Winamp Logo
The Backend Engineering Show with Hussein Nasser Cover
The Backend Engineering Show with Hussein Nasser Profile

The Backend Engineering Show with Hussein Nasser

English, Technology, 1 season, 514 episodes, 14 hours, 18 minutes
About
Welcome to the Backend Engineering Show podcast with your host Hussein Nasser. If you like software engineering you’ve come to the right place. I discuss all sorts of software engineering technologies and news with specific focus on the backend. All opinions are my own. Most of my content in the podcast is an audio version of videos I post on my youtube channel here http://www.youtube.com/c/HusseinNasser-software-engineering Buy me a coffee https://www.buymeacoffee.com/hnasr ?‍? Courses I Teach https://husseinnasser.com/courses
Episode Artwork

They made Python faster with this compiler option

Fundamentals of Operating Systems Course https://oscourse.win Looks like fedora is compiling cpython with the -o3 flag, which does aggressive function inlining among other optimizations. This seems to improve python benchmarks performance by at most 1.16x at a cost of an extra 3MB in binary size (text segment). Although it does seem to slow down some benchmarks as well though not significantly. O1 - local register allocation, subexpression elimination O2 - Function inlining only small functions O3 - Agressive inlining, SMID 0:00 Intro 1:00 Fedora Linux gets Fast Python 5:40 What is Compiling? 9:00 Compiling with No Optimization 12:10 Compiling with -O1 15:30 Compiling with -O2 20:00 Compiling with -O3 23:20 Showing Numbers Backend Troubleshooting Course https://performance.husseinnasser.com
5/7/202429 minutes, 4 seconds
Episode Artwork

How Apache Kafka got faster by switching ext4 to XFS

https://oscourse.win Allegro improved their Kafka produce tail latency by over 80% when they switched from ext4 to xfs. What I enjoyed most about this article is the detailed analysis and tweaking the team made to ext4 before considering switching to xfs. This is a classic case of how a good tech blog looks like in my opinion.  0:00 Intro 0:30 Summary 2:35 How Kafka Works? 5:00 Producers Writes are Slow 7:10 Tracing Kafka Protocol  12:00 Tracing Kernel System Calls 16:00 Journaled File Systems 21:00 Improving ext4 26:00 Switching to XFS Blog https://blog.allegro.tech/2024/03/kafka-performance-analysis.html
4/29/202433 minutes, 52 seconds
Episode Artwork

Google Patches Linux kernel with 40% TCP performance

Get my backend course https://backend.win Google submitted a patch to Linux Kernel 6.8 to improve TCP performance by 40%, this is done via rearranging the tcp structures for better cpu cache lines, I explore this here. 0:00 Intro 0:30 Google improves Linux Kernel TCP by 40% 1:40 How CPU Cache Line Works 6:45 Reviewing the Google Patch https://www.phoronix.com/news/Linux-6.8-Networking https://lore.kernel.org/netdev/[email protected]/ Discovering Backend Bottlenecks: Unlocking Peak Performance https://performance.husseinnasser.com
3/5/202413 minutes, 35 seconds
Episode Artwork

Database Torn pages

0:00 Intro 2:00 File System Block vs Database Pages 4:00 Torn pages or partial page 7:40 How Oracle Solves torn pages 8:40 MySQL InnoDB Doublewrite buffer 10:45 Postgres Full page writes
2/29/202415 minutes, 33 seconds
Episode Artwork

Cloudflare Open sources Pingora (NGINX replacement)

Get my backend course https://backend.win Cloudflare has announced they are opening sources Pingora as a networking framework! Big news, let us discuss  0:00 Intro 0:30 Reasons why Cloudflare built Pingora? 3:00 It is a framework!  7:30 What in Pingora? 11:50 Security in Pingora 13:45 Multi-threading in Pingora 21:00 Customization vs Configuration 25:00 Summary ⁠https://blog.cloudflare.com/pingora-open-source/?utm_campaign=cf_blog&utm_content=20240228&utm_medium=organic_social&utm_source=twitter⁠
2/28/202431 minutes, 5 seconds
Episode Artwork

The Internals of MongoDB

https://backend.win https://databases.win I’m a big believer that database systems share similar core fundamentals at their storage layer and understanding them allows one to compare different DBMS objectively. For example, How documents are stored in MongoDB is no different from how MySQL or PostgreSQL store rows.  Everything goes to pages of fixed size and those pages are flushed to disk.  Each database define page size differently based on their workload, for example MongoDB default page size is 32KB, MySQL InnoDB is 16KB and PostgreSQL is 8KB. The trick is to fetch what you need from disk efficiently with as fewer I/Os as possible, the rest is API.   In this video I discuss the evolution of MongoDB internal architecture on how documents are stored and retrieved focusing on the index storage representation. I assume the reader is well versed with fundamentals of database engineering such as indexes, B+Trees, data files, WAL etc, you may pick up my database course to learn the skills. Let us get started.
2/19/202444 minutes, 57 seconds
Episode Artwork

The Beauty of Programming Languages

In this video I explore the type of languages, compiled, garbage collected, interpreted, JIT and more. 
2/19/202417 minutes, 33 seconds
Episode Artwork

The Danger of Defaults - A PostgreSQL Story

I talk about default values and how PostgreSQL 14 got slower when a default parameter has changed. Mike's blog https://smalldatum.blogspot.com/2024/02/it-wasnt-performance-regression-in.html
2/18/202411 minutes, 34 seconds
Episode Artwork

Database Background writing

Background writing is a process that writes dirty pages in shared buffer to the disk (well goes to the OS file cache then get flushed to disk by the OS) I go into this process in this video
2/16/20249 minutes, 8 seconds
Episode Artwork

The Cost of Memory Fragmentation

Fragmentation is a very interesting topic to me, especially when it comes to memory. While virtually memory does solve external fragmentation (you can still allocate logically contiguous memory in non-contiguous physical memory) it does however introduce performance delays as we jump all over the physical memory to read what appears to us for example as contiguous array in virtual memory. You see, DDR RAM consists of banks, rows and columns. Each row has around 1024 columns and each column has 64 bits which makes a row around 8kib. The cost of accessing the RAM is the cost of “opening” a row and all its columns (around 50-100 ns) once the row is opened all the columns are opened and the 8 kib is cached in the row buffer in the RAM. The CPU can ask for an address and transfer 64 bytes at a time (called bursts) so if the CPU (or the MMU to be exact) asks for the next 64 bytes next to it, it comes at no cost because the entire row is cached in the RAM. However if the CPU sends a different address in a different row the old row must be closed and a new row should be opened taking an additional 50 ns hit. So spatial access of bytes ensures efficiency, So fragmentation does hurt performance if the data you are accessing are not contiguous in physical memory (of course it doesn’t matter if it is contiguous in virtual memory). This kind of remind me of the old days of HDD and how the disk needle physically travels across the disk to read one file which prompted the need of “defragmentation” , although RAM access (and SSD NAND for that matter) isn’t as bad. Moreover, virtual memory introduces internal fragmentation because of the use of fixed-size blocks (called pages and often 4kib in size), and those are mapped to frames in physical memory. So if you want to allocate a 32bit integer (4 bytes) you get a 4 kib worth of memory, leaving a whopping 4092 allocated for the process but unused, which cannot be used by the OS. These little pockets of memory can add up as many processes. Another reason developers should take care when allocating memory for efficiency.
1/29/202439 minutes, 7 seconds
Episode Artwork

The Real Hidden Cost of a Request

In this video I explore the hidden costs of sending a request from the frontend to the backend Heard https://medium.com/@hnasr/the-journey-of-a-request-to-the-backend-c3de704de223
12/13/202313 minutes, 8 seconds
Episode Artwork

Why create Index blocks writes

Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com Why create Index blocks writes In this video I explore how create index, why does it block writes and how create index concurrently work and allow writes. 0:00 Intro 1:28 How Create Index works 4:45 Create Index blocking Writes 5:00 Create Index Concurrently
10/28/202312 minutes, 4 seconds
Episode Artwork

Consider this before migrating the Backend to HTTP/3

HTTP/3 is getting popular in the cloud scene but before you migrate to HTTP/3 consider its cost. I explore it here. 0:00 Intro HTTP/3 is getting popular 3:40 HTTP/1.1 Cost 5:18 HTTP/2 Cost 6:30 HTTP/3 Cost https://blog.apnic.net/2023/09/25/why-http-3-is-eating-the-world/
10/5/202312 minutes, 19 seconds
Episode Artwork

Encrypted Client Hello - The Pros & Cons

The Encrypted Client Hello or ECH is a new RFC that encrypts the TLS client hello to hide sensitive information like the SNI. In this video I go through pros and cons of this new rfc. 0:00 Intro 2:00 SNI 4:00 Client Hello 8:40 Encrypted Client Hello 11:30 Inner Client Hello Encryption 18:00 Client-Facing Outer SNI 21:20 Decrypting Inner Client Hello 23:30 Disadvantages 26:00 Censorship vs Privacy ECH https://blog.cloudflare.com/announcing-encrypted-client-hello/ https://chromestatus.com/feature/6196703843581952
9/29/202331 minutes, 52 seconds
Episode Artwork

The Journey of a Request to the Backend

From the frontend through the kernel to the backend processWhen we send a request to a backend most of us focus on the processing aspect of the request which is really just the last step. There is so much more happening before a request is ready to be processed, most of this step happens in the Kernel. I break this into 6 steps, each step can theoretically be executed by a dedicated thread or process. Pretty much all backends, web servers, proxies, frameworks and even databases have to do all these steps and they all do choose to do it differently. Grab my backend performance course https://performance.husseinnasser.com 0:00 Intro 3:50 What is a Request? 10:14 Step 1 - Accept  21:30 Step 2 - Read 29:30 Step 3 - Decrypt 34:00 Step 4 - Parse 40:36 Step 5 - Decode 43:14 Step 6 - Process Medium article https://medium.com/@hnasr/the-journey-of-a-request-to-the-backend-c3de704de223
8/1/202352 minutes, 14 seconds
Episode Artwork

They Enabled Postgres Partitioning and their Backend fell apart

In a wonderful blog, Kyle explores the pains he faced managing a Postgres instance for a startup he works for and how enabling partitioning sigintfically created wait events causing the backend and subsequently NGINX to through 500 errors. We discuss this in this video/podcast https://www.kylehailey.com/post/postgres-partition-pains-lockmanager-waits
6/24/202332 minutes, 40 seconds
Episode Artwork

WebTransport - A Backend Game Changer

WebTransport is a cutting-edge protocol framework designed to support multiplexed and secure transport over HTTP/2 and HTTP/3. It brings together the best of web and transport technologies, providing an all-in-one solution for real-time, bidirectional communication on the web. Watch full episode (subscribers only) https://spotifyanchor-web.app.link/e/cTSGkq5XuAb
6/9/202315 minutes, 1 second
Episode Artwork

Your SSD lies but that's ok | Postgres fsync

fsync is a linux system call that flushes all pages and metadata for a given file to the disk. It is indeed an expensive operation but required for durability especially for database systems. Regular writes that make it to the disk controller are often placed in the SSD local cache to accumulate more writes before getting flushed to the NAND cells. However when the disk controller receives this flush command it is required to immediately persist all of the data to the NAND cells. Some SSDs however don't do that because they don't trust the host and no-op the fsync. In this video I explain this in details and go through details on how postgres provide so many options to fine tune fsync 0:00 Intro 1:00 A Write doesn’t write 2:00 File System Page Cache 6:00 Fsync 7:30 SSD Cache 9:20 SSD ignores the flush 9:30 15 Year old Firefox fsync bug 12:30 What happens if SSD loses power 15:00 What options does Postgres exposes? 15:30 open_sync (O_SYNC) 16:15 open_datasync (O_DSYNC) 17:10 O_DIRECT 19:00 fsync 20:50 fdatasync 21:13 fsync = off 23:30 Don’t make your API simple 26:00 Database on metal?
5/25/202330 minutes, 4 seconds
Episode Artwork

The problem with software engineering

ego is the main problem to a defective software product. the ego of the engineer or the tech lead seeps into the quality of the product. Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com
5/21/202317 minutes, 39 seconds
Episode Artwork

2x Faster Reads and Writes with this MongoDB feature | Clustered Collections

Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com In version 5.3, MongoDB introduced a feature called clustered collection which stores documents in the _id index as oppose to the hidden wiredTiger hidden index. This eliminates an entire b+tree seek for reads using the _id index and also removes the additional write to the hidden index speeding both reads and writes.  However like we know in software engineering, everything has a cost. This feature does come with a few that one must be aware of before using it. In this video I discuss the following  How Original MongoDB Collections Work How Clustered Collections Work Benefits of Clustered Collections Limitations of Clustered Collections  
5/11/202327 minutes, 1 second
Episode Artwork

Prime Video Swaps Microservices for Monolith: 90% Cost Reduction

Prime video engineering team has posted a blog detailing how they moved their live stream monitoring service from microservices to a monolith reducing their cost by 90%, let us discuss this 0:00 Intro 2:00 Overview 10:35 Distributed System Overhead 21:30 From Microservices to Monolith 29:00 Scaling the Monolith 32:30 Takeaways https://www.primevideotech.com/video-streaming/scaling-up-the-prime-video-audio-video-monitoring-service-and-reducing-costs-by-90 Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com
5/6/202335 minutes, 58 seconds
Episode Artwork

A Deep Dive in How Slow SELECT * is

Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com In a row-store database engine, rows are stored in units called pages. Each page has a fixed header and contains multiple rows, with each row having a record header followed by its respective columns. When the database fetches a page and places it in the shared buffer pool, we gain access to all rows and columns within that page. So, the question arises: if we have all the columns readily available in memory, why would SELECT * be slow and costly? Is it really as slow as people claim it to be? And if so why is it so? In this post, we will explore these questions and more. 0:00 Intro 1:49 Database Page Layout 5:00 How SELECT Works 10:49 No Index-Only Scans 18:00 Deserialization Cost 21:00 Not All Columns are Inline 28:00 Network Cost 36:00 Client Deserialization https://medium.com/@hnasr/how-slow-is-select-8d4308ca1f0c
5/2/202339 minutes, 23 seconds
Episode Artwork

AWS Serverless Lambda Supports Response Streaming

Lambda now supports Response payload streaming, now you can flush changes to the network socket as soon as it is available and it will be written to the client socket. I think this is a game changing feature 0:00 Intro 1:00 Traditional Lambda 3:00 Server Sent Events & Chunk-Encoding 5:00 What happens to clients? 6:00 Supported Regions 7:00 My thoughts Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com
4/7/202313 minutes, 14 seconds
Episode Artwork

The Cloudflare mTLS vulnerability - A Deep Dive Analysis

Cloudflare released a blog detailing a vulnerability that has been in their system for nearly two years. it is related to mTLS or mutual TLS and specifically client certificate revocation. I explore this in details 0:00 Intro 3:00 The Vulnerability 7:00 What happened? 8:50 Certificate Revocation 12:30 Rejecting certain endpoints 17:00 Certificate Authentication 20:30 Certificate serial number 24:00 Session Resumption (PSK) 35:00 The bug 37:00 How they addressed the problem Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com
4/6/202343 minutes, 13 seconds
Episode Artwork

The Virgin Media ISP outage - What happened?

BGP (Border gateway protocol) withdrawals caused the Virgin media ISP customers to lose their Internet connection. I go into details on this video. 0:00 Intro 2:00 What happened? 4:11 How BGP works? 11:50 Version media withdrawals 15:00 Deep dive Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com
4/6/202323 minutes, 23 seconds
Episode Artwork

GitHub SSH key is Leaked - How bad is this?

GitHub Accidentally Exposed their SSH RSA Private key, this is the message you will get . @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been changed. The fingerprint for the RSA key sent by the remote host is SHA256:uNiVztksCsDhcc0u9e8BujQXVUpKZIDTMczCvj3tD2s. Please contact your system administrator. Add correct host key in ~/.ssh/known_hosts to get rid of this message. Host key for github.com has changed and you have requested strict checking. Host key verification failed. In this video I discuss how bad is this,. 0:00 Intro 1:10 What happened? 3:00 SSH vs TLS Authentication 6:00 SSH Connect 7:45 How bad is the github leak? 15:00 What should you do? 18:50 Is ECDSA immune? https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/
3/30/202321 minutes, 56 seconds
Episode Artwork

Cookie Hijacking - How Linus Tech Tips got Hacked

How Linus Tech Tips channel got Hacked In this short video we explain how was it possible for Linux to get hacked with cookies hijacking. 0:00 Intro 0:47 TLDR what happened 5:10 Cookies in Chrome 7:30 Cookies Hijacking 8:46 Session Tokens (Access/Refresh) 10:00 Remedies
3/29/202313 minutes, 33 seconds
Episode Artwork

All Postgres Locks Explained | A Deep Dive

Get my database engineering course https://database.husseinnasser.com In this video I do a deep dive in all locks obtained by postgres, I learned a lot while making this video and hope you enjoy it.  0:00 Intro  2:30 What are Locks?  5:30 Overview of Postgres Locks 9:10 Table-Level Locks 11:40 ACCESS EXCLUSIVE 17:40 ACCESS SHARE 19:00 ROW SHARE 20:15 ROW EXCLUSIVE 21:15 SHARE UPDATE EXCLUSIVE 23:30 SHARE 24:50 SHARE ROW EXCLUSIVE 25:18 EXCLUSIVE 25:30 Table Lock Conflict Matrix 28:30 Row-Level Locks 30:00 FOR UPDATE 33:00 FOR NO KEY UPDATE 34:00 FOR SHARE 34:40 FOR KEY SHARE 35:10 Row Lock Conflict Matrix 39:25 Page-Level Locks 42:00 Deadlocks 46:00 Advistory Locks 47:20 Summary https://www.postgresql.org/docs/current/explicit-locking.html
3/19/202349 minutes, 11 seconds
Episode Artwork

Pinterest moves to HTTP/3

Pinterest moves to HTTP/3 on all their clients and edge CDNs this year. They witnessed interesting gains but not without good lesson learned. The main one was the mismatch of alt-svc vs DNS ttls. I cover this on the next episode of the backend engineering course. 0:00 Intro 2:00 Moving h2 to h3 through alt-svc 5:00 Why HTTP/3 6:00 HTTP/1 vs HTTP/2 9:00 TCP Head of Line blocking in HTTP/2 11:00 How HTTP/3 addresses HOL 12:15 Connection Migration 13:30 Stream level congestion control 14:10 1-RTT - 0-RTT 15:41 Pinterest challenges moving HTTP/3 19:00 Migration 21:15 Future work 22:30 Summary article https://medium.com/pinterest-engineering/pinterest-is-now-on-http-3-608fb5581094 Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com
3/16/202325 minutes, 53 seconds
Episode Artwork

Why Loom Users got each others’ sessions on March 7th 2023

On March 7 2023, Loom users started seeing each others data as a result of cookies getting leaked from the CDN. This loom security breach is really critical. Let us discuss   0:00 Intro 1:00 Why Cookies 2:00 How this happens 5:50 What caused it? 7:30 How Loom solved it? 8:20 Reading the RCA 10:30 Remedies
3/14/202314 minutes, 58 seconds
Episode Artwork

How Discord Stores Trillions of Messages - A deep dive

Discord engineering goes into details of how they migrated from Cassandra to ScyllaDB, improved the performance of their reads and writes and rearchitected their backend to support the new load. It is an interesting episode lets get into it 0:00 Intro 1:50 Relational vs Distributed 7:00 The Cassandra Troubles 11:00 SnowFlake vs UUID 14:30 B+Tree 19:20 B+Tree and SSDs 25:30 LSM Trees 31:00 Hot partitions 36:00 Cassandra Garbage Collector Pauses 40:00 Changing the Architecture 45:00 The Data Services 55:00 The Migration 1:02:00 Zoned Named Spaces 1:04:00 Summary Article here How Discord Stores Trillions of Messages https://discord.com/blog/how-discord-stores-trillions-of-messages
3/11/20231 hour, 9 minutes, 20 seconds
Episode Artwork

Postgres Architecture | The Backend Engineering Show

Creating a listener on the backend application that accepts connections is simple. You listen on an address-port pair, connection attempts to that address and port will get added to an accept queue; The application accepts connections from the queue and start reading the data stream sent on the connection. However, what part of your application does the accepting and what part does the reading and what part does the execution? You can architect your application in many ways based on your use cases. I have a medium post just exploring the different options. In this video I explore the PostgreSQL process architecture in details. Please note that the information here is derived from both the Postgres doc and code. Discussions about scalability and performance are solely based on my opinions. 0:00 Intro 1:30 Overview 3:30 Postgres MVCC 5:30 Processes vs Threads 7:40 Postmaster Process 8:00 Backend Processes 13:30 Shared Buffers 14:52 Background Workers 17:18 Auxiliary Processes 17:45 Background Writer 22:30 Checkpointer 23:40 Logger 24:06 Autovacuum Launcher and Workers 25:30 WAL Processes 28:53 Startup Process Read full article https://medium.com/@hnasr/postgresql-process-architecture-f21e16459907
2/16/202334 minutes, 4 seconds
Episode Artwork

How Alt-Svc switches HTTP/2 clients to use HTTP/3 | The Backend Engineering Show

The Alt-Svc header/frame is a capability that allows the server to adverse alternative services to the connected application available in protocols, ports or domains. It is available as a response header alt-svc and also as an HTTP/2 frame. Let us discuss this capability. 0:00 Intro 1:38 what is alt-svc? 5:30 uses of h3 in alt-svc 8:00 alt-svc header 10:00 Alt-svc header with 103 early hints 14:48 h2 altsvc frame 18:30 SVCB DNS record 21:20 Summary Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com
2/13/202323 minutes, 58 seconds
Episode Artwork

Your DNS queries will eventually look like this (0x20 DNS encoding)

Correction: Google is implementing the proposal originally submitted by researchers from Georgia institute of tech. I incorrectly said in the video that google is proposing this . Google is finally implementing a proposal from 2008 by researchers from Georgia institute of technology to make DNS cache poisoning . https://astrolavos.gatech.edu/articles/increased_dns_resistance.pdf https://datatracker.ietf.org/doc/html/draft-vixie-dnsext-dns0x20-00 0:00 Intro 2:00 How DNS Work 5:00 DNS Cache Poisoning 14:00 gOoGLe dot CoM 16:20 ASCII 0x20 casing 18:30 Randomizing the casing with encryption 22:30 limitations of this proposal 24:00 Credits
1/28/202326 minutes, 20 seconds
Episode Artwork

DropBox Removed their SSDs, got 20% faster writes

https://dropbox.tech/infrastructure/increasing-magic-pocket-write-throughput-by-removing-our-ssd-cache-disks In this episode of the backend engineering show I’ll discuss how Dropbox improved their write through put by 20% by removing all their SSDs (yes I was surprised too). DropBox uses an SSD layer as a write-back cache with SMR drives as their backend persistent storage. They changed their model to write directly to the hard drives. 0:00 Intro 2:00 Article Summary 3:00 SMR Drives 6:00 SSD Cache & WriteBack 8:00 Replacing Cache 9:30 Storage Engine Background 14:30 Why did they do it 15:00 The limitation of SSDs & Zoned Namespaces 19:30 Updating the Storage Engine 22:30 Tradeoffs 26:00 Rollout 28:00 Summary
1/24/202331 minutes, 18 seconds
Episode Artwork

MySQL on HTTP/3 | The Backend Engineering Show

The communication between backend applications and database systems always fascinated me. The protocols keep evolving and we are in constant search for an efficient protocol that best fit the workload of Backend-DB communication. In this episode of the backend engineering show I go through a blog written by  @PlanetScale  doing an experimentation of using HTTP/3 and HTTP/2 comparing it with MySQL Binary protocol. https://planetscale.com/blog/faster-mysql-with-http3 0:00 Intro 7:45 MySQL Binary vs HTTP 10:20 The Tests 15:00 Connection Cost + Select 1 22:00 Parallel Select 26:00 The cost of H2 and H3
1/5/202337 minutes, 10 seconds
Episode Artwork

How Shopify’s engineering improved writes by 50% with ULID | The Backend Engineering Show

Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com Shopify posted a blog on tips to for scalable payment system, one tip peeked my interest related to switching from UUID to ULID. I explore the reasoning behind this in this video. https://shopify.engineering/building-resilient-payment-systems 0:00 Intro 1:30 idempotency 6:30 UUID vs ULID 9:50 Clustered Index 13:30 Why UUID4 Inserts are slow 17:15 How ULID helps Shopify 22:00 Problem with tail pages 25:00 Does ULID help in all cases? Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com
12/23/202232 minutes, 10 seconds
Episode Artwork

MongoDB Internal Architecture | The Backend Engineering Show

I’m a big believer that database systems share similar core fundamentals at their storage layer and understanding them allows one to compare different DBMS objectively. For example, How documents are stored in MongoDB is no different from how MySQL or PostgreSQL store rows. Everything goes to disk, the trick is to fetch what you need from disk efficiently with as fewer I/Os as possible, the rest is API.  In this video I discuss the evolution of MongoDB internal architecture on how documents are stored and retrieved focusing on the index storage representation. I assume the reader is well versed with fundamentals of database engineering such as indexes, B+Trees, data files, WAL etc, you may pick up my database course to learn the skills. Let us get started. Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com
12/16/202244 minutes, 13 seconds
Episode Artwork

How UI/UX can break the backend

The User Interface/User Experience has great impact on the backend architecture and scalability. In this podcast I discuss three UI/UX that affected backend design and scalability. 0:00 Intro 1:40 UI vs UX 4:30 Google Chrome OmniBox 12:30 1 out of X Page 20:00 YouTube Notification Resources https://blog.apnic.net/2020/08/21/chromiums-impact-on-root-dns-traffic/ Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com
12/1/202230 minutes, 35 seconds
Episode Artwork

Do DHCP and DNS Servers Communicate?

In this video I explain how DHCP work and how it updates DNS entries for new hosts joining the network. I'll also mention Zero Config 0:00 Intro 1:00 the Network configuration 6:00 Showing DHCP in Wireshark 6:30 DHCP Discover 14:40 DHCP Offer 19:00 DHCP Request 21:30 DHCP ACK 22:00 How DHCP Updates DNS 26:15 Zero Configuration (mDNS, Link-local) Resources Dhcp https://datatracker.ietf.org/doc/html/rfc1541 Dynamic updates , dhcp RFC2136 https://datatracker.ietf.org/doc/html/rfc2136 https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr_dhcp/configuration/xe-3se/3850/dhcp-xe-3se-3850-book/dhcp-client-option-12.pdf RFC 1497 https://www.rfc-editor.org/rfc/rfc1497.html https://www.rfc-editor.org/rfc/rfc6762#ref-Zeroconf Link-local https://www.rfc-editor.org/rfc/rfc3927
11/16/202230 minutes, 27 seconds
Episode Artwork

Compressing Certificates in TLS | The Backend Engineering Show

Fundamentals of Backend Engineering Design patterns udemy course (link redirects to udemy with coupon) https://backend.husseinnasser.com Certificates provide a way to authenticate both the server and the client and are included as part of the TLS handshake. However, the certificates can be large because the full certificate chain is included in the handshake. The large certificates can go up to 10KB in size and take multiple segments to deliver and assemble. RFC 8879 discusses how TLS compression can be achieved, I discuss that in this podcast. Enjoy. 0:00 Intro 4:15 Certificate Chain 6:00 Faking the chain 8:50 Certificate Stores 10:30 Including ROOT cert in the chain 12:00 The performance penalty of large certificate chain 20:15 RFC 8879 TLS Certificate Compression 23:00 How Compression Works in TLS 1.2 vs TLS 1.3 30:30 What could go wrong? Resources https://datatracker.ietf.org/doc/rfc8879/ https://www.rfc-editor.org/rfc/rfc5246 https://www.rfc-editor.org/rfc/rfc6928.html
11/8/202234 minutes, 6 seconds
Episode Artwork

OpenSSL new vulnerability

Two new vulnerabilities in openssl were discovered, we discuss them in this video https://www.openssl.org/news/secadv/20221101.txt
11/6/202210 minutes, 27 seconds
Episode Artwork

TCP Protective Load Balancing coming to Linux Kernel 6.2

Google recent paper on protective load balancing in TCP attempts to improve packet drops and latency by making the host change the flow path using the IPv6 Flow label. The Linux kernels gets the PLB support in Linux 6.2 this December, let us discuss with this is.   
11/3/202214 minutes, 50 seconds
Episode Artwork

When NodeJS I/O Blocks | The Backend Engineering Show

In this episode of the backend engineering show I go through an article I wrote discussing NodeJS Asynchronous I/O https://medium.com/@hnasr/when-nodejs-i-o-blocks-327f8a36fbd4 Learn the fundamentals of network engineering, get my udemy course https://network.husseinnasser.com Buy me a coffee if you liked this  https://www.buymeacoffee.com/hnasr 0:00 3:00 Part 1 Socket/IO 9:48 Part 2 File I/O 12:42 Part 3 DNS 16:22 Part 4 NodeJS Single Threaded 19:10 Part 5 NodeJS Thread Pool 21:23 Part 6 DNS lookup bottleneck in Node
10/12/202225 minutes, 57 seconds
Episode Artwork

NGINX Internal Architecture - Workers | The Backend Engineering Show

Buy me a coffee if you liked this https://www.buymeacoffee.com/hnasr In this podcast I explain the NGINX internal process architecture, how NGINX spins up multiple processes per core, how each process is pinned to a CPU core for minimum context switching,  how NGINX accepts connections , parses requests and talks to the backend.   Get my introduction to NGINX udemy course  https://nginx.husseinnasser.com
10/7/202215 minutes, 54 seconds
Episode Artwork

Cloudflare is moving away from NGINX | The Backend Engineering Show

Cloudflare identified several limitations in NGINX architecture and decided to write their own reverse proxy. 0:00 Intro 1:53 What NGINX is used for 3:37 NGINX Architecture 7:52 NGINX Limitations 17:12 Cloudflare Pingora Buy me a coffee if you liked this https://www.buymeacoffee.com/hnasr Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com Introduction to NGINX (link redirects to udemy with coupon) https://nginx.husseinnasser.com Python on the Backend (link redirects to udemy with coupon) https://python.husseinnasser.com Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join Resources Resources: https://blog.cloudflare.com/how-we-built-pingora-the-proxy-that-connects-cloudflare-to-the-internet/ https://www.nginx.com/blog/socket-sharding-nginx-release-1-9-1/amp/
10/4/202226 minutes, 3 seconds
Episode Artwork

Threads and Connections | The Backend Engineering Show

In this episode of the backend engineering show I discuss the evolution of multi-threading apps, their pros and cons and then I go through 5 threading model and how they interleave with backend connection management between the threads and requests handlings. Enjoy To learn more about networking fundamentals check out my udemy course Fundamentals of Networking for Effective Backends Head to https://network.husseinnasser.com for a discount coupon 0:00 Intro 2:00 Single Threading 6:30 Multi-Threading 14:15 Connection Listener 20:15 How Connections are Established 29:00 Single Listener/Worker thread 33:30 Single Listener, Multiple Worker threads 39:00 Single Listener, Multiple Workers with load balancing 42:10 Multiple Listeners on the same port (SO_REUSEPORT) 45:20 Multiple Single Threaded Backend Buy me a coffee https://www.buymeacoffee.com/hnasr
9/1/202250 minutes, 18 seconds
Episode Artwork

Memcached Architecture | The Backend Engineering Show

Memcached is an in memory cache with one major feature be a transient cache. Memcached has a very simple design. It was originally designed to help with database load by storing the query result in memory to avoid further querying the database. By default it has no authentication, a simple text protocols, servers don’t talk to each other. This video discuss the architecture of the cache, design choices and have some critics of the design choices. I go through a demo at the end using docker, telnet and nodes. Enjoy 0:00 Intro 4:40 What is Memcached? 7:45 Memory management 16:00 LRU 25:17 Threading and Connections 30:40 Read Example 34:30 Write Example 36:17 Write and Read collisions 39:40 Locking 40:30 Distributed Cache 43:30 Memcached with Docker/Telnet/NodeJS 45:00 Spin up a Memcached Docker container and telnet 52:17 Memcached and NodeJS 56:15 Four Memached Servers with NodeJS 01:01:00 Summary Resources https://www.cloudflare.com/learning/ddos/memcached-ddos-attack/ https://holmeshe.me/understanding-memcached-source-code-IV/ https://github.com/memcached/memcached/blob/master/doc/protocol.txt https://docs.oracle.com/cd/E17952_01/mysql-5.6-en/ha-memcached-using-threads.html https://holmeshe.me/understanding-memcached-source-code-I/ https://docs.oracle.com/cd/E17952_01/mysql-5.6-en/ha-memcached-using-memory.html https://support-acquia.force.com/s/article/360005256114-Memcached-in-detail https://www.alibabacloud.com/blog/redis-vs-memcached-in-memory-data-storage-systems_592091 https://www.usenix.org/system/files/conference/nsdi13/nsdi13-final197.pdf https://memcached.org/blog/persistent-memory-2/ https://memcached.org/blog/modern-lru/ Buy me a coffee https://www.buymeacoffee.com/hnasr
8/27/202250 minutes, 29 seconds
Episode Artwork

