Category Archives: development

How to identify a hack

This is in programming 101 – how to correctly identify a hack

Advertisements

Learning from the Amazon AWS Outage

I’m a old schooler, I have been programing and dealing with computer systems since mid 1990’s. At that time we did not had all of the cool tools that we have today and everything was dealt with paranoia.

In another words what I’m trying to say is that from experience, there are ways to deal with situations when the sh** hit’s the fan.

Today’s Amazon AWS outage (can’t call a hiccup something that is lasting more than half an hour) either brought down or slowed down sites all over the world. This could have been avoided if business had a simple contingency plan.

Most of today’s mid and large sized web applications use a third party service to host the application, databases, etc. With the increasing demand the Cloud services become more and more popular and the migration of in-house service to third-party service just become natural. If the server died on the third-party, they could replace it with a faster time than if done in-house. With similar reasons the in-house servers became relic and the contingency plan become forgotten. No one would guess that a whole data-warehouse would go down right !?

For whatever reason today Amazon AWS service went down on US-Area-1 (or Virginia) and they stayed (or still are) down for a considerable time. The question that you should be doing right now is: What had to be done to prevent my web application to go offline or slower because one or more servers (doesn’t matter the type – app or db) are offline?

I’m not a DevOPS and I really can’t go deep on the subject, but based on experience (or simply paranoia), here  is an idea. Everything today is distributed, so it should be your server instances under the load balancer. Truth is whoever doesn’t have that today probably got the web application fully offline.

In defense of Amazon AWS, you can choose the areas of service of your servers and, with the exception of Virginia, all the other service areas are working just fine. Even knowing that is pretty bad that a whole area got knocked off, your application should not if you have the server instances correctly setup.

I might be saying the obvious here, but I recall a friend telling me that he was at a conference and all other participants that worked on very large websites were spooked because he mentioned that he had all his server instances with only one single service provider.

Obvious or not every business should prepare a contingency plan. A plan that will give answers and restore it to full working conditions in no or little time in the case of the worst case scenario.


The worst type of website failure

This is a small story, that happened with me this weekend and I will post it bellow so you can also see the worst, in my opinion, type of failure of a website.

Yesterday I was set to change my current cable provider to Comcast. The reason was simple, prices. Compared to my current cable provider, Advanced Cable, they have a lower price for the same features.

Anyway, I have checked for my address, started a chat with a representative and selected a product to go on. After a long talk with the representative and correctly setting all the points that I needed to go on with the order my checkout was blocked with a message: Please call the Xfinity customer support to finish this checkout. Your address could not be found on the database.

That immediately issued a red flag for me. Calling about my address not being on the database? Ok. I’m not a client so that might be it, but still that can’t be good.

Called customer support and I heard the bad news: We cant provide service in City. You will have to go with Advanced Cable (witch is my current provider).

Until I have got to this point I have spent at least 2 hours planning, talking with reps, setting everything online and everything was pointing out to be good. The address checked, I had a good product option, prices were good. I was even considering to accept a contract, but it failed.

Why does the  Comcast website says that you can provide service to my address and the customer support on the phone says that it cant?

Regardless of the reason that is a horrible mistake. A potential client went through a very long process to checkout, could not checkout and even if he wanted to, he would not be able to checkout. This is a horrible logic error because that information should have been validated on the beginning of the process.

The “bug” here is simple. If this was a shopping cart, it would be the same as letting a shopper to purchase a specialty product in USA that can only be sold in Europe. If the validation of the shopping cart was done in the begging of the process there is a good chance that, if possible, the client would still keep shopping for other products. In the case of Comcast and me, I couldn’t go further even if I wanted to, but I would consider them if I ever changed of address.


Improve performance: Save the Request and Use Signed Cookies

These are 2 ideas that I have just heard on a presentation. To gain performance with your application, save the requests (dont worry much with pageload) and use a signed cookie to autenticate uses instead of checking the sessions.

The save the requests concept is pretty simple: If you browser already cached something, unless you really need to reload that file, save that request and let it cached. For example, don’t change an image name or add an identifier to a css file unless strictly needed. That will save a request, therefore gaining performance.

The signed cookie is an interesting concept. If you take a look, the read time to the database (or cache mechanism) to check if the use is authenticated is greater than your application checking for a signed cookie. Read the cookie and if is there, authenticate the user.

I really did like these 2 ideas and probably will start using them on my apps. Anyway, sharing the tip.


Myths and truths about Developers

This post was originally from VidaDeProgramador – a Braziliam blog that has charges and articles about the daily fun life of a developer.
It was so fun to read that a full translation is bellow:
—–||—–
The stereotype of a developer is usually generalized and inaccurate. So I decided to write this article to demystify this stereotype to a more accurate one. Based out of common sense will tell if it is true or false and why.

A developers life resolves to computers only.

LIE. There are also gadgets, video games, …

Programmers do not like women (genre generalization).

LIE. We  just do not consider essential in 100% of the time (as it is essential to any device connected to the Internet).

Computer programmers know everything.

TRUTH. But I do not want to show off, so do not ask to fix your computer / printer / something like that-not to disturb the exercise of humility.

All programmers are addicted to coffee.

LIE. There are programmers who live without coffee. Addicted to coffee  only the good programmers. [ROTFL]

Programmers are people with no social life.

LIE. Developers have much social life (they are registered in almost all social networks).

Programmer does not sleep.

LIE. Programmer sleep. But only in time that can not.

You have to learn to program in Linux to know programming.

LIE. The logic in the assertion is obviously reversed: You have to know programmingto learn how to program in Linux. [love this one]

Programmers are more intelligent than other creatures.

TRUTH. This will not explain, because: 1. If you are a programmer already knows that.2. If not, will not understand the explanation. [LOL]


Working from home

This is me working from home today.


3 cool tools for Chrome

All of them a must have:


User requirements

Somedays you just read a piece of creativity and brilliance that is worth to share. Got this one from Twitter (RT) that I have translated to the proper english.

The platypus is a duck that the programmer created by following requirements given by the user.

To add to that: Bugs is what we fix so the platypus can be back a duck 🙂


No guesswork, only 80% of acceptance

In a binary world, all you would have to face is yes or no, true or false, zeros or ones. No guesswork, no maybes, nothing less than 100% of acceptance.

Thinking on this I remembered this strange concept that I learned in College (a bit ago):

“There is no guesswork on Computer Science, only 80% of acceptance

or change of rules from the part of the client.”

For me that is pure “bs”! Use a Turing Machine for each module and you will get the 95% right (leave 5% for Murphy’s Law).

 


Google WAVE is a gonner

No wonder Google pulled the plug on this. It was a confusing service to understand why to use it… let’s face it when you are thinking in about collaboration online you are looking for whiteboards with the use of voice and screen sharing. Editing documents online where you can text while editing, just didn’t make sense.

Anyway, more details on the un-plug: http://online.wsj.com/article/SB10001424052748704017904575409873762885194.html?mod=googlenews_wsj


%d bloggers like this: