00 ESNI 9:30 ECH 12:30 Limitations and Problems 21:00 Let's say the backend server hosts example.com with the cert of example.com and let us call this the “real” SNI. To support ECH, the same server should also host a client facing cert, lets call it server-ech.com with corresponding server-ech.com cert. So your server IP address is hosting two domains. example.com and ( server-ech.com just to support ech) So when you perform an oDoH/DoH query looking for example.com you will get back the IP address of example.com, (which is the same ip address as server-ech.com), you will also get the ephemeral public key of example.com from the HTTPSSVC DNS record. This will be used to encrypt the inner client hello, and finally, you will get a record of the front-facing server domain name which is server-ech.com. The client prepares the TLS ECH, it builds the outer client hello with the SNI value as server-ech.com, and the inner client hello with the real SNI (example.com) along side ALPN and other stuff.. It then uses the public key of example.com retrieved from the HTTPS DNS record to encrypt the inner client hello. The client sends the ECH. Server receives the ECH, and attempts to decrypt the inner client hello with the corresponding ephemeral private key, if it succeeds it then completes the server hello and key exchange as normal. if it fails to decrypt the inner client hello with its own private key that means the public key used, was stale, outdated, bad etc.. . The client then uses the outer client hello and it checks, do I have server-ech.com, yes I do have a cert for that, let me just finish the key exchange and server hello with that instead, and btw, here is my REAL public key for example.com so you can use it for future ECHs. the public key is going to be encrypted for sure (that was something not clear in the article) because its TLS 1.3 and things are immediately encrypted from the server. The client then finishes the handshake and finds out the public key and immediately terminate the connection and re-establishes it with brand new encrypted inner client hello that uses the new server public key which we know this time its going to work .. I can image getting into an infinite loop if the server accidentally gave a wrong public key. also some cons of ECH comes to mind is the larger client hello + the additional backend management to host that client facing server and cert. Also another question, what If I’m hosting 100 domains on my single IP address, do I get a single ephmeral public key for ECH? or is it per domain? and how does my server know what private key to use to decrypt, does it just try them one by one? or is there an indication to which public key was used to encrypt the inner client hello.. (I’m guessing there is ) https://blog.cloudflare.com/encrypted-client-hello/ | |||
| 17 Jun 2020 | Multicast DNS | 00:06:53 | |
In this video I discuss multicast DNS. Wikipedia defines multicast dns In computer networking, the multicast DNS (mDNS) protocol resolves hostnames to IP addresses within small networks that do not include a local name server. 0:00 Intro 0:30 DNS Explained in LAN 4:00 Multicast DNS | |||
| 27 May 2021 | I almost Burnt out creating software engineering content on YouTube, here is what I learned | 00:15:25 | |
This is an honest video about burnout and what a content creator can do to avoid it creating content on YouTube. Support my work on PayPal https://bit.ly/33ENps4 | |||
| 28 Dec 2019 | Episode 120 - What is Fail-over? Achieving High-Availability | 00:20:02 | |
Failover is the technique of switching to a redundant backup machine when a certain node goes down. This is a very common implementation for achieving high availability and it is often mixed with different load balancing techniques such as layer 4 and layer 7 balancing. In this video i want to go through following * What is Failover? 1:47
* ARP - Address Resolution Protocol 3:00
* VIP & VRRP 5:40
* High-availability Example 12:12
Cards 4:00 ARP 12:50 docker javascript 18:00 OSI Model
| |||
| 02 May 2021 | Publish-Subscribe Pattern vs Message Queues vs Request Response (Detailed Discussions with Examples) | 00:44:31 | |
In this podcast I’ll explain the message queues, the request response pattern and the publish subscribe pattern. I will also illustrate the main differences between them and when to use over another. 0:00 Intro 0:30 Message Queues in 60 Seconds 1:24 When to Use Message Queues? 14:33 Request Response Pattern 20:00 Request Response Pros & Cons 24:11 Publish Subscribe Pattern in 60 Seconds 25:13 Publish Subscribe Pattern 31:49 Publish Subscribe Pattern Pros and Cons Support my work on PayPal Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑🏫 Courses I Teach https://husseinnasser.com/courses | |||
| 01 Aug 2022 | Replacing TCP for the Datacenter - Discussing the Homa paper | 01:23:44 | |