Is SmartNIC a game changer for network performance? | The Backend Engineering Show

In this episode of the backend engineering show I go through the main job of the network interface controller (NIC for short) and how the datacenter is pushing it to the limit by allowing it to do more TCP/IP processing, creating what is being popularized as smartNIC. 0:00 Intro 1:20 What is a NIC? 3:40 NIC job 8:00 When does the OS get involved 12:40 Promiscuous mode 14:00 SmartNIC 18:30 Disadvantages Resources https://developer.nvidia.com/networking/ethernet-adapters https://www.theregister.com/2022/08/11/smartnics_network_market/ https://arxiv.org/abs/1803.09615 Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com
8/15/202221 minutes, 23 seconds
Episode Artwork

Consistent Hashing | The Backend Engineering Show

In this episode of the backend engineering show I discuss consistent hashing a very important algorithm in distributed computing specially in database systems such as Apache Cassandra and DynamoDB. 0:00 Intro 2:00 Problem of Distributed Systems 5:00 When to Distribute 7:00 Simple Hashing 9:30 Where Simple Hashing Breaks 11:40 Consistent Hashing 18:00 Adding a Server 21:15 Removing a Server 22:30 Limitations Buy me a coffee https://www.buymeacoffee.com/hnasr
8/6/202224 minutes, 42 seconds
Episode Artwork

Replacing TCP for the Datacenter - Discussing the Homa paper

In this episode of the backend engineering show I go through and discuss the Homa Protocol paper which attempts to replace TCP as a protocol in the data centers. I learned a lot from this paper, I have my criticisms of certain aspects, timestamps for topics discussed below. It appears there is a path to replace TCP in the datacenter and professor John tries to explain this path. Referenced materials mentioned in the episode Overview paper https://web.stanford.edu/~ouster/cgi-bin/papers/replaceTcp.pdf Homa 2018 paper (Details) https://people.csail.mit.edu/alizadeh/papers/homa-sigcomm18.pdf NIC Offloading in Linux https://en.wikipedia.org/wiki/TCP_offload_engine#Support_in_Linux Curl disabling Nigel Algo https://github.com/curl/curl/commit/4732ca5724072f132876f520c8f02c7c5b654d9 0:00 Intro 3:00 The nature of networking data center 5:30 TCP Segments 7:30 There is no “Request” in TCP 12:00 What so unique about Data centers? 14:00 Message Throughput vs Data throughput 18:25 Congestion Control 22:38 Homa’s Congestion Control 25:00 Server Core Load Balancing 28:30 NIC offloading 30:00 Everything Wrong about TCP 37:00 Why not QUIC? 40:00 Limitation of Streaming 44:10 Load Balancing Stream Reading 47:15 Can we treat Segments as Messages? 51:00 Dispatching Messages is Easier 53:00 Connection Orientation 1:00:00 Sender Driven Congestion Control 1:03:00 In Order Packet Delivery 1:07:00 DCTCP 1:08:30 Homa is Message Based 1:11:00 Home is Connection Less 1:12:00 Receiver Driven Congestion Control 1:15:19 Out of Order Packets 1:16:20 Homa API is not Compatible with TCP 1:17:40 Will Homa come to HTTP? 1:18:45 Conclusion
8/1/20221 hour, 23 minutes, 44 seconds
Episode Artwork

ByteDance makes Linux kernel reboots faster

ByteDance, the company behind TikTok is proposing few patches to the linux kernel to make kernel reboots via kexec go from 500ms down to 15 ms saving huge time in updating kernel on thousands of machines. Let us discuss this 0:00 Intro 1:30 Linux Kernel Reboot Options 2:30 how kexec works 4:00 The optimization 5:00 Going through the patch 6:00 Updating Servers at TikTok scale 9:00 Summary https://www.phoronix.com/news/Bytedance-Faster-Kexec-Reboot https://lore.kernel.org/lkml/[email protected]/
7/26/202211 minutes, 10 seconds
Episode Artwork

This dangerous OpenSSL vulnerability can easily be triggered | CVE-2022-2274 Explained

We discuss the CVE-2022-2274 OpenSSL Vulnerability. The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. 0:00 Intro 1:00 CVE-2022-2274 3:00 AVX512IFMA CISC 5:00 How the bug works 7:10 How can it be triggered Resources https://www.openssl.org/news/secadv/20220705.txt https://github.com/openssl/openssl/issues/18625 https://guidovranken.com/2022/06/27/notes-on-openssl-remote-memory-corruption/ https://eprint.iacr.org/2018/335 https://github.com/openssl/openssl/commit/4d8a88c134df634ba610ff8db1eb8478ac5fd345 https://linux.die.net/man/3/bn_internal https://www.microfocus.com/documentation/enterprise-developer/ed60/ES-WIN/GUID-E3960B1E-C42E-4748-A5EB-6E12507C9CD7.html https://www.microcontrollertips.com/risc-vs-cisc-architectures-one-better/ Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com
7/15/20229 minutes, 23 seconds
Episode Artwork

NULLs are weird, PG15 makes them less weird

Postgres 15 introduces a new syntax to treat nulls as not distinct. This will allow developers to create a unique constraint on nullable fields and have inserts with nulls fail instead of having it allowed based on today's standard. Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com https://blog.rustprooflabs.com/2022/07/postgres-15-unique-improvement-with-null https://www.postgresql.org/message-id/flat/84e5ee1b-387e-9a54-c326-9082674bde78%40enterprisedb.com
7/13/20226 minutes, 45 seconds
Episode Artwork

This decades old function in Linux is now 4 times faster

memchr() is a function that searches in a memory block for a character, this has been recently improved in the latest linux patch and we can learn something from this improvement I think, lets discuss. https://www.phoronix.com/scan.php?page=news_item&px=Linux-Kernel-Faster-memchr Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com
7/12/20227 minutes, 8 seconds
Episode Artwork

Amazon Aurora Supports Postgres 14

Amazon Aurora PostgreSQL-Compatible Edition now supports PostgreSQL major version 14 (14.3). Let us discuss this news. https://aws.amazon.com/about-aws/whats-new/2022/06/amazon-aurora-supports-postgresql-14/ 0:00 Intro 1:00 Database on the Cloud options 3:45 Amazon Aurora supports Postgres 14 6:00 Postgres 14 vs Postgres 13
7/11/202212 minutes, 13 seconds
Episode Artwork

Canada Rogers ISP Internet Outage - Early report and speculation

Rogers Communications, the Canadian ISP is down. One of its ASNs (they have many) is AS812 with over 5 million IP addresses. Tried a few and none of them can be pinged from the US (not sure if ICMP is disabled or not) This is a huge deal for all Canadians and businesses affected. So sorry for every one who is affected by this, and kudus to all the engineers at Rogers working to fix this for the past what? 11 hours now? If an ASN goes dark like a Facebook or a Cloudflare that isn't a big deal you can go without using Facebook for a day. But if this is your ISP's ASN that connects you to the rest of the World goes down, actual users won't be able to connect. We still don't know the cause but my guess it might be a bad BGP entry? that's what happened to Cloudflare or FB, could be something different. again so sorry for all my Canadian followers affected. Will make a video when I get a chance Resources https://www.bigdatacloud.com/asn-lookup/AS812 https://www.bigdatacloud.com/asn-lookup/AS7018
7/11/202214 minutes, 12 seconds
Episode Artwork

Index Fill Factor | The Backend Engineering Show

In this episode of the backend engineering show I’ll discuss Fill Factor index property, an important key parameter for a good performing database. I will also discuss how it is a double edge sword and can break or Make your db. Chapters 0:00 Intro 1:48 Start of the Show 4:30 Database Storage Representation 6:30 IO Cost 10:00 Index Page 13:30 Page Splits Cost 18:00 Indexing UUIDs 19:45 FillFactor 23:15 Bad FillFactor values 26:40 Fragmentation In Indexes 30:30 Summary Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com
7/11/202234 minutes, 36 seconds
Episode Artwork

HTTP 103 - Early Hints

In this video I discuss early hints HTTP 103 status code, the problem it solves and the challenges it has.
7/4/202211 minutes, 20 seconds
Episode Artwork

YugabyteDB supports read committed isolation

YugabyteDB is a postgres compatible and cloud native database. Read committed isolation level is a critical feature and adding it might lure more postgres customer’s to move to the cloud native database. But will they compete in front of Google’s new AlloyDB ?    0:00 Yogabyte implements Read committed 4:20 Isolation Levels 8:40 Can YugabyteDB compete with Google AlloyDB?   https://www.theregister.com/2022/06/28/yugabytedb_215/ https://docs.yugabyte.com/preview/architecture/transactions/explicit-locking/
6/30/202211 minutes, 57 seconds
Episode Artwork

Mutual TLS | The Backend Engineering Show

Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com Transport Layer security or TLS is a protocol that encrypted the communication between client and server. TLS can also be used to authenticate the server, when the client also requires authentication this is called Mutual TLS and this is the topic of today’s show. 0:00 Introduction 2:00 What is TLS? 7:00 Server Authentication TLS 14:00 Advantages of one way TLS 19:44 Disadvantages of one way TLS 29:00 mTLS 31:00 Advantages of MTLS 37:00 The Problems of mTLS 43:00 Summary and my Thoughts
6/27/202251 minutes, 4 seconds
Episode Artwork

Cloudflare Outage Analysis - Jun 21 2022

In this episode we go through the cloud flare outage blog.  https://blog.cloudflare.com/cloudflare-outage-on-june-21-2022/ Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com
6/22/202225 minutes, 3 seconds
Episode Artwork

When CSS loads last - HTTP Request Prioritization (RFC 9218) | The Backend Engineering Show

In this episode of the backend engineering show I go through the Extensible Prioritization Scheme for HTTP. This RFC addresses the problem in HTTP where the client prefers certain requests to be served before others. This RFC was designed by Lucas Pardue from Cloudflare and Kazoo Oku from Fastly.   0:00 The Request Priority Problem  13:00 How RFC 9218 addresses the problem 25:00 HTTP/1.x Backends 32:00 Summary  RFC 9218 https://datatracker.ietf.org/doc/rfc9218/
6/20/202236 minutes, 10 seconds
Episode Artwork

What is a zero day attack?

In this video I explain what is a zero day vulnerability or attack.   Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com
6/5/20225 minutes, 55 seconds
Episode Artwork

This project could free millions of IPv4 addresses, but is it worth it?

IPv4 UniCast Extensions Project attempts to unreserve old IPv4 subnets so they are publicly addressable. Is it worth it? Let us discuss  https://blog.apnic.net/2022/05/31/cutting-down-on-ip-address-waste/Unicast Use of the Formerly Reserved 127/8 https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-127/ Unicast Use of the Lowest Address in an IPv4 Subnet https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-lowest-address/   Unicast Use of the Formerly Reserved 240/4 https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-240/   Unicast Use of the Formerly Reserved 0/8 https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-0/ https://twitter.com/TheRealRevK/status/1532033651650830339   Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com
6/2/202211 minutes, 17 seconds
Episode Artwork

Sorting in Postgres 15 is 371% faster in certain cases

Fantastic gains in Postgres 15! improved sorting by 371%. Normally you can avoid sorting by using an index access path. However, you can’t always have an index on every group by, order by, join or distinct predict. This will come handy. Let us discuss Resources https://www.phoronix.com/scan.php?page=news_item&px=PostgreSQL-15-Faster-Sort https://techcommunity.microsoft.com/t5/azure-database-for-postgresql/speeding-up-sort-performance-in-postgres-15/ba-p/3396953#change3 https://www.postgresql.org/docs/15/release-15.html#id-1.11.6.5.4 https://techcommunity.microsoft.com/t5/sql-server-blog/understanding-sql-server-fast-forward-server-cursors/ba-p/383556
6/1/20229 minutes, 37 seconds
Episode Artwork

UDP hole punching

In this episode of the backend engineering show I discuss UDP hole punching in details.  Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com
5/30/202216 minutes, 51 seconds
Episode Artwork

Software engineering and Nursery rhymes

As a new parent, you get exposed to a whole new world. There is this new toddler song “Five little monkeys jumping on the bed” where it starts with five monkeys jumping on the bed and one falls off the bed and the mom calls the doctor and then another monkey falls and the mom calls the doctor again. This keeps going until all monkeys are no longer on the bed. This clearly looks like a software engineering problem. In the face of it is extreme inefficiency in IO with the mom calling the doctor 5 times in span of 3 minutes. The mom could decide to wait for all monkeys to fall and call the doctor once. A Method that is known as batching. Two problems with this approach; the first is latency the mom can’t wait, she is worried, she needs immediate answer from the doctor for the first monkey that fell. The second problem is we don’t know if more monkeys are going to fall off the bed, so while the mom waiting, the first monkey will be in pain and will “starve”. We makes decisions like this constantly in software engineering. In some database systems for example commits from transactions are grouped and batched for few microseconds/milliseconds so more commits can arrive and the database can flush/fsync the WAL once. This is specially important in highly concurrent system because disk fsync is costly and bypasses the operating system cache. However, this comes at a cost of slight delay in transaction commits but less IO in general. To batch or not to batch. The five little monkey problem doesn’t have one right solution it all depends.
5/29/20229 minutes, 12 seconds
Episode Artwork

Linux Big TCP might be a game changer for Google (and other cloud providers)

Eric Dumazet, a Linux kernel and a Google Principal software engineer pushed a new change to Linux to support a new feature in Linux called BIg TCP. How about we discuss this  resources https://www.phoronix.com/forums/forum/software/general-linux-open-source/1325637-linux-5-19-networking-brings-big-improvements-with-big-tcp-purelifi-more-hardware https://patchwork.kernel.org/project/netdevbpf/patch/[email protected]/https://datatracker.ietf.org/doc/html/rfc2675
5/28/202214 minutes, 16 seconds
Episode Artwork

Redo, Undo and WAL logs | The Backend Engineering Show

Database logging is a critical feature to maintain durability, in this show I discuss them in details   0:00 intro 1:00 ad 3:30 Start of the Show 6:00 What is commit 9:30 What if a commit fails half way 11:00 WAL 23:00 Checkpointing 27:00 fsync 33:00 Undo logs Get $20 off of your first order of cometeer quality delicious coffee https://cometeer.com/husseinnasser use coupon HUSSEIN20 ☕️
5/26/202240 minutes, 40 seconds
Episode Artwork

The software engineer mental health

In this video I discuss the developer mental health, stress, pressure, expectation, how to understand and shed light on the issues, and what might cause it all.  Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com
5/20/202219 minutes, 12 seconds
Episode Artwork

Distributed Transactions are Hard (How Two-Phase Commit works)

In this video I explain how we can use two-phase commit protocol works to achieve atomic distributed transaction.   0:00 What is atomicity  3:00 Distributed Transaction 6:00 Two phase commit protocol 13:00 Limitations of Two phase commit protocol    Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com
5/11/202216 minutes, 23 seconds
Episode Artwork

Why this query is fast

Welcome to another database question. In this question I created a community poll question and provided some answers. All answers can be correct of course but the question is what is the most efficient? this is what I try to explore in this video and compare how different database platforms such as mysql or Postgres differ in those implementations; Table T with three integer fields A, B and C. A has a primary key clustered index. B has a secondary index. Which query is more likely to be the most efficient? 0:00 Intro 1:00 The Question 3:20 WHERE C BETWEEN 50,50000 5:30 WHERE B BETWEEN 50,50000 13:20 WHERE C BETWEEN 50,50000 Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com
5/4/202217 minutes, 50 seconds
Episode Artwork

WhatsApp went down (early report/analysis) April-28-2022

WhatsApp Went down again, this is an early report with brief analysis, enjoy.   https://engineering.fb.com/2020/10/21/networking-traffic/how-facebook-is-bringing-quic-to-billions/
4/28/20226 minutes, 29 seconds
Episode Artwork

DNS is Beautiful

DNS or Domain Name System, despite its drawbacks, is brilliantly designed for scale. We can learn few lessons from this protocol especially when designing our own apps. This episode of the backend engineering show I go through how DNS works, the pros and the cons and attacks that happened on this system. 0:00 Intro 2:00 Overview DNS 7:40 How DNS works (Details) 15:44 DNS uses UDP 19:30 DNS Poisoning 24:10 is DNS really distributed? 26:30 How Attackers Abuse DNS 30:30 How Chrome overloaded the ROOT servers for 12 years Resources https://blog.apnic.net/2020/08/21/chromiums-impact-on-root-dns-traffic/ https://www.cloudflare.com/learning/dns/what-is-dns/ https://www.cloudflare.com/learning/dns/dns-cache-poisoning/ https://blog.cloudflare.com/sad-dns-explained/ https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 Fundamentals of Networking for Effective Backends udemy course (link redirects to udemy with coupon) https://network.husseinnasser.com Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com Introduction to NGINX (link redirects to udemy with coupon) https://nginx.husseinnasser.com
4/28/202241 minutes, 49 seconds
Episode Artwork