In this episode of the backend engineering show I go through and discuss the Homa Protocol paper which attempts to replace TCP as a protocol in the data centers. I learned a lot from this paper, I have my criticisms of certain aspects, timestamps for topics discussed below. It appears there is a path to replace TCP in the datacenter and professor John tries to explain this path. Referenced materials mentioned in the episode Overview paper https://web.stanford.edu/~ouster/cgi-bin/papers/replaceTcp.pdf Homa 2018 paper (Details) https://people.csail.mit.edu/alizadeh/papers/homa-sigcomm18.pdf NIC Offloading in Linux https://en.wikipedia.org/wiki/TCP_offload_engine#Support_in_Linux Curl disabling Nigel Algo https://github.com/curl/curl/commit/4732ca5724072f132876f520c8f02c7c5b654d9 0:00 Intro 3:00 The nature of networking data center 5:30 TCP Segments 7:30 There is no “Request” in TCP 12:00 What so unique about Data centers? 14:00 Message Throughput vs Data throughput 18:25 Congestion Control 22:38 Homa’s Congestion Control 25:00 Server Core Load Balancing 28:30 NIC offloading 30:00 Everything Wrong about TCP 37:00 Why not QUIC? 40:00 Limitation of Streaming 44:10 Load Balancing Stream Reading 47:15 Can we treat Segments as Messages? 51:00 Dispatching Messages is Easier 53:00 Connection Orientation 1:00:00 Sender Driven Congestion Control 1:03:00 In Order Packet Delivery 1:07:00 DCTCP 1:08:30 Homa is Message Based 1:11:00 Home is Connection Less 1:12:00 Receiver Driven Congestion Control 1:15:19 Out of Order Packets 1:16:20 Homa API is not Compatible with TCP 1:17:40 Will Homa come to HTTP? 1:18:45 Conclusion | |||
| 20 Oct 2018 | Episode 58 - The Art of Software Troubleshooting | 00:13:08 | |
In this episode of #softwaretalk we discuss the art of software troubleshooting. We can become better software engineers by aiming to excel at our craft. Not just find a bug, but track its cause. Not just find a bad performing workflow in the app but find out what causes the performance bottleneck. Do the due diligence.
Enjoy this episode guys
www.husseinnasser.com
| |||
| 07 May 2024 | They made Python faster with this compiler option | 00:29:04 | |
Fundamentals of Operating Systems Course https://oscourse.win Looks like fedora is compiling cpython with the -o3 flag, which does aggressive function inlining among other optimizations. This seems to improve python benchmarks performance by at most 1.16x at a cost of an extra 3MB in binary size (text segment). Although it does seem to slow down some benchmarks as well though not significantly. O1 - local register allocation, subexpression elimination O2 - Function inlining only small functions O3 - Agressive inlining, SMID 0:00 Intro 1:00 Fedora Linux gets Fast Python 5:40 What is Compiling? 9:00 Compiling with No Optimization 12:10 Compiling with -O1 15:30 Compiling with -O2 20:00 Compiling with -O3 23:20 Showing Numbers Backend Troubleshooting Course https://performance.husseinnasser.com | |||
| 07 Sep 2020 | Is there a Limit to Number TCP Connections a Backend can handle? | 00:19:31 | |
Someone asked me a question and I felt its interesting to make a video about, is there a limit to the maximum number of TCP connections a Client can make to the server? If there is what is it? and how does that make sense in all the configurations? 0:00 Intro 1:00 Is there a Max Connection Limit? 4:30 64K Connection Limit Explained 7:20 Max Connections on Reverse Proxies and Max Connections 14:30 How does Router get around Max Connections? 7:00 3 million whatsapp https://www.youtube.com/watch?v=vQ5o4wPvUXg 10:25 envoy https://www.youtube.com/watch?v=40gKzHQWgP0& 12:50 google https://www.youtube.com/watch?v=CUiBVTcgvBU 14:00 Active Active https://www.youtube.com/watch?v=d-Bfi5qywFo | |||
| 17 Aug 2020 | What are Third Party Cookies, How do they work? | 00:16:27 | |
In this video I explain in details what are third party cookies and how do they work and explain the same site property that google changed 0;30 SameSite 6;00 CORS 6;22 Content Security Policy https://www.youtube.com/watch?v=nHOuakyHX1E https://blog.chromium.org/2020/01/building-more-private-web-path-towards.html | |||
| 15 Jan 2021 | The 2021 Slack Outage (Detailed analysis) | 00:44:20 | |
On Jan 4th 2021, Slack experienced a global outage that prevented customers from using the service for nearly 5 hours. Slack has released the Root cause analysis incident report which I’m going to summarize in the first part of this video. After that Ill provide a lengthy deep dive of the incident so make sure to stick around for that. If you are new here, I make backend engineering videos and also cover software news, so make sure to Like comment and subscribe if you would like to see more plus it really helps the channel, lets jump into it. So This is an approximation of Slack’s architecture based on what was the described in the reports. Clients connects to load balancers, load balancers distribute requests to backend servers and backend servers finally make requests to database servers which is powered by mysql through vitess sharding. All of those are connected by routers in cross boundary network. Around 6AM jan 4 , the cross network boundary routers setting between LB and backend and backend to DB started to drop packets. This lead to the load balancers slowly marking backends as unhealthy and removing them from the fleet Which compounded the amount of requests The number of failed requests eventually triggered the provisioning service to start spinning an absurdly large number of backend servers However the provisioning service couldn’t keep up with the huge demand and shortly started to time out for the same networking reasons and eventually ran out of maximum open file handles. Eventually Slack’s cloud provider increased the networking capacity and backend servers went back to normal around 11 AM PST This was a summary of the slack outage, Now set back, grab your favorite beverage and lets go through the detailed incident report! 0:00 Outage Summary 2:00 Detailed Analysis Starts 5:20 The Root Cause 30:00 Corrective Actions | |||
| 25 Aug 2024 | Running out of TCP ephemeral source ports | 00:20:06 | |
In this episode of the backend engineering show I describe an interesting bug I ran into where the web server ran out of ephemeral ports causing the system to halt. 0:00 Intro 0:30 System architecture 2:20 The behavior of the bug 4:00 Backend Troubleshooting 7:00 The cause 15:30 Ephemeral ports on loopback | |||
| 05 Apr 2020 | What is a Distributed Transaction in Microservices? | 00:21:27 | |
In this video I explore what is a distributed transaction but first I explain what is a transaction, then why we invented distributed transactions and finally discuss proposed solutions to implement distributed transactions Cards 2:40 ACID https://www.youtube.com/watch?v=pomxJOFVcQs 7:30 Microservices https://www.youtube.com/watch?v=T-m7ZFxeg1A Transactions 2:30 Compensating Edits 6:40 Atomic Clocks 11:50 Event Sourcing 13:30 Mini-Monolith 15:20 Resources https://www.youtube.com/watch?v=YPbGW3Fnmbc https://www.youtube.com/watch?v=S4FnmSeRpAY https://www.youtube.com/watch?v=epOLEdaPSLQ https://softwareengineeringdaily.com/2018/12/19/linkerd-service-mesh-with-william-morgan/ 🏭 Software Architecture Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9 💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2 🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr 🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC 🐘 Postgres Videos https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj 🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r 🧮 Programming Pattern Videos https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe 🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv 🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO 🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX 🔆 Javascript Videos https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM 👾Discord Server https://discord.gg/CsFbFce Support me on PayPal https://bit.ly/33ENps4 Become a Patreon https://www.patreon.com/join/hnasr? Stay Awesome, Hussein | |||
| 05 Mar 2024 | Google Patches Linux kernel with 40% TCP performance | 00:14:24 | |
Get my backend course https://backend.win Google submitted a patch to Linux Kernel 6.8 to improve TCP performance by 40%, this is done via rearranging the tcp structures for better cpu cache lines, I explore this here. 0:00 Intro 0:30 Google improves Linux Kernel TCP by 40% 1:40 How CPU Cache Line Works 6:45 Reviewing the Google Patch https://www.phoronix.com/news/Linux-6.8-Networking https://lore.kernel.org/netdev/20231129072756.3684495-1-lixiaoyan@google.com/ Discovering Backend Bottlenecks: Unlocking Peak Performance https://performance.husseinnasser.com | |||
| 30 Mar 2020 | What is On Demand TLS? | 00:14:54 | |
On-Demand TLS is a new feature developed by Caddy Web Server that allows TLS certificate to be generated on the first request, I explain this tech and their pros and cons in this video. | |||
| 15 Feb 2021 | How timeouts can make or break your Backend load balancers | 00:21:25 | |
In this video I go over the critical timeouts on a Proxy system such as reverse proxy or load balancer and how can you configure each one to protect against attacks or outages. Nginx and HAProxy just a few proxies that you can configure to be load balancers. | |||
| 21 Jul 2020 | TLS 1.1 is Dead … Well Almost! thanks to Chrome 84- Deep Dive Analysis | 00:14:48 | |
In this video I go through why TLS 1.0 and TLS 1.1 should go away. Resources https://threatpost.com/riskrecon-the-tls-1-2-deadline-is-looming-do-you-have-your-act-together/157296/ https://www.zdnet.com/article/chrome-84-released-for-blocking-notification-popups-on-spammy-sites/ https://www.theregister.com/2020/07/20/microsoft_roundup/ | |||