The Beauty of the Internet Protocol

In this episode of the backend engineering show we discuss the Internet Protocol. A beautiful, elegant protocol that made the Internet possible. We discuss why we need an IP address, how routing is done and how VPNs take advantage of the agnostic nature to encrypt traffic
4/24/202226 minutes, 50 seconds
Episode Artwork

Caching is hard | The Backend Engineering Show

In this episode of the backend engineering show we discuss an article written by the Forem team illustarting a bug they recently fixed in their caching layers. They go into good level of details explaining the 3 levels of caching that they have. I go through this article in this episode and give my opinion at the end as to why we shouldn’t really cache unless we need to. Enjoy 0:00 Intro 1:00 Three level of caching summary 7:39 Edge Caching 8:30 Backend Rails Caching 10:30 Database Caching 15:00 Understand why you Cache Article https://dev.to/devteam/the-three-caches-of-forem-492p
4/15/202221 minutes, 18 seconds
Episode Artwork

The Limitations of Today's SSDs | The Backend Engineering Show

Backend database applications relay on good storage systems for performance, durability and low latency. SSDs have been a great invention that changed the storage game compared to mechanical drives. However, SSDs came with their own sets of problems which can cause database reads and writes to plummet after a while. This episode discusses the current limitations of SSDs include garbage collection, wear leveling, over provisioning and how zoned name spaces “may” fix this. 0:00 Intro 1:40 Block 4:00 Logical Block Addressing 6:00 Flash Translation Layer 6:50 DRAM 8:50 Erase unit 11:11 Namespace 12:00 Summary 13:40 Garbage collection 16:49 Over provisioning 18:00 Write amplification 21:28 Wear leveling Resources https://www.guru3d.com/news-story/new-malware-bypasses-security-measures-by-using-ssd-over-provisioning.html https://www.snia.org/educational-library/zoned-namespaces-zns-ssds-disrupting-storage-industry-2020 https://www.youtube.com/watch?v=cbX3P56Jp0o&feature=emb_title
4/10/202226 minutes, 7 seconds
Episode Artwork

Google thinks Linux is slow to reboot, so they patch it

Google linux boxes have over 16 NVMe SSD PCIe Express drives.When a shutdown signal is sent to linux, the OS iterate through each NVMe and send synchronous request to shutdown that takes 4.5 seconds. This adds up to over a minute to achieve a reboot. Google patches linux with asynchronous Shutdown APIs    Resources https://www.phoronix.com/forums/forum/phoronix/latest-phoronix-articles/1316262-google-has-a-problem-with-linux-server-reboots-too-slow-due-to-too-many-nvme-drives  patch https://lore.kernel.org/lkml/[email protected]/  Sync vs async  https://www.youtube.com/results?search_query=asynchronous+vs+synchronous+hussein
3/30/20229 minutes, 2 seconds
Episode Artwork

The cost of Hash tables | The Backend Engineering Show

Hash tables are effective for caching, database joins, sets to check if something is in a list and even load balancing, partitioning and sharding and many other applications. Most programming languages support hash tables. However they don’t come without their cost and limitations lets discuss this. 0:00 Intro 1:50 Arrays 3:50 CPU Cost (NUMA/M1 Ultra) 6:50 Hash Tables 10:00 Hash Join 16:00 Cost of Hash Tables 20:00 Remapping Cost Hash Tables 22:30 Consistent hashing
3/29/202226 minutes, 14 seconds
Episode Artwork

Understanding Aggregate Functions Performance | The Backend Engineering Show

Aggregate functions like Count, max, min, avg performance really depends on how did you tune your database for that kind of workload. Let us discuss this. 0:00 Intro 1:22 SELECT COUNT(*) 4:30 SELECT AVG(A) 5:15 SELECT MAX(A) 8:00 Best case scenario 11:30 Clustering 14:00 Clustering Sequential Writes 17:19 Clustering Random Writes 20:30 Summary
3/23/202223 minutes, 39 seconds
Episode Artwork

Why checking the URL won’t prevent all phishing attacks

99% of phishing attacks can be avoided by looking at the URL. However this secuirty researcher proves that not enough.   https://mrd0x.com/browser-in-the-browser-phishing-attack/
3/22/20226 minutes, 20 seconds
Episode Artwork

Its always Microservices - The Spotify Outage Explained (March 8 2022)

On March 8 2022 Spotify and Discord experienced an outage latest 2-3 hours. The reason was a configuration on the xDS formats on Google Traffic Director. Let us discuss how this change caused the outage and what Spotify did to mitigate that outage without relying on Google restoring the service back up. Resources Spotify outage https://engineering.atspotify.com/2022/03/incident-report-spotify-outage-on-march-8/ Google Cloud outage https://status.cloud.google.com/incidents/LuGcJVjNTeC5Sb9pSJ9o Envoy xDS https://blog.envoyproxy.io/the-universal-data-plane-api-d15cec7a Microservices scaling with common sense https://www.youtube.com/watch?v=NsIeAV5aFLE CARDS 4:36 Miicros https://www.youtube.com/watch?v=NsIeAV5aFLE 9:30 Spotify Hermes https://www.youtube.com/watch?v=fMq3IpPE3TU&t=21s 0:00 Intro 2:00 Spotify Outage 3:30 Microservices 6:10 Service Discovery 10:00 Spotify Quick Workaround 12:15 Google Traffic Director Outage
3/18/202222 minutes, 16 seconds
Episode Artwork

The Many Ways of DDoS | Russia-Ukraine Cyberwar

The Russia-Ukraine Cyberwar has reached a peak this past week. In this video I explain the multiple ways a Denial of Service attacks can happen and how to protect against them Intro 0:00 What is DOS? 1:00 Long running requests 1:42 Crash backend processes 3:30 Exhaust Max connections 4:25 Large response (web traffic) 5:42 Lots of requests 8:27 Complex request (Regex bug) 9:57 Prevention 12:27
3/7/202215 minutes, 31 seconds
Episode Artwork

Why the next Chrome version will break websites

 Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com Chrome, Edge and Firefox are approaching version 100. that version is 3 digit version where most websites only checked two digits. You can imagine what can go wrong. Lets discuss
2/24/20228 minutes, 53 seconds
Episode Artwork

The Slack 2/22/22 Outage

On 2/22/2022 Slack experienced a 3 hours outage from 6AM to 9AM PST because of a configuration change. That change lead to increase load to their database infrastructure which causes queries to starve. Lets discuss https://status.slack.com/2022-02-22
2/23/202212 minutes, 11 seconds
Episode Artwork

Should NodeJS Support HTTP/3?

It looks like there is demand for bringing QUIC and HTTP/3 to NodeJS, someone donated $1000 dollar to make it happen. However, what are the use cases for supporting HTTP/3 in Nodejs? I talk about whether HTTP/3 should come to NodeJS in this video. https://rysolv.com/issues/detail/863986ce-c8d5-466d-abf4-476d3177452d
2/22/202214 minutes, 12 seconds
Episode Artwork

Canada's Banks 2022 Outage

Five major Canadian banks went offline for hours blocking access to online and mobile banking as well as e-transfers for customers. There are no reports of what might have caused the outage so In this video we explain what might have caused it.   https://www.bleepingcomputer.com/news/security/canadas-major-banks-go-offline-in-mysterious-hours-long-outage/
2/17/202211 minutes, 27 seconds
Episode Artwork

Accessing SSDs through TCP - NVMe over TCP

NVMe changed the game of fast SSD storage. The spec is being extended to support networked storage, I have some doubts that would like to discuss in this video.  Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com Introduction to NGINX  (link redirects to udemy with coupon) https://nginx.husseinnasser.com Python on the Backend (link redirects to udemy with coupon) https://nginx.husseinnasser.com
2/16/202210 minutes, 47 seconds
Episode Artwork

What does it take to break Bitcoin’s encryption? | The Backend Engineering Show

I stumbled upon a research calculating how big of quantum computer required to break bitcoin public key encryption. It will take them 300 million quantum bits to find the corresponding private key given a public key. That wasn’t really the most instructive thing really from that research. The interesting thing is how bitcoin design carefully hides information about the original owner which makes breaking it really challenging. In this episode I discuss what does it take to break bitcoin encryption. 0:00 Intro 3:00 Public Key Cryptography 6:30 Bitcoin Keys ( Private key/public key and bitcoin address) 8:18 Why do we need a Bitcoin address 11:13 How minors verify transactions 17:30 When is the bitcoin public key visible? 19:12 The Wallet 20:47 What does it take to break bitcoin? -find wallet.dat file which contain all the keys, some upload that online -obtain public key from digital sign during a transaction posting. If someone used that public key , obtained the private key, then used it to generate a new ransaction to a different address before this transaction get posted. -have a bitcoin address in mine satoshi, find out the public key not possible, then find out the private key from the public key, you can take all the time you need here. Because once you find those puppiest you are off to the races 25:20 Bits of security 28:00 My thoughts Resources https://avs.scitation.org/doi/10.1116/5.0073075
2/16/202232 minutes, 28 seconds
Episode Artwork

NodeJS introduces HTTPS Import from URLs

NodeJS introduces importing network based modules in their latest release. Importing network based modules using `https:` and `http:` is supported under the `--experimental-network-imports` flag. This allows web browser-like imports to work in Node.js with a few differences due to application stability and security concerns that are different when running in a privileged environment instead of a browser sandbox.  Import HTTPS https://github.com/nodejs/node/pull/36328/files
2/14/202215 minutes, 50 seconds
Episode Artwork

First port your computer connects to browsing the Web | Backend Engineering Show

I asked a question on my community post   What port does your computer connect to when you visit google.com on your browser for the very first time?  The answer really depends on the network configuration and that's what I discuss in this video. The answer could be HTTP port 80, HTTPS port 443, DNS port 53 or other answers that aren't even listed here including DNS over HTTPS and DNS over TLS. Lets discuss
2/5/202212 minutes, 36 seconds
Episode Artwork

Index page splits | The Backend Engineering Show

In this episode of the backend engineering show I discuss the ramification of index page splits which results in fragmented index yielding slow query performance when using indexes. I go through what a page is, how a page is read and written in the database and finally discuss the current solutions to address this problem such as reindexing, fill factor and choosing a good index key type. Get my Fundamentals of Database Engineering Udemy course https://database.husseinnasser.com 0:00 Intro 1:50 What is a Page? 5:00 How to Read and Write a page 8:45 Batching Writes and WAL 11:45 The Order of Content in the Page 16:00 Page Splits 21:30 Solving Index Fragmentation 28:30 Summary
1/30/202231 minutes, 54 seconds
Episode Artwork

Multi-tenancy architecture | The Backend Engineering Show

Multitenancy refers to placing two or more clients, customers or tenants so they share a single resource. The idea behind Multitenancy is to save on resources instead of giving each client its own resource (storage, app, memory, network etc..). You slice each part and give it to dedicated client. The number one rule is those tenants shouldn’t be aware of the existence of other tenants, they need to be completed isolated, no one tenant can read or influence the other’s tenant share. If this is confusing don’t worry I’ll go through examples in this episode of the backend engineering show. 0:00 Intro 2:50 Ssd Multitenancy 6:45 Database Multitenancy 10:14 Networking Multitenancy (SDN) 16:55 VMs and Containers Multitenancy 19:00 Application Multitenancy
1/23/202226 minutes, 16 seconds
Episode Artwork

Is ULTRARAM a game changer? | Backend Engineering Show

Scientists at the Physics and Engineering Department of the UK’s Lancaster University published a new paper describing ULTRARAM. A Low-Energy, High-Endurance, Compound-Semiconductor Memory on Silicon. I think this tech is a game changer but I still have my doubts. Let us discuss 0:00 Intro 0:30 RAM 4:00 SSD 11:00 UltraRAM 17:30 Doubts * RAM (Dynamic RAM) * Fast access with capacitors * random access * requires power to be refreshed * Flash NAND (SSD) * Pros fast random access (FTL) * Block storage * Requires high voltage (20V to erase/ 7.5 to program) * Low durability endurance which then (write amplification + garbage collection ) * UltraRAM uses a new novel approach to the memory cell design that only need 2.5 V to program/erase, low power which saves the memory cell lifetime https://www.sciencedirect.com/topics/engineering/fowler-nordheim-tunnelling * High endurance program/erase last longer * High retention * GC/WA not required * Limitations: still we know very little https://onlinelibrary.wiley.com/doi/10.1002/aelm.202101103  
1/19/202220 minutes, 49 seconds
Episode Artwork

My website went down - enom outage analysis

enom my DNS registrar had an outage which took down my site husseinnasser.com lets discuss   0:00 Intro  5:00 How DNS Works 12:00 Outage report 16:00 Will I migrate my DNS? 21:40 Does decentralize mean anything anymore?
1/16/202225 minutes, 30 seconds
Episode Artwork

Thoughts on Low code | The Backend Engineering Show

In this episode of the backend engineering show, I’ll discuss the low code movements and their pros and cons. 0:00 Intro 2:00 Evolution of Languages 8:40 Low Code Movement 10:00 Side Effect of Low Code 13:00 Leaky Abstractions Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com Introduction to NGINX (link redirects to udemy with coupon) https://nginx.husseinnasser.com Python on the Backend (link redirects to udemy with coupon) https://nginx.husseinnasser.com
1/5/202220 minutes, 47 seconds
Episode Artwork

Tech I want to explore in 2022

These are some fundamental technologies that I want to explore in 2022.   0:00 The Way I learn 4:20 Database Engineering 7:00 Network Engineering  9:30 Hardware and Operating Systems 15:00 The problem with software engineering   Collateral Knowledge Video https://www.youtube.com/watch?v=6YKbVpWmeLM&t=3s  Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg  Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com Introduction to NGINX  (link redirects to udemy with coupon) https://nginx.husseinnasser.com Python on the Backend (link redirects to udemy with coupon) https://nginx.husseinnasser.com
1/3/202221 minutes, 7 seconds
Episode Artwork

How TikTok short content is delivered through HTTP - Devtooling TikTok

Welcome to another dev tools video, in this video I use dev tools to break down how Tiktok website works to pull short-form content.  We will use therock as a subject. It is an interesting episode, enjoy   
12/29/202119 minutes, 43 seconds
Episode Artwork

An HTTP request journey to the Backend | Backend Engineering Show

In this episode of the backend engineering show, I explain the journey of an HTTP request that gets initiated from a click on a link. I discuss DNS, TCP, API Gateways, reverse proxies, load balancers, backend web servers, and much more. Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
12/23/202137 minutes, 29 seconds
Episode Artwork

The Journey of an HTTP request to the Backend | Backend Engineering Show

In this episode of the backend engineering show, I explain the journey of an HTTP request that gets initiated from a click on a link. I discuss DNS, TCP, API Gateways, reverse proxies, load balancers, backend web servers, and much more. Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
12/23/202136 minutes, 40 seconds
Episode Artwork

Log4DoS - New Denial of Service discovered in log4j | The Backend Engineering Show

Right after the latest patch log 4j 2.16, a new denial of service vulnerability surfaced on log4j resulting in a new 2.17 patch. Let us discuss. 0:00 log4dos 4:50 History of log4j fixes 15:20 All love to the open source maintainers Previous Backend Engineering show episode coverage of log4shell https://youtu.be/77XnEaWNups https://logging.apache.org/log4j/2.x/security.html# Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4
12/19/202119 minutes, 12 seconds
Episode Artwork

Detailed analysis on the Amazon US-EAST-1 Outage - Video Podcast

In this episode of the backend engineering show, we go through a deep dive to uncover the reason behind the outage on December 7th, 2021 Amazon outage. RCA https://aws.amazon.com/message/12721 All outage analysis videos https://www.youtube.com/watch?v=dhZ5--R42AM&list=PLQnljOFTspQXdkZLiYCCh_5RBP1-T-Rnx Get the Fundamentals of Database Engineering udemy course https://database.husseinnasser.com 
12/18/202154 minutes
Episode Artwork

Detailed analysis on the Amazon US-EAST-1 Outage | The Backend Engineering Show

In this episode of the backend engineering show, we go through a deep dive to uncover the reason behind the outage on December 7th, 2021 Amazon outage. RCA https://aws.amazon.com/message/12721 All outage analysis videos https://www.youtube.com/watch?v=dhZ5--R42AM&list=PLQnljOFTspQXdkZLiYCCh_5RBP1-T-Rnx Get the Fundamentals of Database Engineering udemy course https://database.husseinnasser.com Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join
12/18/202154 minutes, 49 seconds
Episode Artwork