| 18 Oct 2020 | Software Engineering is Overwhelming | 00:35:06 | |
Software Engineering is overwhelming and hard, I discuss how to ease up that burden and make it fun here. 0:00 Intro 2:20 Learning Software Engineering 17:55 Bugs 23:30 Design Activities 28:50 Summary 🎙️Listen to the Backend Engineering Podcast https://husseinnasser.com/podcast 🏭 Backend Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT 💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2 🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC 🏛️ Software Archtiecture Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9 📩 Messaging Systems https://www.youtube.com/playlist?list=PLQnljOFTspQVcumYRWE2w9kVxxIXy_AMo Become a Member https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join Support me on PayPal https://bit.ly/33ENps4 Stay Awesome, Hussein | |||
| 03 Dec 2021 | Postgres HOT Optimization | The Backend Engineering Show | 00:25:27 | |
In this episode of the backend engineering show taken from my udemy Q&A I discuss the reasons behind Postgres HOT Optimization or heap only tuple. | |||
| 22 Jan 2021 | Brave is Decentralized - Users can Consume and HOST IPFS Decentralized Web Content through Brave | 00:12:34 | |
Brave supports IPFS (InterPlanetary File System) which is a protocol designed to replaced HTTP as a decentralized alternative. This allows users to host and consume Resources https://brave.com/brave-integrates-ipfs/ https://ipfs.io/#how | |||
| 19 Oct 2020 | Moving from a Network Engineer to a Backend Engineer - Career Path Advice | 00:08:27 | |
In this video I explain how Network Engineers can move to be a Backend Engineer by capitalizing on their skills in networking. Network Engineers can build great and improve the communication protocols that Backend Engineers use for service to service communication. Network Engineers can also be specialized in Proxies, Reverse Proxies, Load Balancers and Caching Layers. | |||
| 24 Aug 2020 | Windows 95 is 25 Years Old Today and I am feeling nostalgic, let us discuss | 00:11:15 | |
Windows 95 was a great operating system, wrote so many apps on top of it and played so many games too. Join me as I discuss this https://www.theverge.com/21398999/windows-95-anniversary-release-date-history | |||
| 13 Sep 2021 | Spook.js - This will bloat Chrome even more | The Backend Engineering Show | 00:18:05 | |
Spook.js is a new transient execution side channel attack which targets the Chrome web browser. We show that despite Google's attempts to mitigate Spectre by deploying Strict Site Isolation, information extraction via malicious JavaScript code is still possible in some cases. Resources https://www.spookjs.com/ https://www.chromium.org/developers/design-documents/site-isolation Paper: https://www.spookjs.com/files/spook-js.pdf Chapters 0:00 Process Isolation in Chrome 8:00 Spook.js subdomain Attack 12:00 Spook.js Extension Attack 13:00 Summary Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑🏫 Courses I Teach https://husseinnasser.com/courses | |||
| 26 May 2022 | Redo, Undo and WAL logs | The Backend Engineering Show | 00:40:40 | |
Database logging is a critical feature to maintain durability, in this show I discuss them in details 0:00 intro 1:00 ad 3:30 Start of the Show 6:00 What is commit 9:30 What if a commit fails half way 11:00 WAL 23:00 Checkpointing 27:00 fsync 33:00 Undo logs Get $20 off of your first order of cometeer quality delicious coffee https://cometeer.com/husseinnasser use coupon HUSSEIN20 ☕️
| |||
| 19 Dec 2021 | Log4DoS - New Denial of Service discovered in log4j | The Backend Engineering Show | 00:19:12 | |
Right after the latest patch log 4j 2.16, a new denial of service vulnerability surfaced on log4j resulting in a new 2.17 patch. Let us discuss. 0:00 log4dos 4:50 History of log4j fixes 15:20 All love to the open source maintainers Previous Backend Engineering show episode coverage of log4shell https://youtu.be/77XnEaWNups https://logging.apache.org/log4j/2.x/security.html# Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 | |||
| 26 Feb 2020 | Episode 133 - Firefox fixes a bug that prevented users from signing into the Royal Bank of Canada (73.1) | 00:05:26 | |
Firefox version 73.1 fixes a bug that prevented users from signing into Royal Canadian Bank (Firefox fixed a bug that prevented Canadians from signing in to their bank royal Canadian bank) what caused it? Lets get into it * Users will sign in and will get blank page. * Cause Beacon API and HTTP/2 * Bug has been there forever Sources https://bugzilla.mozilla.org/show_bug.cgi?id=1613943#c16 🏭 Software Architecture Videos | |||
| 31 Dec 2019 | Episode 122 - ARP | 00:15:26 | |
ARP Address Resolution Protocol is a protocol that maps IP address to a mac address so hosts can be addressed. I want to make a video explaining ARP because it is starting to surface a lot in different videos that I’m making such as man in the middle, load balancing, and security.
| |||
| 09 Sep 2020 | Kafka Consumer Group is a Brilliant Design Choice and We should Discuss it | 00:21:23 | |
Apache Kafka is an interesting software, every design decision the team makes perfect sense. I decided to dive deep into the discussion of the consumer group concept which is underrated and talk more about it. 0:00 Intro 1:24 Messaging Systems Explained 3:30 Partitioning 4:30 Pub/Sub vs Queue 6:55 Consumer Group 10:00 Parallelism in Consumer Group 10:30 Partition awareness in Consumer Group 11:30 Achieving Pub/Sub with Consumer Group 14:00 Head of Line blocking in Kafka | |||
| 04 Mar 2018 | Episode 29 - Who is Hussein Nasser? | 00:29:16 | |
In this podcast I talk about my story. Where did I come from? What did I study? What jobs did I have? Why did I start my blog and Youtube Channel? How did I write my books? Why did I move to the United States? and much more..
Stay Awesome guys and Enjoy the podcast.
Hussein
| |||
| 09 May 2021 | The Tale of OLTP, OLAP, and HTAP in Data Warehousing - The Backend Engineering Show with Hussein Nasser | 00:42:53 | |
In this show, I discuss why we have 3 data models in database systems, OLTP (Online Transactional Processing) OLAP (Online Analytical Processing), and HTAP (Hybrid Transactional Analytical Processing). I’ll also explain the difference between them, the use of ETL tools (extract transform load) to load data from transactional to analytical databases, and what is the future of HTAP. Support my work on PayPal Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑🏫 Courses I Teach https://husseinnasser.com/courses | |||
| 13 Dec 2018 | Episode 75 - Arcade - The ArcGIS Scripting Language | 00:07:30 | |
In this episode we discuss the ArcGIS scripting language Arcade. New to GIS? Checkout my books and courses here https://husseinnasser.com/books
| |||
| 25 Nov 2020 | Basic Caching Techniques Explained - Spatial, Temporal, Distributed, Write-Through, Write-Back, Cache Aside | 00:10:23 | |
In this video I go through the three type of caching and how it is kept in sync. 0:00 Intro 0:30 What is Caching? 1:20 Spatial Cache 3:30 Temporal Cache 5:00 Distributed cache 6:30 Write-Through Cache 8:00 Write-Back Cache | |||
| 16 Jun 2019 | Episode 98 - Encryption | 00:22:38 | |
Encryption is the process of scrambling data to protect personal files, secure communication, hide identities and much more. In this video we will learn about the different type of encryptions we will talk about symmetric encryption, asymmetrical encryption, where they are used for and the pros and cons of each one.