The Log4j vulnerability | The Backend Engineering Show

In this episode of the backend engineering show, I discuss the log4j vulnerability (CVE-2021-44228 also known as log4shell) that took the Internet by storm. 0:00 Intro 1:00 log4j 5:30 How the attack started 11:00 Attack with DNS 17:00 Remote Code Execution 23:00 Remedy 31:00 Scanning References https://nvd.nist.gov/vuln/detail/CVE-2021-44228 https://youtu.be/oC2PZB5D3Ys 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg
12/15/202135 minutes, 41 seconds
Episode Artwork

Postgres HOT Optimization | The Backend Engineering Show

In this episode of the backend engineering show taken from my udemy Q&A I discuss the reasons behind Postgres HOT Optimization or heap only tuple. 
12/3/202125 minutes, 27 seconds
Episode Artwork

Postgresql index bloat | The Backend Engineering Show

Postgresql database implements MVCC by creating a new row version for any update/delete/or insert. While this is a sound implementation to support concurrent transactions reading old version of the rows, it does have some side effects and this is what I want to discuss in this episode of the backend engineering show. 0:00 Intro 1:00 Postgres MVCC design 6:42 MVCC on other databases 11:15 Side-effects of Row-versioning 17:00 Postgres HOT optimization 19:50 How Index bloat affects Performance 24:20 How Postgres 14 Addresses index bloat Cards: 14:12 b-tree https://www.youtube.com/watch?v=a1Z40OC553Y Resources https://www.postgresql.org/docs/14/btree-implementation.html#BTREE-DELETION
11/11/202127 minutes, 53 seconds
Episode Artwork

What is the cost of Indexing too many columns - Udemy Q&A November 2021

Head to https://database.husseinnasser.com to get a discount coupon for my introduction to database engineering.   In this video, I answer some of your questions on the Introduction to Database Engineering Course.
11/5/202127 minutes, 35 seconds
Episode Artwork

when indexes are useless | The Backend Engineering Show

head to https://database.husseinnasser.com to get a discount coupon for my Introduction to Database Engineering course In this episode of the backend engineering show, I’ll discuss three instances where indexes can be useless and might add overhead to your operations. Let us discuss. 0:00 Intro 1:34 What is an Index? 4:00 The Cost of Indexes 6:40 Most values are the similar 13:00 WHERE UPPER(NAME)=‘RICK’ 17:10 Composite Index 23:00 How do I know if I’m using an Index
10/30/202127 minutes, 12 seconds
Episode Artwork

The cost rolling back transactions (postgres/mysql)

The cost of a long-running update transaction that eventually failed in Postgres (or any other database for that matter. In Postgres, any DML transaction touching a row creates a new version of that row. if the row is referenced in indexes, those need to be updated with the new tuple id as well. There are exceptions with optimization such as heap only tuples (HOT) where the index doesn’t need to be updated but that doesn’t always happens. If the transaction rolls back, then the new row versions created by this transaction (millions in my case) are now invalid and should NOT be read by any new transaction. You have two solutions to address this, do you clean all dead rows eagerly on transaction rollback? Or do you do it lazily as a post process? Postgres does the lazy approach, a command called vacuum which is called periodically Postgres attempts to remove those dead rows and free up space in the page. Whats the harm of leaving those dead rows in? Its not really correctness issues at all, in fact transactions know not to read those dead rows by checking the state of the transaction that created them. This is however expensive, the check to see of the transaction that created this row is committed or rolled-back. Also the fact that those dead rows live in disk pages with alive rows makes an IO not efficient as the database has to filter out dead rows. For example, a page may have contained 1000 rows, but only 1 live row and 999 dead rows, the database will make that IO but only will get a single row of it. Repeat that and you end up making more IOs. More IOs = slower performance. Other databases do the eager approach and won’t let you even start the database before rolling back is successfully complete, using undo logs. Which one is right and which one is wrong? Here is the fun part! Nothing is wrong or right, its all decisions that we engineers make. Its all fundamentals. Its up to you to understand and pick. Anything can work. You can make anything work if you know what you are dealing with. If you want to learn about the fundamentals of databases and demystify it check out my udemy course  https://database.husseinnasser.com
10/21/20219 minutes, 25 seconds
Episode Artwork

TLS and HTTPS Options in Microsoft IIS

In this episode of the backend engineering show, I’ll discuss all HTTPS/TLS binding options in Microsoft IIS and also explain why every web server and reverse proxy should have some of these fine level control. Chapters 0:00 Intro 1:00 Require Server Name Indication (SNI) 5:00 Disable TLS 1.3 Over TCP 8:30 Disable Legacy TLS 10:00 Disable OCSP Stapling 12:00 Disable QUIC 14:30 Disable HTTP/2 17:30 Certificate Get my database course https://database.husseinnasser.com Get my NGINX course https://nginx.husseinnasser.com Get my Python on the Backend course https://python.husseinnasser.com
10/13/202120 minutes, 13 seconds
Episode Artwork

On Graph Databases | The Backend Engineering Show

I get a lot of emails asking me to talk about graph databases, so I want to start researching them, but I wanted to give you guys the framework of how I think about any databases to defuse any “magic” that might be there. In this video, I discuss what constrains a database and how the use cases try to work around them. 0:00 Intro 1:50 What constrains a database? 4:00 Indexing Techniques 5:30 Storage Engines - Row-Store 9:00 Columnar Databases 12:00 Graph use cases 16:00 Graph Storage Engines Learn the fundamentals of databases, grab my my Introduction to Database Engineering udemy course here for a discount coupon https://database.husseinnasser.com 🧑‍🏫
10/10/202122 minutes, 27 seconds
Episode Artwork

Certificates gone bad | The Backend Engineering Show

Certificates contain useful metadata including the public key, domain name, signature, etc. However, the private key can be leaked which causes the certificate to be invalid/dangerous to keep around. In that particular situation, we need a mechanism to revoke certificates and that is what I’m going to discuss in this show. 0:00 Intro 0:30 Why Certificates 12:00 Certificates can go bad 14:50 Certificate Revocation Lists (CRLs) 18:30 OCSP (Online Certificate Status Protocol) 20:40 OCSP Stapling 24:30 Best certificates are short 26:30 Summary Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4
10/8/202128 minutes, 9 seconds
Episode Artwork

Detailed analysis on the facebook outage

In this episode, I go through the Facebook detailed article regarding their October 4th, 2021 outage and discuss it in length. enjoy Facebook blog: https://engineering.fb.com/2021/10/05/networking-traffic/outage-details/ 0:00 Introduction on Facebook Networking Architecture 12:00 The Cause of the Outage 17:00 What’s DNS 23:00 DNS Servers disabled BGP ads 27:00 Could the outage have been prevented? 32:00 Why did it take so long? 38:00 Why you can’t just flip everything on 41:30 Summary 🧑‍🏫 Courses I Teach https://database.husseinnasser.com https://nginx.husseinnasser.com https://python.husseinnasser.com Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🏭 Backend Engineering Videos in Order https://backend.husseinnasser.com 💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2
10/6/202143 minutes, 57 seconds
Episode Artwork

Facebook, WhatsApp, Instagram is Down here’s what might’ve caused it (early report)

Quick summary of the Facebook, Instagram and WhatsApp outage on Oct 4th 2021
10/4/20218 minutes, 9 seconds
Episode Artwork

How Airline WIFI allows Texting but not Media in WhatsApp/iMessage

In this episode I discuss my recent flight through Alaskan airlines and how they block certain services but allow only texting.
9/27/202110 minutes, 56 seconds
Episode Artwork

Spook.js - This will bloat Chrome even more | The Backend Engineering Show

Spook.js is a new transient execution side channel attack which targets the Chrome web browser. We show that despite Google's attempts to mitigate Spectre by deploying Strict Site Isolation, information extraction via malicious JavaScript code is still possible in some cases. Resources https://www.spookjs.com/ https://www.chromium.org/developers/design-documents/site-isolation Paper: https://www.spookjs.com/files/spook-js.pdf Chapters 0:00 Process Isolation in Chrome 8:00 Spook.js subdomain Attack 12:00 Spook.js Extension Attack 13:00 Summary Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
9/13/202118 minutes, 5 seconds
Episode Artwork

SSL Striping | The Backend Engineering Show

In this episode of the backend engineering show, I’ll go through the SSL Stripping attack, what caused it, what were the mitigations enforced to solve it, and why it is still a problem. 0:00 Intro 2:10 The Web Security Model 14:30 SSL Stripping Example 22:00 How to Solve SSL Stripping? 27:00 Limitations of HSTS 31:00 Summary Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
9/6/202139 minutes, 15 seconds
Episode Artwork

TCP/IP turns 40 | The Backend Engineering Show

Let us take a moment to appreciate the TCP/IP design by discussing it.
9/3/202129 minutes, 16 seconds
Episode Artwork

gRPC over HTTP/3 is finally a thing | Backend Engineering Show

The gRPC team just submitted a proposal to support HTTP/3. This is big news and we have been waiting for a long time for this. In this show, I’ll discuss why would you want gRPC, why gRPC picked HTTP/2, what is actually wrong with HTTP/2 and what HTTP/3 solves. And Finally, I’ll discuss what is wrong with HTTP/3 and pitfalls that you as gRPC user might run into. Let us discuss! 0:00 Intro 1:30 why gRPC 5:20 gRPC & HTTP/2 7:30 gRPC & HTTP/3 8:50 What is wrong with HTTP/2 29:30 What is good about HTTP/3 37:00 What’s wrong with HTTP/3 Resources https://github.com/grpc/proposal/pull/256/files Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4
9/2/202147 minutes, 54 seconds
Episode Artwork

KeepAlive | The Backend Engineering Show

I discuss keepalive in TCP and HTTP and its pros and cons 0:00 Intro 3:28 What is KeepAlive 8:30 TCP KeepAlive 10:30 Middleboxes and Single-Path TCP 16:30 Middle Boxes and Keepalive 19:30 The FTP KeepAlive trap 25:00 HTTP KeepAlive 30:00 What's a good keepalive timeout? https://daniel.haxx.se/blog/2020/02/10/curl-ootw-keepalive-time/ https://datatracker.ietf.org/doc/html/rfc1122#section-4.2.3.6 https://datatracker.ietf.org/doc/html/rfc793#section-3.5 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4
8/29/202135 minutes, 30 seconds
Episode Artwork

The Anatomy of a Proxy Server | The Backend Engineering Show

In this video I’ll illustrate how a proxy server works under the hood. I Will go through how connection establishment works without a proxy, with an HTTP proxy and finally with HTTPS proxy in tunnel mode and TLS termination mode. 0:00 Intro 1:00 Connection Establishment without a Proxy 5:00 Connection Establishment with an HTTP Proxy 15:22 Connection Establishment with an HTTPS Proxy (Tunnel mode) 19:50 Connection Establishment with an HTTPS Proxy (TLS Termination) cards 16:25 https://youtu.be/PAJ5kK50qp8 connect method
8/23/202123 minutes, 59 seconds
Episode Artwork

How Redis efficiently snapshots gigabytes of memory to disk (forking)

I discuss the concept of process forking, copy on write (COW) aka shadowing, and how Redis the in-memory database take advantage of that for asynchronous snapshotting,    https://redis.io/topics/persistence
8/21/20214 minutes, 36 seconds
Episode Artwork

Table Clustering (Clustered Index) - The pros and cons

In this episode of the backend engineering show, I discuss database clustering. This is also known as table clustering, clustered index or Index organized table all names represents the same thing. I will talk about the benefits of clustering and also the disadvantages of implementing clustering. This feature is also implicitly implemented in certain databases. More readings https://www.postgresql.org/docs/14/sql-cluster.html https://oracle-base.com/articles/8i/index-organized-tables https://docs.microsoft.com/en-us/sql/relational-databases/indexes/clustered-and-nonclustered-indexes-described?view=sql-server-ver15 https://dev.mysql.com/doc/refman/5.7/en/innodb-index-types.html Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses 🏭 Backend Engineering Videos in Order https://backend.husseinnasser.com 💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2 🎙️Listen to the Backend Engineering Podcast https://husseinnasser.com/podcast
8/20/202128 minutes, 33 seconds
Episode Artwork

Synchronous and asynchronous workloads are everywhere

In this video, I’ll explain synchronous vs asynchronous operations and then discuss examples where this shows up. In programming, real-time messaging, database systems, and operating systems. 0:00 Definition Synchronous vs Asynchronous 4:15 sync vs async In Programming 7:50 Sync vs Async In Real-time messaging 17:00 Sync vs Async In Database Replication 23:50 Sync vs Async in Database Commits 29:30 Sync vs Async in fsync Operating System cache Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4
8/12/202135 minutes, 26 seconds
Episode Artwork

Microsoft IIS as a Backend - CPU Throttling

In this episode of the Backend Engineering show, I'll discuss the advanced section settings in the Application Pool in Internet Information Services in IIS. Chapters 0:00 Intro 0:30 What is an Application Pool 3:00 IIS Multi-processing 5:18 .NET CLR Version 6:00 32-bit apps 6:21 Pipeline Mode (CGI vs ISAPI vs Native) 8:45 Max Queue 10:18 CPU Limiting 16:00 Processor Affinity 20:00 Summary
8/9/202122 minutes, 57 seconds
Episode Artwork

Partial Indexing | Backend Engineering Show

While the benefits of partial indexes can have a great impact on your database system performance, the implications are also great if misused. Let us discuss partial indexing (Also known as filtered indexes in SQL Server) Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
8/3/202118 minutes, 39 seconds
Episode Artwork

MySQL Statement-based Replication might not be a good idea

Replication is the process of pushing changes from the master node to worker replica nodes in a database system to allow for horizontal scalability. One of the methods of replication is statement-based which is popular in MySQL. In this episode of the Backend Engineering Show, I explain why statement-based replication is actually a bad idea. Resources https://www.youtube.com/watch?v=jsWwFL_iqVM https://dev.mysql.com/doc/refman/8.0/en/replication-sbr-rbr.html https://engineering.fb.com/2021/07/22/data-infrastructure/mysql/ https://eng.uber.com/postgres-to-mysql-migration/
7/31/202117 minutes, 46 seconds
Episode Artwork

Can Redis be used as a Primary database?

This episode of the backend engineering show is sponsored by my friends at RedisLabs. I’m going to break this video into three sections, we will first define features that qualify a primary database? Then we will see if Redis actually check the boxes of a primary database and finally we explore the features of Redis that take it beyond a primary database. I was personally surprised by most of those. Chapters 0:00 Intro 1:00 What Qualifies a primary database 3:00 Does Redis Check the boxes? 7:40 beyond Redis Resources Try Free: https://bit.ly/3hWr1Uj Redis Advantages: https://bit.ly/3ztx2xw Martin Fowler talking about Impedance Mismatch: https://bit.ly/36ZEOD8 Transactions: https://bit.ly/3wTMKAw ACID 0.5 MM Ops/Seconds on AWS: https://bit.ly/3ruMB5s Consistency and Durability: https://bit.ly/3wYNLr8 Watch and Rollbacks: https://redislabs.com/blog/you-dont-need-transaction-rollbacks-in-redis/#:~:text=Redis%20has%20a%20main%2C%20single,is%20required%20to%20implement%20WATCH Redis Enterprise https://redislabs.com/redis-enterprise/advantages/ https://redis.io/topics/transactions#cas https://redislabs.com/blog/you-dont-need-transaction-rollbacks-in-redis/#:~:text=Redis%20has%20a%20main%2C%20single,is%20required%20to%20implement%20WATCH. https://docs.redislabs.com/latest/rs/concepts/data-access/consistency-durability/
7/30/202113 minutes, 5 seconds
Episode Artwork

Why the Internet went dark for two hours - Let's discuss the Akamai outage

There was a two hours DNS outage on a company called Akamai that broke several services today July 22, 2021, https://appleinsider.com/articles/21/07/22/akamai-dns-problem-causing-wide-internet-issues Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
7/22/202155 seconds
Episode Artwork

Microsoft IIS as a Backend - HTTP/HTTPS Bindings

IIS (Internet Information Services) is Microsoft's Windows web server. It is feature-rich and very easy to enable. I have been using it for a long time but I noticed I never actually make a video about it. In this video, I'll explore the IIS binding and explain all the options in that form. I might make more videos in the future to explore different aspects of this web server. Videos mentioned Leaky abstractions https://youtu.be/4a3bI7AYsy4 HTTP/2 Limitations https://youtu.be/CUiBVTcgvBU OCSP Stapling https://youtu.be/g08Omc1wi0s Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
7/20/202111 minutes, 42 seconds
Episode Artwork

NodeJS July 2021 Security Releases

In today's show I go through the NodeJS Security Releases for the month of July 2021, lots of interesting vulnerabilities to discuss. 0:00 Intro 1:00 CVE-2021-22918 - libuv DNS Out of bounds Crash 3:40 CVE-2021-22921 - Node Windows installer Local Privilege Escalation 7:30 CVE-2021-27290 - ssri Regular Expression Denial of Service (ReDoS) Resources https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/ https://hackerone.com/reports/1211160 https://snyk.io/vuln/SNYK-JS-SSRI-1085630
7/9/202111 minutes, 14 seconds
Episode Artwork

Scaling CPU-intensive Backends - The Backend Engineering Show

🧑‍🏫 Courses I Teach https://husseinnasser.com/courses In this episode, I’d like to discuss the methods of scaling CPU-bound or intensive workloads on the backend. This show will discuss the scaling of the workload on a single machine taking full advantage effectively of all its resources, then we will discuss horizontal scalability to multiple machines. 0:00 Intro 1:00 What do I mean by Scaling 3:20 CPU-Intensive/Bound Workload 6:00 Effective Scaling CPU-Bound Backends in Single Machine 12:00 How Hyperthreading can be useful 15:00 Horizontally Scale to multiple Machines SO_REUSEPORT https://lwn.net/Articles/542629/ @Gary Explains Hyperthreading https://www.youtube.com/watch?v=mSZpDF-zUoI Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
7/5/202120 minutes, 22 seconds
Episode Artwork

Should you go with an Optimistic or Pessimistic Concurrency Control Database?