Symmetric encryption Might as well just call it classic encryption I would argue and i think this is the first encryption known to us. I have some thing I dont want anyone to see I use a lock key to lock it. Only I can open it unless I have a lock. The same key you use to encrypt is the same key to Decrypt. Examples Examples of popular symmetric-key algorithms include AES Twofish Serpent DES Twofish, Serpent, AES (Rijndael), Blowfish CAST5, Kuznyechik, RC4, DES, 3DES, Skipjack, Safer+/++ (Bluetooth), and IDEA Asymmetrical encryptions We had symmetric encryptions for a long time, then internet came and networking and we needed to encrypt messages going back and forth. We said cool lets use AES. Then we said wait a second.. the other computer doesnt really have my key so we need to encrypt it.. Also called Public key encryption 1977 Rivest–Shamir–Adleman (RSA)
| |||
| 21 May 2023 | The problem with software engineering | 00:17:39 | |
ego is the main problem to a defective software product. the ego of the engineer or the tech lead seeps into the quality of the product. Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com | |||
| 14 Dec 2020 | Did Google run out of disk space? - The Google Outage ( Early report ) | 00:07:10 | |
At 3:47 am PST almost all google services went down including, gmail, youtube, drive, docs, meet, nest , google maps and many more. It took close to an hour to bring them back up. We still don’t know what caused this outage, in this video we will try to make sense from what we have gathered so far. A detailed analysis video will follow once we get a response from google symptoms
https://twitter.com/googlecloud/status/1338493015145504770 Google down? Realtime status, issues and outages for the UK | Downdetector | |||
| 26 Jul 2022 | ByteDance makes Linux kernel reboots faster | 00:11:10 | |
ByteDance, the company behind TikTok is proposing few patches to the linux kernel to make kernel reboots via kexec go from 500ms down to 15 ms saving huge time in updating kernel on thousands of machines. Let us discuss this 0:00 Intro 1:30 Linux Kernel Reboot Options 2:30 how kexec works 4:00 The optimization 5:00 Going through the patch 6:00 Updating Servers at TikTok scale 9:00 Summary https://www.phoronix.com/news/Bytedance-Faster-Kexec-Reboot https://lore.kernel.org/lkml/20220725083904.56552-1-huangjie.albert@bytedance.com/ | |||
| 22 Jun 2021 | My thoughts on the ALPACA Attack (Detailed analysis) | 00:42:35 | |
The ALPACA attack stands for application layer protocol confusion attack and discovered by a group of German computer scientists. Let us spend some time analyzing how this attack really works and how dangerous this is. Resources https://alpaca-attack.com/ALPACA.pdf https://var.thejh.net/http_ftp_cross_protocol_mitm_attacks.pdf https://github.com/RUB-NDS/alpaca-code https://github.com/RUB-NDS/alpaca-code/blob/master/testlab/servers/files/nginx-attacker/html/upload/ftps.html https://twitter.com/lambdafu/status/1404567396443164683 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑🏫 Courses I Teach https://husseinnasser.com/courses | |||
| 30 Jun 2020 | Why you can’t run an unencrypted HTTP/2 Server on Port 80 - Protocol Ossification Explained | 00:09:17 | |
In this video, I explain why we can't run unencrypted HTTP/2 or HTTP/3 without enabling TLS. This is because of Protocol Ossification. | |||
| 02 Nov 2020 | Remotely access any TCP/UDP service bound to a victim machine - Let us discuss NAT Slipstreaming | 00:20:32 | |
Ever heard of HTTP Smuggling? will this is smuggling a TCP packet into an HTTP body so that it can be interpreted by the router to open internal ports to your machine. NAT Slipstreaming was discovered by Samy Kamkar, Article and research by @SamyKamkar https://samy.pl/slipstream/ | |||
| 27 Jan 2019 | Episode 83 - Q&A: Programming for GIS | 00:26:57 | |
Vikrant asked a question on Linked: Dear Hussein, I want to learn programming for GIS. Is python useful? I am not very good in programming. Kindly guide. And thanks for the posts.. Programming for GIS really depends on what you are trying to do and how do you want to advance your career. In this podcast we will discuss four kind of areas where you can programming for GIS. GIS Admin Programming GIS Desktop Programming GIS Web Programming GIS Server Programming Enjoy | |||
| 11 Nov 2020 | Opening Old Wounds - Why Uber Engineering Switched from Postgres to MySQL | 00:48:02 | |
An article from 2016 which caused lots of discussions in the software engineering community. We bring it back and open old wounds and discuss it again. 0:00 Intro 3:00 Problems with Architecture of Postgres 4:00 Postgres on-Disk Format 9:45 Replication 13:19 Write Amplification 16:44 Replication Bandwidth 21:16 Data Corruption 24:00 Replica MVCC 31:30 Postgres Upgrades 33:00 MySQL on-Disk Format 37:00 MySQL Replication 40:00 Connection Handling | |||
| 31 Aug 2020 | Envoy Proxy Crash Course, Architecture, L7 & L4 Proxying, HTTP/2, Enabling TLS 1.2/1.3 and more | 01:13:05 | |
Envoy is an open-source L7 proxy and communication bus Originally built at Lyft to move their architecture away from a monolith. In this video, I want to go through the following * What is Envoy? 0:00 * Current & Desired Architecture 0:48 * Envoy Architeture 3:00 * DownStream/Upstream 7:30 * Clusters 9:19 * Listeners 10:50 * Network Filters 11:50 * Connection Pools 13:45 * Threading Model 18:34 * Example 21:25 * Show the 4 apps 24:30 * Install Envoy Brew 26:00 * https://www.getenvoy.io/install/envoy/macos/ * Envoy as a Layer 7 Proxy 27:30 * Proxy to all 4 backend NodeJS services 28:00 * Split load to multiple backends (app1/app2) 40:00 * Block certain requests (/admin) 45:30 * Envoy as a Layer 4 Proxy (tcp router) 47:50 * Create DNS record 54:00 * Enable HTTPS on Envoy (lets encrypt) 55:30 * Enable HTTP/2 on Envoy 1:03:00 * Disable 1.1/1.0 Enable TLS 1.2 and TLS 1.3 ONLY on Envoy 1:04:30 * SSL Labs test 1:06:40 * Summary 1:07:24 Config https://github.com/hnasr/javascript_playground/tree/master/envoy Resources https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/intro/terminology https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/connection_pooling#arch-overview-conn-pool 🏭 Backend Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT 💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2 🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr 🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC 🐘 Postgres Videos https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj 🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r 🧮 Programming Pattern Videos https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe 🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv 🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO 🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX 🔆 Javascript Videos https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM 👾Discord Server https://discord.gg/CsFbFce Become a Member https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join Support me on PayPal https://bit.ly/33ENps4 Become a Patreon https://www.patreon.com/join/hnasr? Stay Awesome, Hussein | |||
| 22 Apr 2021 | Let us discuss the Linux Kernel community and University of Minnesota situation | 00:15:30 | |
There is an ongoing situation with the Linux kernel community and the University of Minnesota Department of Computer Science & Engineering. We discuss this in this episode and I give my opinion
| |||
| 02 Jan 2018 | Episode 02 - Stuck at your job? | 00:09:59 | |
In this episode we discuss how can you make a change to your career. I also talk about my experience a little. Enjoy
| |||
| 15 Jun 2018 | Episode 31 - Arcgis Server Talk | 00:07:21 | |
Discussing arcgis server technology part 1
| |||
| 30 May 2020 | How Does Database Store Tables on Disk? Explained both SSD & HDD | 00:18:55 | |
in this video I explain how database systems store their data on Disk both f from SSD (solid-state drives) and HDD (HarD disk drive). There are many factors that go into that discussion so I tried to cover the high level here. Reseources https://www.extremetech.com/extreme/210492-extremetech-explains-how-do-ssds-work https://www.percona.com/blog/2019/12/18/give-love-to-your-ssds-reduce-innodb_io_capacity_max/ | |||
| 23 Apr 2020 | Why System Design and Architecture is an Art ? | 00:02:34 | |
Creating a software design is an art here is why | |||
| 16 Mar 2019 | Episode 92 - Attribute Rules | 00:09:17 | |
Attribute Rules are scripts that can be authored and placed in the geodatabase to ensure data integrity lets discuss them. | |||
| 29 Sep 2018 | Episode 48 - ArcGIS Server - Asynchronous Geoprocessing Service | 00:05:30 | |
We explain how the asynchronous geoprocessing service works in ArcGIS. We also briefly explain the difference between synchronous vs asynchronous request. Enjoy !
| |||
| 04 Jan 2021 | My Thoughts on How Clever the SolarWinds Hack Really Is | 00:05:30 | |
The SolarWinds hack is one of the largest highly coordinated and intelligent attempt to hit enterprise companies. In this video, I briefly explain how smart this is. | |||
| 12 Jan 2018 | Episode 10 - Scalable Software | 00:14:31 | |
We discuss software scaling in three tiers. The front end, the backend and the middle. We take instagram as an example for all three tiers.
| |||
| 14 Nov 2018 | Episode 65 - ArcGIS Server Talk - 6080 | 00:08:42 | |
Port 6080 is interesting, we talk little bit about it in this episode.