MongoDB, Postgres, Microsoft SQL Server, or MySQL, or any other database manages concurrency control differently. There are two methods, pessimistic and optimistic, both have their pros and cons. Let explore how different databases implement this and what is the effect on performance/scalability. This is often known as Optimistic vs pessimistic locking. Although I don't really like to use locking with this because it confuses the story. 0:00 Intro 2:20 What is Concurrency Control 6:00 Pessimistic Concurrency Control 14:50 Optimistic Concurrency Control Resources https://www.postgresql.org/docs/13/mvcc.html http://source.wiredtiger.com/develop/architecture.html https://docs.microsoft.com/en-us/troubleshoot/sql/performance/resolve-blocking-problems-caused-lock-escalation Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses 
7/1/202121 minutes, 46 seconds
Episode Artwork

Microsoft Paid them $20k for finding one of a kind XSS bug in Edge

@MrRajputHacker @Th3Pr0xyB0y found critical universal XSS (an XSS that affects the entire browser, not just one page) on Microsoft Edge. They responsibly reported the bug and detailed it in their article. Let us discuss Resources https://cyberxplore.medium.com/how-we-are-able-to-hack-any-company-by-sending-message-including-facebook-google-microsoft-b7773626e447 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34506 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34475 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
6/28/20219 minutes, 8 seconds
Episode Artwork

B-tree vs B+ tree in Database Systems

In this episode of the backend engineering show I'll discuss the difference between b-tree and b+tree why they were invented, what problems do they solve, and the advantages and disadvantages of both. I'll also discuss the limitation of implementing b-tree over b+tree and how Discord ran into a memory limitation using b-tree Mongo. Check out my udemy Introduction to Database Engineering course https://husseinnasser.com/courses    Learn the fundamentals of database systems to understand and build performant backend apps 0:00 Data structure and algorithms 1:30 Working with large datasets 6:00 Binary Tree 8:30 B-tree 19:30 B+ tree 22:00 B-tree vs B+ tree benefits 25:00 MongoDB Btree Indexes Trouble 30:00 Summary working with a billion row table (Members only) https://youtu.be/wj7KEMEkMUE indexing video https://youtu.be/-qNSXK7s7_w Discord moving from MongoDB to Cassandra https://www.youtube.com/watch?v=86olupkuLlU https://blog.discord.com/how-discord-stores-billions-of-messages-7fa6ec7ee4c7 MongoDB Indexes https://docs.mongodb.com/manual/indexes/ Postgres Indexes https://www.postgresql.org/docs/13/btree-implementation.html btree code https://www.cs.usfca.edu/~galles/visualization/BPlusTree.html https://www.cs.usfca.edu/~galles/visualization/BTree.html Support my work on PayPal https://bit.ly/33ENps4   Become a Member on YouTube  https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫  Courses I Teach https://husseinnasser.com/courses
6/27/202132 minutes, 38 seconds
Episode Artwork

Let’s discuss the DarkRadiation ☢️ Ransomware

SSH Wormable, Written in Bash and VERY hard to detect. Let’s discuss the DarkRadiation ☢️ Ransomware. This new ransomware is cut from a different cloth. Let us discuss * SSH Wormable * Encrypts with AES (OpenSSL) * It mutates so anti-viruses can’t catch it * Bash * Still under development https://www.trendmicro.com/en_us/research/21/f/bash-ransomware-darkradiation-targets-red-hat--and-debian-based-linux-distributions.html Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
6/24/202116 minutes, 28 seconds
Episode Artwork

My thoughts on the ALPACA Attack (Detailed analysis)

The ALPACA attack stands for application layer protocol confusion attack and discovered by a group of German computer scientists. Let us spend some time analyzing how this attack really works and how dangerous this is. Resources https://alpaca-attack.com/ALPACA.pdf https://var.thejh.net/http_ftp_cross_protocol_mitm_attacks.pdf https://github.com/RUB-NDS/alpaca-code https://github.com/RUB-NDS/alpaca-code/blob/master/testlab/servers/files/nginx-attacker/html/upload/ftps.html https://twitter.com/lambdafu/status/1404567396443164683 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
6/22/202142 minutes, 35 seconds
Episode Artwork

Facebook Awarded him $30,000 for Finding a Critical Instagram Bug

This Indian computer scientist uncovered a severe bug that allows anyone to view private content. Let’s see how he did it.    https://link.medium.com/goNhkJgv9gb Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
6/17/202110 minutes, 34 seconds
Episode Artwork

Zero-downtime restarts

It is inevitable that a backend service will need to get restarted to pick up a new code change, configuration change, or get out of an invalid state. In this show, I'll discuss why do we need restart services and what alternative ways are there to get around it. And then I'll talk about how to achieve a zero-downtown restart and it is not straightforward as one might think. Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
6/13/202114 minutes, 46 seconds
Episode Artwork

My thoughts on the CAP theorem

CAP stands for Consistency, Availability, and Partition tolerance. Understanding the CAP theorem can help engineers make better design choices when building distributed systems. In this show, I will explain the CAP theorem and how you can use it to make tradeoffs in your backend design. You probably already are using the CAP theorem without even knowing. Resources https://www.infoq.com/articles/cap-twelve-years-later-how-the-rules-have-changed/#:~:text=The%20CAP%20theorem%20states%20that,to%20network%20partitions%20(P). Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
6/12/202118 minutes, 21 seconds
Episode Artwork

Fastly's Outage Took Down Amazon, Reddit, Stack Overflow and many other websites (Early reports)

Fastly, a very popular CDN went down and took down many services, let’s talk about what could have caused this. Resources https://status.fastly.com/incidents/vpk0ssybt3bj https://twitter.com/fastly/status/1402221348659814411?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1402221348659814411%7Ctwgr%5E%7Ctwcon%5Es1_c10&ref_url=https%3A%2F%2Ftwitter.com%2F https://apple.news/ASVV6TIepT8GPIEDjFbyNRg Support my work on PayPal https://bit.ly/33ENps4  Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
6/8/202114 minutes, 56 seconds
Episode Artwork

The Backend of this Fintech Exposed Users' Personal Information - The Klarna Leak (Full Report)

On May 27, 2021, Klarna, a popular fintech company has suffered a serious exposure of personal data which caused a planned outage. Resources https://twitter.com/KezStew/status/1397845638956605440 https://www.klarna.com/us/blog/detailed-incident-report-incorrect-cache-configuration-leading-to-klarna-app-exposing-personal-information/ https://en.wikipedia.org/wiki/Klarna#cite_note-22 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
6/8/202135 minutes, 47 seconds
Episode Artwork

13 TB of Dominos Pizza India customers’ data leaked and put on the Dark Web

Dominos Pizza India hacked and 13TB of customers' data is now on the dark web. https://www.indiatoday.in/technology/news/story/leaked-data-of-dominos-india-users-now-available-on-search-engine-created-by-hacker-1805595-2021-05-22 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join
6/4/202114 minutes, 32 seconds
Episode Artwork

QUIC is FINALLY a Standard. RIP TCP?

QUIC is officially an IETF standard after a very long time. Is this going to replace the TCP protocol? https://www.theregister.com/2021/05/31/quic_becomes_standard/ https://datatracker.ietf.org/doc/html/rfc9000 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
6/3/202115 minutes, 34 seconds
Episode Artwork

why it is very hard to cancel an HTTP request

In this episode of the backend engineering show, I go through the lifetime of an HTTP request and why it is extremely difficult to cancel an HTTP request in a real production environment. Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
6/2/202122 minutes, 2 seconds
Episode Artwork

The Flavors of Database Replication - The Backend Engineering Show with Hussein Nasser

In this episode, I will discuss the different types of database replication and the pros and cons of each, streaming, binary, logical, synchronous, asynchronous, one-way and two-way replication. Stay tuned if you like databases and check out my database engineering course head to husseinnasser.com/courses for a discount code Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
5/31/202119 minutes, 49 seconds
Episode Artwork

Tor’s Connection Establishment - The Backend Engineering Show with Hussein Nasser

In this episode, I will discuss Tor’s circuit Establishment which is the core of the Tor protocol. https://svn-archive.torproject.org/svn/projects/design-paper/tor-design.pdf https://youtu.be/gIkzx7-s2RU Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
5/29/202134 minutes, 46 seconds
Episode Artwork

I almost Burnt out creating software engineering content on YouTube, here is what I learned

This is an honest video about burnout and what a content creator can do to avoid it creating content on YouTube. Support my work on PayPal https://bit.ly/33ENps4
5/27/202115 minutes, 25 seconds
Episode Artwork

Long Polling and how it differs from Push, Poll and SSE - The Backend Engineering Show

In this episode of the backend engineering show, I'll discuss long polling technique of backend communication. I will also touch upon Polling and Pushing too and the pros and cons of each. * Intro 0:00 * Polling 2:45 * Pushing 6:30 * Long Polling 18:00 * SSE 23:00 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
5/26/202126 minutes, 32 seconds
Episode Artwork

The New Postgres 14 Looks Promising - The Backend Engineering Show with Hussein Nasser

In this episode of the Backend Engineering show, we will go through the new features in Postgres 14. Here is a rundown of improvements made to the database platform with timestamps. 0:00 Intro 2:20 Performance 18:50 Data Types and SQL 23:00 Administration 32:30 Replication and Recovery 35:47 Security Postgres 14 Beta 1 https://www.postgresql.org/about/news/postgresql-14-beta-1-released-2213/ Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube   🧑‍🏫 Courses I Teach https://husseinnasser.com/courses 
5/23/202139 minutes, 41 seconds
Episode Artwork

The OSI Model by Example - The Backend Engineering Show with Hussein Nasser

In this episode of the Backend Engineering Show, I’ll explain the OSI Model with an example. I start with the physical layer which is often ignored moved up to the application layer, presentation layer, session layer, transport layer, IP layer, and data link layer. I believe every software engineer should understand the OSI Model as it helps cement the fundamental understanding of networking applications. Intro 0:00 Layer 1 Physical 4:00 Layer 7 Application 9:45 Layer 6 Presentation 11:30 Layer 5 Session 14:20 Layer 4 Transport 15:00 Layer 3 IP 18:00 Layer 2 Data Link 20:00 Summary 28:00 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
5/20/202132 minutes
Episode Artwork

Optimizing Communication and Networking in Database Systems

In today's show, I discuss the nature of communications in database systems and how the pattern completely changed with 3-tier web architecture. I also discuss whether multiplexing protocols such as HTTP/2 and QUIC can help elevate some of the inefficiencies introduced. * Intro 0:00 * Communication Protocols 2:00 * 3 Web Tier Architecture 8:00 * Connection Pooling 14:50 * Database Connection Multiplexing 23:40 * Will Databases handle high concurrency 32:00 Support my work on PayPal https://bit.ly/33ENps4    Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
5/18/202141 minutes, 25 seconds
Episode Artwork

If you are using Let’s Encrypt Watch out for this

DST Root CA X3 Expires on September 2021, a ROOT certificate that signs Let's Encrypt Certificate authority, a very popular CA. In this video, I will discuss the ramification of this change. Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses 🏭 Backend Engineering Videos in Order https://backend.husseinnasser.com
5/17/202114 minutes, 42 seconds
Episode Artwork

This is why Salesforce services went down on May 11 2021

Salesforce services went down as a result of a DNS update, let us discuss how can tiny DNS unavailability cause a severe outage of 5 hours. From salesforce "On May 11, 2021, at approximately 21:08 Universal Coordinated Time (UTC), the Salesforce Technology team became aware of a service disruption across Salesforce production instances. The disruption impacted the ability for users to log into their Salesforce environments within the core Salesforce services, Marketing Cloud, Commerce Cloud, Government Cloud, Experience Cloud, Heroku, Pardot, and Vlocity. In addition, the status.salesforce.com Trust site was also unavailable, and customers were unable to log support cases. Some customers may have also experienced issues with Multi-Factor Authentication (MFA) during the incident. " Resources https://help.salesforce.com/articleView?id=000358392&type=1&mode=1 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses 🏭 Backend Engineering Videos in Order https://backend.husseinnasser.com
5/13/202113 minutes, 33 seconds
Episode Artwork

How HAProxy forwards 2 Million Requests Per Second? - The Backend Engineering Show

In this show, I go into detail on how HAProxy achieved 2 million HTTP requests per second. This is a very well-written article that discusses how the HAProxy team benchmarked the product on a 64 core ARM machine leading to over 2 million requests per second. There are many components and low-level points that I try to elaborate on, timestamps below.  0:00 Intro  2:40 Summary of the Article  11:55 Latency and Throughput in HAProxy 2.3 vs 2.4  21:00 How TCP Connections Affects Performance  28:00 Maximum Packets we can get in 100Gbps Network?  35:00 How 64 Cores are divided between workloads  40:00 Tail latencies HAProxy 2.3 vs 2.4  42:50 How TLS Affects Performance?  HAProxy Blog https://www.haproxy.com/blog/haproxy-forwards-over-2-million-http-requests-per-second-on-a-single-aws-arm-instance/ Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
5/10/202147 minutes, 41 seconds
Episode Artwork

The Tale of OLTP, OLAP, and HTAP in Data Warehousing - The Backend Engineering Show with Hussein Nasser

In this show, I discuss why we have 3 data models in database systems, OLTP (Online Transactional Processing) OLAP (Online Analytical Processing), and HTAP (Hybrid Transactional Analytical Processing). I’ll also explain the difference between them, the use of ETL tools (extract transform load) to load data from transactional to analytical databases, and what is the future of HTAP. Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
5/9/202142 minutes, 53 seconds
Episode Artwork

This Python And NodeJS IP Address Validation Vulnerability is Severe, Watch out

Watch this if you are using IP Address validation in both NodeJS and Python, these two libraries strip leading zeros which can lead to server side request forgery. Let us discuss Resources https://www.bleepingcomputer.com/news/security/critical-netmask-networking-bug-impacts-thousands-of-applications/ https://www.bleepingcomputer.com/news/security/python-also-impacted-by-critical-ip-address-validation-vulnerability/ Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
5/4/202116 minutes, 7 seconds
Episode Artwork

These Hackers Snuck their Trojan through PING

In this video, I’ll discuss the Pingback attack, a new clever attack that uses both DLL files through Oracle Component Interface (OCI.dll) and ICMP protocol to deliver commands between the victim machines and the command center.  Resources  https://thehackernews.com/2021/05/new-pingback-malware-using-icmp.html  https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol  https://en.wikipedia.org/wiki/Oracle_Call_Interface Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
5/4/202119 minutes, 28 seconds
Episode Artwork

Publish-Subscribe Pattern vs Message Queues vs Request Response (Detailed Discussions with Examples)

In this podcast I’ll explain the message queues, the request response pattern and the publish subscribe pattern. I will also illustrate the main differences between them and when to use over another. 0:00 Intro 0:30 Message Queues in 60 Seconds 1:24 When to Use Message Queues? 14:33 Request Response Pattern 20:00 Request Response Pros & Cons 24:11 Publish Subscribe Pattern in 60 Seconds 25:13 Publish Subscribe Pattern 31:49 Publish Subscribe Pattern Pros and Cons Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
5/2/202144 minutes, 31 seconds
Episode Artwork

HTTP Code 502 Bad Gateway Explained (All its Possible Causes on the Backend)

502 Bad Gateway is one of the most infamous errors on the backend, it usually means “hey something wrong with your backend server” but it doesn’t really give enough information.  In this video,  I’ll go through details on why proxies and gateways like NGINX and HAProxy should consider throwing more fine detailed HTTP error codes.   502 Bad Gateway The server was acting as a gateway or proxy and received an invalid response from the upstream server.   0:00 intro   3:45 What Causes a 502 Bad Gateway? 8:00 Cloudflare HTTP error codes  13:00 Security Implications Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
4/30/202117 minutes, 19 seconds
Episode Artwork

Technical Discussion on VPNs - How VPNs Work, their benefits, and What happens when VPNs are Hacked

In this episode I’ll talk about how VPN works, networking, IPSec and will also discuss the benefits of VPN and what happens when a VPN is hacked?   * Intro 0:00   * How Networking Works? 2:20   * How VPN Works? 10:00   * VPN Benefits 17:50  * What happens when VPN is hacked 20:20 Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
4/26/202126 minutes, 42 seconds
Episode Artwork

Let us discuss the Linux Kernel community and University of Minnesota situation

There is an ongoing situation with the Linux kernel community and the University of Minnesota Department of Computer Science & Engineering. We discuss this in this episode and I give my opinion  
4/22/202115 minutes, 30 seconds
Episode Artwork

Auth0 Outage (Early report)

Auth0 went down on April/20/2021 and this is the early report. Let us discuss. This incident affects: Auth0 US (PROD) (User Authentication, Machine to Machine Authentication, Multi-factor Authentication, Management API), Auth0 US (PREVIEW) (User Authentication, Machine to Machine Authentication, Multi-factor Authentication, Management API), and Management Dashboard (manage.auth0.com). 0:00 Update on Auth0 outage 6:00 Speculation of the outage https://auth0.com/blog/how-we-store-data-in-the-cloud-at-auth0/#Redis https://status.auth0.com/incidents/zvjzyc7912g5?u=v0zzz6jxvbv7
4/20/202111 minutes, 3 seconds
Episode Artwork

North Korean Hackers Hide Malicious Code within BMP image, Goes Undetected by AntiVirus software

Let us discuss the complexity behind this trojan hack, the multi-layer approach of hiding the RAT (remote access trojan) is absolutely genius. https://en.wikipedia.org/wiki/HTML_Application https://en.wikipedia.org/wiki/Portable_Network_Graphics https://blog.malwarebytes.com/malwarebytes-news/2021/04/lazarus-apt-conceals-malicious-code-within-bmp-file-to-drop-its-rat/
4/20/202114 minutes, 51 seconds
Episode Artwork

These New WhatsApp Vulnerabilities Can Leak Images, Voice Notes, and Chat by Opening an HTML message

Few vulnerabilities in WhatsApp for Andriod discovered that allow an attacker to send an HTML file attachment full access to the user's media, voice notes, pictures, and eventually chat messages (through TLS session resumption keys). In this video, we will discuss the scope of this attack. The vulnerabilities have been patched by facebook. Full article from CENSUS labs discussing in detail how to carry POC attack.  https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/
4/18/202121 minutes, 41 seconds
Episode Artwork

A Look into Modern Leaky Abstractions - Postgres, MySQL, HTTP/2, TCP, ORMs GraphQL, N+1, Axios, git

Leaky abstractions occur when the consumer of the abstraction started asking questions about certain behavior which ends up with the need to understand the details behind the abstraction. Joel Spolsky coined this term and in this video I’d like to discuss this concept and provide few examples of my own experience towards leaky abstractions. Let us get on with the show. 6:00 Postgres Dead Tuples 7:25 MySQL Clustering 9:23 Axios HTTP Library 11:30 ORMs (N+1) 13:30 Beyond Abstractions 15:30 TCP 19:30 HTTP/2 27:00 Microservices 28:40 Index Only Scans Postgres 33:35 git 34:50 Summary Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
4/17/202137 minutes, 49 seconds
Episode Artwork

Here is what caused the Hack to PHP Source Code git Server

Two weeks ago the PHP source code git server got hacked and two malicious commits were made to the source code. Since then the PHP maintainers identified the source of the hack, let us discuss
4/15/202113 minutes, 29 seconds
Episode Artwork

If I wasn’t a Backend Engineer, I would pick this as my career - Q&A April 2021

Light episode today let's have some fun with Q&A, I collected some questions on Twitter and YouTube community and I'm going to attempt to answer them here. Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
4/12/202111 minutes, 59 seconds
Episode Artwork

Can NULLs Improve your Database Queries Performance? - The Backend Engineering Show

In this episode, we will discuss NULLs in database systems. I’ll go through the following: What is Null? NULLs persistence Whether you store a 0 or 2 billion value in the field 32bit integer field it costs 32 bit when you store a NULL in 32 bit integer field we save 32 bit but add overheads When NULLs are naughty Semantics and inconsistent result Select count(*). Includes nulls count(column) ignores nulls T is NULL returns the null rows T is NOT NULL returns not null rows T In (NULL) returns nothing T not in NULL returns nothing Some database don’t index nulls When NULLs are useful I don’t have value , I don’t wish to provide a birthday not applicable field for certain use cases but not others fat tables (denormlization) Fat tables with many columns makes your rows longer which means fewer rows fit in your page (show pic).. NULLs help here .. that are NULL, it yields shorter rows, instead of storing a default 0 value Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
4/11/202122 minutes, 41 seconds
Episode Artwork

10 Vulnerabilities to watch for When building secure backend application (OWASP recommendations)

The open web application security project is a recognized entity that helps developers identify critical security vulnerabilities to build secure web applications. In this video I will go through the 10 vulnerabilities and explain each one and give examples and anecdotes from real life examples. 0:00 Building Secure Backends 2:30 Injection 4:50 Broken Authentication 6:43 Sensitive Data Exposure 11:00 XML External Entities (XXE) 13:45 Broken Access Control 17:00 Security Misconfiguration 19:00 XSS 22:45 Insecure Deserialization. 24:48 Using Components with Known Vulnerabilities. 26:00 Insufficient Logging & Monitoring. Resources https://owasp.org/www-project-top-ten/ Cards 2:50 SQL Injection https://www.youtube.com/watch?v=Azo9tDUtC9s 4:20 Best practices building REST https://www.youtube.com/watch?v=6zHWU7zBep0&list=PLQnljOFTspQUybacGRk1b_p13dgI-SmcZ&index=4 8:30 TLS playlist youtube.com/playlist?list=PLQnljOFTspQW4yHuqp_Opv853-G_wAiH- 15:00 HTTP Smuggling https://www.youtube.com/watch?v=PFllH0QccCs 19:22 XSS https://www.youtube.com/watch?v=pD6C1-zSxIM 25:10 OpenSSL Crash https://youtu.be/aDPQ0_MyRnc Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
4/7/202128 minutes, 35 seconds
Episode Artwork

Browser Caching best practices, when to use no-cache vs max-age without breaking your site

Caching is the hardest problem in building software, and having the browser cache is not any different. In this video, I'll discuss Jake Archibald's article https://jakearchibald.com/2016/caching-best-practices/ 0:00 Intro 2:00 Pattern 1: Immutable content + long max-age 5:40 Pattern 2: Mutable content, always server-revalidated 8:00 max-age on mutable content is often the wrong choice 12:20 CDN and Caching Article https://jakearchibald.com/2016/caching-best-practices/ https://twitter.com/jaffathecake
4/7/202118 minutes, 59 seconds
Episode Artwork

Write Amplification Explained in Backend Apps, Database Systems and SSDs

Write Amplification Is a phenomenon where the actual writes that physically happen are multiples of the actual writes desired. In this episode, I'll discuss 3 types of write amplifications and their effects on performance and lifetime of storage mediums. 0:00 intro 2:00 Application write amplification 4:30 Database write amplification 9:30 SSD Disk write amplification 16:00 SSD hates BTrees 20:00 summary Resources https://en.wikipedia.org/wiki/Write_amplification https://www.cybertec-postgresql.com/en/hot-updates-in-postgresql-for-better-performance/ https://youtu.be/5Mh3o886qpg
4/5/202122 minutes, 22 seconds
Episode Artwork

DNS issue impacting multiple Microsoft services on April’s fool day (with Bonus content)

Microsoft Had an Outage on April 1st that is caused by DNS surge, let us discuss this. Bonus I’ll also discuss the outage that happened on March 18th cpu 100% utilization RCA - DNS issue impacting multiple Microsoft services (Tracking ID GVY5-TZZ) Summary of Impact: Between 21:21 UTC and 22:00 UTC on 1 Apr 2021, Azure DNS experienced a service availability issue. This resulted in customers being unable to resolve domain names for services they use, which resulted in intermittent failures accessing or managing Azure and Microsoft services. Due to the nature of DNS, the impact of the issue was observed across multiple regions. Recovery time varied by service, but the majority of services recovered by 22:30 UTC. 0:00 April/1st Outage - DNS Issue 13:30 March/18th Outage - CPU 100% RCA https://status.azure.com/en-us/status/history/
4/4/202126 minutes, 48 seconds
Episode Artwork

My Python CRUD App hits 2 million rows, Should I Shard my Database?

Hey Hussein I have a 2 million row table used in my CRUD python app, I’m worried that as the table grow my inserts will slow down, should I consider sharding my database or partition the table? thank you I’m avid of simplicity in design if I can do it in one machine I’ll do it. Sharding/Partitioning are all great inserts are fast, queries are slow 0:00 inserts can be slow 3:00 indexes/stored procedures selects, updates, and deletes can be slow 12:00 add proper indexes. simplicity wins, premature optimization is bad 15:20 crazy things that people say like microservices day 1 scares me
4/3/202121 minutes, 16 seconds
Episode Artwork

cURL TLS 1.3 session ticket proxy host mixup Vulnerability

Enabled by default, libcurl supports the use of TLS 1.3 session tickets to resume previous TLS sessions to speed up subsequent TLS handshakes. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly "short-cut" the host handshake. The reason for this confusion is the modified sequence from TLS 1.2 when the session ids would provided only during the TLS handshake, while in TLS 1.3 it happens post hand-shake and the code was not updated to take that changed behavior into account. 4:00 http connect https://curl.se/docs/CVE-2021-22890.html
3/31/20219 minutes, 56 seconds
Episode Artwork

PHP’s Source Code hacked - Two Remote Code execution added to the Git server, let us discuss

Two malicious commits were pushed to the php-src Git repository maintained by the PHP team on their git.php.net server. The commits were found and reverted two hours after it was committed. PHP is moving to github as a result. Article https://www.bleepingcomputer.com/news/security/phps-git-server-hacked-to-add-backdoors-to-php-source-code/
3/31/20218 minutes, 47 seconds
Episode Artwork

What happens when your Web Server Private Key is Leaked?

We have been told to take care of our private key that we use on backend servers without clear instructions as to what could happen when that key is leaked. In today’s backend engineering show I discuss exactly what could go wrong when your backend server private key is leaked. Let us discuss Intro 0:00 What is a Certificate? 1:10 Where is the Private Key used? 4:10 TLS 1.2 with RSA 4:20 Why RSA no longer used 9:00 TLS 1.3 & TLS 1.2 Digital Signature 12:00 How often should you recycle Private Keys 19:00 Resources https://blog.cloudflare.com/advanced-certificate-manager/ https://heartbleed.com/ https://cabforum.org/ https://en.wikipedia.org/wiki/DigiNotar https://www.ibm.com/support/knowledgecenter/en/SSFKSJ_9.0.0/com.ibm.mq.sec.doc/q009960_.html
3/28/202124 minutes, 32 seconds
Episode Artwork

Researcher bypasses Azure, and Cloudflare Reverse Proxy Security - HTTP/2 Smuggling (h2c)

6 months ago, Jake Miller released a blog article and python tool describing H2C smuggling, or http2 over cleartext smuggling. By using an obscure feature of http2, an attacker could bypass authorization controls on reverse proxies.   Sean managed to leverage Jack’s original research to bypass reverse proxy rules, lets discuss  My original Video on Jack’s h2c smuggling https://youtu.be/B2VEQ3jFq6Q This article  https://blog.assetnote.io/2021/03/18/h2c-smuggling/
3/26/202114 minutes, 9 seconds
Episode Artwork

High severity flaw can crash your WebServer when using OpenSSL - Let us discuss

On Thursday, OpenSSL maintainers released a fix for two high severity vulnerabilities, let us discuss the impact. OpenSSL two major vulnerabilities 0:00 why OpenSSL 1:00 Bug 1 - Renegotiating TLS 1.2 (CVE-2021-3449) 3:50 Bug 2 - Cert verification bypass (CVE-2021-3450) 8:42 Update to OpenSSL 1.1.1k 12:30 Resources https://www.openssl.org/news/vulnerabilities.html https://arstechnica.com/gadgets/2021/03/openssl-fixes-high-severity-flaw-that-allows-hackers-to-crash-servers/
3/26/202117 minutes, 49 seconds
Episode Artwork

When is NodeJS Single Threaded and when is it multi-Threaded?

Node JS Is single-threaded asynchronous non-blocking javascript runtime, but it's not always single-threaded there are occasions where nodejs uses multi-threading, so the questions we will try to answer in this video, when is nodejs single-threaded and when does it use multi-threading and how will that affect my app? Event Loop single thread, that really just loops for callbacks 0:00 Threading in Node jS (libuv) 4:00 used for IO/intensive DNS queries file system reads CPU intensive crypto compression process.env.UV_THREADPOOL_SIZE=1 Examples 8:00 Cluster Nodejs 16:00 Example 1 HTTP server return 1 HTTP server while 1 HTTP server with file system read async HTTP server with file system read sync HTTP server with fetch call to server (dns) Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
3/24/20219 minutes, 6 seconds
Episode Artwork

Slack's Migrating Millions of Websockets from HAProxy to Envoy, let's discuss

Slack started migrating from HAProxy to Envoy for their backend architecture, in this video, I’ll discuss their recent article when they moved the WebSockets portions, why they moved from HAProxy to Envoy and their production plans. Resources Article https://slack.engineering/migrating-millions-of-concurrent-websockets-to-envoy/ RFC8441 https://tools.ietf.org/html/rfc8441 3:15 Websockets Crash Course https://youtu.be/XgFzHXOk8IQ 9:50 HAProxy Runtime API https://youtu.be/JjXUH0VORnE 20:00 Slack Jan 4th outage https://www.youtube.com/watch?v=dhZ5--R42AM 23:00 RFC8441 Bootstrapping Websockets HTTP/2 https://youtu.be/wLdxC9gesBs
3/21/202135 minutes, 44 seconds
Episode Artwork

Why WebSockets over HTTP/2 (RFC8441) is Critical for Effective Load Balancing and Backend Scaling

In this video, I'll discuss RFC8441 bootstrapping WebSockets with HTTP/2 which I believe a critical protocol to allow WebSockets tunneling to scale on the backend. We will also discuss the current state of the art of Proxy and Backend Supports for this tech. Let us have a discussion. 0:00 Intro 3:00 WebSockets over HTTP/2 7:40 Proxy Supports 13:15 Browsers Supports 14:00 Summary RFC 8441 Resources RFC8441 https://tools.ietf.org/html/rfc8441#section-4 nginx support https://trac.nginx.org/nginx/ticket/1992 haproxy support https://github.com/haproxy/haproxy/issues/162 Chrome support https://www.chromestatus.com/feature/6251293127475200 Firefox support https://bugzilla.mozilla.org/show_bug.cgi?id=1434137 envoy support https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/http/upgrades Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑‍🏫 Courses I Teach https://husseinnasser.com/courses
3/21/202116 minutes, 8 seconds
Episode Artwork

How HTTP Compression Leaks Sessions and JWT - CRIME Explained and how HPACK in HTTP/2 fixes this

In this video we will explore one of the most popular side attacks CRIME Compression Ratio Info-leak Made Easy) and the different ways to mitigate this.   Intro 0:00  * HTTP/1.1 SPDY header compression 4:00* TLS compression  * Response body attackers can’t inject 13:00  * Mitigations  14:10      * HPACK/QPACK      * TLS Padding
3/19/202121 minutes, 5 seconds
Episode Artwork

The Second Microsoft Global Outage in less than 6 months

On March 15, 2021, users couldn’t sign in to Microsoft services the majority of the impact was with teams but other services were affected. A similar outage happened back in Sep 2020 (I covered it here https://www.youtube.com/watch?v=0ozri9APCv0&t=68s) Microsoft 365 Service health status https://twitter.com/MSFT365Status/status/1371546946263916545
3/16/202112 minutes, 44 seconds
Episode Artwork

Is there a Limit to Number of Connections a Backend can handle?