| |||
| 04 Sep 2020 | Your Backend Might not Be Ready for HTTP/2 - Watch This Before Implementing it | 00:17:58 | |
HTTP/2 is a protocol that allows multiplexing which can be very beneficial however HTTP/2 is not always cheap and might not be a good choice for your backend. * Intro 0:00 * What is HTTP/2 ? 1:30 * HTTP/2 Pros 5:10 * HTTP/2 Advantages on Browsers 5:30 * HTTP/2 Advantages on Reverse Proxy Connection Pooling 9:20 * HTTP/2 Problem 11:00 Google Talk https://www.youtube.com/watch?v=xxN4FfwaANk | |||
| 19 Feb 2024 | The Internals of MongoDB | 00:44:57 | |
https://backend.win https://databases.win I’m a big believer that database systems share similar core fundamentals at their storage layer and understanding them allows one to compare different DBMS objectively. For example, How documents are stored in MongoDB is no different from how MySQL or PostgreSQL store rows. Everything goes to pages of fixed size and those pages are flushed to disk. Each database define page size differently based on their workload, for example MongoDB default page size is 32KB, MySQL InnoDB is 16KB and PostgreSQL is 8KB. The trick is to fetch what you need from disk efficiently with as fewer I/Os as possible, the rest is API. In this video I discuss the evolution of MongoDB internal architecture on how documents are stored and retrieved focusing on the index storage representation. I assume the reader is well versed with fundamentals of database engineering such as indexes, B+Trees, data files, WAL etc, you may pick up my database course to learn the skills. Let us get started.
| |||
| 04 Oct 2019 | Episode 108 - Redis | 00:37:42 | |
Redis is a noSQL key-value store, in memory database first that exploded in popularity in the past few years. In this video slash course, we will explain what Redis is, talk about the in-memory model, the optional durability, replication, clustering publish subscribe and the protocol and finally we will go through examples. During the video I will add time codes to each topic so you guys can jump to the topic that interests you the most. Table of Content and TimeCodes Redis as a NoSQL In Memory Key-Value store 3:49Optional Durability 10:00Transport Protocol 15:10Pub/Sub 18:24Replication and Clustering 20:40Examples 23:41Spin Docker 26:10Command CLI 28:50Set key 30:30 get key 31:00Set key with expiry 31:10exists key 32:00del 32:30 append key 32:50 publish subscribe 33:30 Commands Docker run --name redis -p 6379:6379 redis docker exec -it rdb redis-cli Cards 4:25 ACID! Support me on PayPal https://bit.ly/33ENps4 Become A Patron https://www.patreon.com/join/hnasr? | |||
| 24 Nov 2018 | Episode 69 - The Beauty of HTTP | 00:06:04 | |
We discuss the HTTP protocol and explain its elegance and how it is powering the microservices architecture.
| |||
| 12 Apr 2020 | Main Difference between Asynchronous, Multithreading and Multiprocessing Programming | 00:15:32 | |
In this video I explain the main difference between asynchronous execution, multithreading and multiprocessing programming. There are advantages and disadvantages of each approach.
Threads are evil https://web.stanford.edu/~ouster/cgi-bin/papers/threads.pdf sync vs async, multithreading vs multiprocessing, multithreading async, threading | |||
| 01 Nov 2024 | Six stages of a good software engineer | 00:39:27 | |
You get better as a software engineer when you go through these stages. 0:00 Intro 1:15 Understand a technology 7:07 Articulate how it works 15:30 Understand its’ limitations 19:48 Try to build something better 27:45 Realize what you built also has limitations 32:48 Appreciate the original tech as is
We use technologies all the time without knowing how it works. And it is ok not knowing how things work if interests isn’t there. But when there is interest to understand how something works, pursue it. It feels good when you understand how something works because you work better with it, you swim with the tide instead of against it. When I learned how TCP/IP work.. you would appreciate every connection request, how you read requests. You will ask questions, what is my code doing here? When exactly I’m creating connections? When am I reading from the connection? Is it safe to share connections?
This one is not easy, you might think you understand something until you try to explain how it works. If you find yourself using jargon you probably don’t understand and you just try to impress others. Have you seen people who want to talk about something to show they understand it? It’s the opposite. Try to truly articlate how it works, you will really understand it , back to 1. I thought I understand how backend reads requests until I tried to speak to it.
Once 1,2 are done you will truly understand the tech, now you are confidant, you are excited about the tech and you will truly see when you can use the tech to its full potential and also know the weak points of the tech where it breaks, this happens a lot with TCP/IP. We know tcps limitations.
This one is optional and can be skipped, but attempting to design or building something better then the tech because you know the limitations will truly reveal how you became better. But the challenge here is the ego, you might understand the limitations but you problem is thinking that what you will build is flawless. This step must be proceed with caution.
Dust settles.. this step hurts, and you may take a while to realize it, but whatever you build will have flaws… and when you realize this it is when you get better as an engineer.
This is when you are back full circle you are back to the first stage, look at the technology and understand it but don’t judge it.. just know the limitations and its strength and flow with it. Stop fighting and instead build around a tech, does that mean you shouldn’t build anything new, of course not. Go build, but don’t stress around making something better to defeat existing tech. But actually build it for building it. | |||