In today's show, I'll answer the question do backend connections max out? There are many aspects to this question and I want to try to tackle all of them.   I'll also mention the efforts that the  @Cloudflare  and team are doing to improve the CONNECT with MASQUE protocol  Tune in to the Backend engineering Show with Hussein Nasser on your fav podcast player.
3/16/202119 minutes, 33 seconds
Episode Artwork

Fire Destroys Datacenter in France, Let us discuss the OVHcloud Fire

OVHcloud is Europe's largest cloud provider, with facilities across the region. They were hit with a big fire that completely destroyed an entire datacenter. What happened? 0:00 What is the effect? 3:00 What OVH is going to do? 6:00 Resources https://www.ovh.ie/news/press/cpl1786.fire-our-strasbourg-site http://travaux.ovh.net/?do=details&id=49484 https://twitter.com/olesovhcom/status/1369504527544705025
3/11/202113 minutes, 32 seconds
Episode Artwork

Firefox State Partitioning for Cookies Might End Evil Tracking forever

Firefox is implementing a feature that might end website tracking, let's get into how it works.   https://blog.mozilla.org/security/2021/02/23/total-cookie-protection/  https://hacks.mozilla.org/2021/02/introducing-state-partitioning/
3/10/20218 minutes, 41 seconds
Episode Artwork

Did you get logged out of GitHub? - Backend Race condition Bug discussion

On the evening of March 8, GitHub invalidated all authenticated sessions on GitHub.com created prior to 12:03 UTC on March 8 out of an abundance of caution to protect users from an extremely rare, but potentially serious, security vulnerability affecting a very small number of GitHub.com sessions.   Let us discuss   https://github.blog/2021-03-08-github-security-update-a-bug-related-to-handling-of-authenticated-sessions/
3/10/202115 minutes, 33 seconds
Episode Artwork

Chrome 90 will start communicating in HTTPS (port 443) by Default - Let us discuss

For the longest time, all browsers will always use HTTP in schemeless URLs (when HTTP or HTTPS is not specified). Chrome is flipping this with version 90   Chapters *  HTTPS by Default 0:00 * What happens Today 1:00 * What will happen in Chrome 90 4:00 * HSTS? 6:20 * is HTTPS everywhere dead? 7:10 * How to Enable 8:20  Video https://youtu.be/XrlfX0duLKQ https://latesthackingnews.com/2021/03/01/google-will-launch-https-first-approach-with-urls-from-chrome-90
3/4/202112 minutes, 33 seconds
Episode Artwork

S3 compliant MinIO Suffers an Server Side Request Forgery vulnerability, lets discuss

MinIO, an S3 Compliant object-store suffered from a Server Side Request Forgery Vulnerability in early Feb 2021 which has been fixed quickly and addressed. In this video we go through the bug and what can we learn from it
3/1/202110 minutes, 45 seconds
Episode Artwork

Which DBMS will Implement QUIC First? Can the QUIC Protocol improve Database Performance in Web Applications?

In this video, I discuss why QUIC will make a great communication protocol for databases and how it solves a critical problem with stateless web applications. Web applications use database connection pooling to establish database connections on the backend. But that creates other sorts of problems.
2/25/202113 minutes, 4 seconds
Episode Artwork

3 New Ways to Crash your NodeJS Server, Update Node JS today! (Feb 2021 Security Update)

Nodejs Updates are now available for v10.x, v12.x, v14.x and v15.x Node.js release lines for the following issues. 0:00 Intro 1:50 HTTP/2 Unknown Protocol 4:24 Localhost6 DNS Rebinding 6:55 Integer overflow OpenSSL Resources https://nodejs.org/en/blog/vulnerability/february-2021-security-releases/
2/24/202110 minutes, 55 seconds
Episode Artwork

cURL creator Daniel Stenberg threatened - The entitlement towards OSS needs to STOP!

This is unacceptable and the entitlement towards open-source maintains needs to STOP!   Danial’s blog https://daniel.haxx.se/blog/2021/02/19/i-will-slaughter-you/  Support curl by becoming a backer  https://opencollective.com/curl#backer
2/19/20215 minutes, 48 seconds
Episode Artwork

SRE changes a single HAProxy config, Breaks the Backend and he troubleshoots it like a champ

Let us go through an absolutely fantastic article and journey of how a single change in HAProxy config drove this SRE into a frenzy to find out what went wrong. A fantastic read.  https://about.gitlab.com/blog/2021/01/14/this-sre-attempted-to-roll-out-an-haproxy-change/?utm_medium=social&utm_source=linkedin&utm_campaign=blog
2/19/20217 minutes, 23 seconds
Episode Artwork

A Bug in Stripe Caused by AWS Lambda Serverless Design (Container re-use)

From time to time I like to loiter on people’s GitHub Repos look through issues submitted and see if there are interesting hidden gems and bugs that would make a good lesson or learning experience and boy did I find one for you. This bug is caused in stripe-node code in AWS Lambda serverless environment where requests are failing intermittently. We discuss how AWS serverless container re-use can cause this and how stripe solved it.   Resources https://github.com/stripe/stripe-node/issues/1040 Intermittent Error: write EPIPE when running stripe client in AWS Lambda · Issue #1040 · stripe/stripe-node · GitHub https://aws.amazon.com/blogs/compute/container-reuse-in-lambda/
2/17/202115 minutes, 26 seconds
Episode Artwork

XMPP - Extensible Messaging and Presence Protocol (with Node JS and eJabberd)

XMPP or the Extensible Messaging and Presence Protocol  originally named Jabber[1]) is an open communication protocol designed for instant messaging (IM), presence information, and contact list maintenance. it is used by almost all large messaging systems such as whatsapp, facebook, google talk and others. In this video we will go through XMPP architecture, explain how it works and then finallly show how to spin up an XMPP chat server and connect to it from node js.
2/15/202119 minutes, 7 seconds
Episode Artwork

How timeouts can make or break your Backend load balancers

In this video I go over the critical timeouts on a Proxy system such as reverse proxy or load balancer and how can you configure each one to protect against attacks or outages. Nginx and HAProxy just a few proxies that you can configure to be load balancers.    
2/15/202121 minutes, 25 seconds
Episode Artwork

He Hacked Into Apple and Microsoft with this genius trick

Guys this is absolutely genius and nuts! I have never seen anything like this before. This guy got access to paypal json and saw some private packages.. created public ones with a similar name and then made them do bad things, then thing because firewalls will shut those down.. he used DNS DNS requests are practically safe so firewalls allow them 11:05 chrome root https://youtu.be/qpC1YH0FhuY https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610
2/11/202116 minutes, 11 seconds
Episode Artwork

CQRS is probably the cause of the Microservices madness

Reads and Writes don’t have to live in the same database, data model or even the same service. Let us discuss CQRS no separation one service that does read/write partial separation You can keep one service but backend have multiple connections with different users same database full separation Read services / write services two databases OLAP / OLTP Pros scalability security Cons complex and very hard to follow, what we see with microservices.. resources https://martinfowler.com/bliki/CQRS.html http://codebetter.com/gregyoung/2010/02/16/cqrs-task-based-uis-event-sourcing-agh/
2/7/20217 minutes, 19 seconds
Episode Artwork

Can China Block the New Encrypted Client Hello TLS Extension? Let us Discuss

In this video, I will discuss the new TLS extension Encrypted Client Hello which is a new mechanism to encrypt the entire client hello, very interesting and elegantly design but I have my few reservations and criticisms. Let us discuss. Intro 0:00 Classic TLS with SNI 7:00 ESNI 9:30 ECH 12:30 Limitations and Problems 21:00 Let's say the backend server hosts example.com with the cert of example.com and let us call this the “real” SNI. To support ECH, the same server should also host a client facing cert, lets call it server-ech.com with corresponding server-ech.com cert. So your server IP address is hosting two domains. example.com and ( server-ech.com just to support ech) So when you perform an oDoH/DoH query looking for example.com you will get back the IP address of example.com, (which is the same ip address as server-ech.com), you will also get the ephemeral public key of example.com from the HTTPSSVC DNS record. This will be used to encrypt the inner client hello, and finally, you will get a record of the front-facing server domain name which is server-ech.com. The client prepares the TLS ECH, it builds the outer client hello with the SNI value as server-ech.com, and the inner client hello with the real SNI (example.com) along side ALPN and other stuff.. It then uses the public key of example.com retrieved from the HTTPS DNS record to encrypt the inner client hello. The client sends the ECH. Server receives the ECH, and attempts to decrypt the inner client hello with the corresponding ephemeral private key, if it succeeds it then completes the server hello and key exchange as normal. if it fails to decrypt the inner client hello with its own private key that means the public key used, was stale, outdated, bad etc.. . The client then uses the outer client hello and it checks, do I have server-ech.com, yes I do have a cert for that, let me just finish the key exchange and server hello with that instead, and btw, here is my REAL public key for example.com so you can use it for future ECHs. the public key is going to be encrypted for sure (that was something not clear in the article) because its TLS 1.3 and things are immediately encrypted from the server. The client then finishes the handshake and finds out the public key and immediately terminate the connection and re-establishes it with brand new encrypted inner client hello that uses the new server public key which we know this time its going to work .. I can image getting into an infinite loop if the server accidentally gave a wrong public key. also some cons of ECH comes to mind is the larger client hello + the additional backend management to host that client facing server and cert. Also another question, what If I’m hosting 100 domains on my single IP address, do I get a single ephmeral public key for ECH? or is it per domain? and how does my server know what private key to use to decrypt, does it just try them one by one? or is there an indication to which public key was used to encrypt the inner client hello.. (I’m guessing there is ) https://blog.cloudflare.com/encrypted-client-hello/
2/7/202129 minutes, 7 seconds
Episode Artwork

UUIDs are Bad for Performance in MySQL - Does Postgres Win? Let us Discuss

MySQL is clustered by default on the primary key which means inserts have to be ordered, let us discuss why UUID (random in nature) has bad performance in MySQL and whether postgres wins here. We will also explain why Sequential Writes are Faster than Random in MYSQL and     https://www.percona.com/blog/2019/11/22/uuids-are-popular-but-bad-for-performance-lets-discuss/
2/4/202121 minutes
Episode Artwork

They Freed up 70GB of Unused Indexes Space on Postgres, How did they Do it?

This is a very interesting article that I encourage you to read it as it has lots of useful lessons in postgres. Using partial indexes, full vacuum, dropping unused indexes and much more helped this company save 70G worth of disk space.    https://hakibenita.com/postgresql-unused-index-size
2/2/202118 minutes, 36 seconds
Episode Artwork

How do I learn new tech as a software engineer

In this video I discuss my approach of learning new technology and how I break it down so I understand it. Hope it helps
2/1/202118 minutes, 57 seconds
Episode Artwork

Overview of InterPlanetary File System - IPFS with (Examples with Command line & Brave Browser)

The InterPlanetary File System (IPFS) is a protocol and peer-to-peer network for storing and sharing data in a distributed file system. IPFS uses content-addressing to uniquely identify each file in a global namespace connecting all computing devices. Intro 0:00 Why IPFS? 2:00 Explain the original web model and the limitation * Content addressing instead of location addressing * decentralized content distributed among peers Content 3:30 * Content is hashed as CID * Content is immutable each update generates new CID * Content addressing Routing 4:30 * Distributed Hash Table (DHTs) maps CID / Peer IP address * DHT server hosts content and DHT Publishing Content 6:30 * New Content that you want to share on ipfs * hash the content creating new CID * Update your local DHT CID / your ip address * DHT will be updated to all the content peer (NOT the CONTENT) * People searching for your CID will be connected to you and only you. Consuming Content 8:48 * ipfs client (dht client) want to consume Ipfs://cid/ * ipfs client consults its local DHT table to see where this CID is located, gets back a collection of IP addresses * client connects to some or all the peers found hosting that CID * client downloads chunks of the content from each peer so it speeds up * Once the client has the content it is now also updating its local DHT table that it now also hosts that CID (if it supports being a DHT server) * New updated DHT is propogated across peer IPFS Overview (Digrams) 11:30 Demo 13:45 More Information 18:30 Immutable Content * if Content gets updated changes URI how do I inform the user? * hash the public key of the user instead and share that Brand new Client/server * I know nothing about the network (Bootstraping) * you will be bootstrapped with a collection of ip addresses to start you up. More * IPFS gateway * IP Name server * Solve content * Deleting Content( once other node hosts it no way to delete it from their network) NAT traversal Resources https://datatracker.ietf.org/meeting/interim-2020-dinrg-01/materials/slides-interim-2020-dinrg-01-sessa-an-overview-of-the-interplanetary-file-system-ipfs.pdf https://www.youtube.com/watch?v=K4Usud4g4iY&feature=youtu.be&t=1008 https://twitter.com/hnasr/status/1353548949945163776?s=21 https://docs.ipfs.io/conce 🎙️Listen to the Backend Engineering Podcast https://husseinnasser.com/podcast 🏭 Backend Engineering Videos https://backend.husseinnasser.com 💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2 🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC 🏛️ Software Archtiecture Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9 📩 Messaging Systems https://www.youtube.com/playlist?list=PLQnljOFTspQVcumYRWE2w9kVxxIXy_AMo Become a Member https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join Support me on PayPal https://bit.ly/33ENps4 Join our Thriving Backend Community on Discord https://discord.com/invite/CsFbFce Stay Awesome, Hussein
1/31/202125 minutes, 10 seconds
Episode Artwork

This Certificate Authority is being banned from Google

It looks like digital certificates and other certificate authorities issued by Spanish certificate authority Camerfirma will stop working in Chrome 90, in April.   https://www.zdnet.com/article/google-bans-another-misbehaving-ca-from-chrome/  https://wiki.mozilla.org/CA:Camerfirma_Issues
1/29/20218 minutes, 54 seconds
Episode Artwork

Is SELECT * Expensive?

I explain why and when SELECT * can become expensive. 
1/28/20217 minutes, 38 seconds
Episode Artwork

This YouTube Backend API Leaks Private Videos - Research rewarded $5000

David Schuts, a security researcher earned $5000 dollars in Google VRP by finding a Backend YouTube API that leaks Private Video Thumbnails. let us discuss how did he do that.   Resources https://bugs.xdavidhu.me/google/2021/01/11/stealing-your-private-videos-one-frame-at-a-time/ Twitter @xdavidhu https://twitter.com/xdavidhu
1/24/202116 minutes, 31 seconds
Episode Artwork

He found a way to Hijack Private Google Docs Screenshots with a clever hack - Google paid him $4000

A vulnerability in Google Feedback component in postMessage allowed this security researcher to find a way to hijack private screenshots   https://blog.geekycat.in/google-vrp-hijacking-your-screenshots/ https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage
1/24/202110 minutes, 59 seconds
Episode Artwork

Brave is Decentralized - Users can Consume and HOST IPFS Decentralized Web Content through Brave

Brave supports IPFS (InterPlanetary File System) which is a protocol designed to replaced HTTP as a decentralized alternative. This allows users to host and consume   Resources https://brave.com/brave-integrates-ipfs/ https://ipfs.io/#how
1/22/202112 minutes, 34 seconds
Episode Artwork

RIP FTP - Chrome depreciates FTP for good

The current FTP implementation in Google Chrome has no support for encrypted connections (FTPS), nor proxies. Usage of FTP in the browser is sufficiently low that it is no longer viable to invest in improving the existing FTP client. In addition more capable FTP clients are available on all affected platforms.  Google Chrome 72+ removed support for fetching document subresources over FTP and rendering of top level FTP resources. Currently navigating to FTP URLs result in showing a directory listing or a download depending on the type of resource. A bug in Google Chrome 74+ resulted in dropping support for accessing FTP URLs over HTTP proxies. Proxy support for FTP was removed entirely in Google Chrome 76.  Remaining capabilities of Google Chrome’s FTP implementation are restricted to either displaying a directory listing or downloading a resource over unencrypted connections. We would like to deprecate and remove this remaining functionality rather than maintain an insecure FTP implementation. Resources https://bugs.chromium.org/p/chromium/issues/detail?id=333943 https://docs.google.com/document/d/1JUra5HnsbR_xmtQctkb2iVxRPuhPWhMB5M_zpbuGxTY/edit# https://www.chromestatus.com/feature/6246151319715840
1/19/20216 minutes, 6 seconds
Episode Artwork

The 2021 Slack Outage (Detailed analysis)

On Jan 4th 2021, Slack experienced a global outage that prevented customers from using the service for nearly 5 hours. Slack has released the Root cause analysis incident report which I’m going to summarize in the first part of this video. After that Ill provide a lengthy deep dive of the incident so make sure to stick around for that. If you are new here, I make backend engineering videos and also cover software news, so make sure to Like comment and subscribe if you would like to see more plus it really helps the channel, lets jump into it. So This is an approximation of Slack’s architecture based on what was the described in the reports. Clients connects to load balancers, load balancers distribute requests to backend servers and backend servers finally make requests to database servers which is powered by mysql through vitess sharding. All of those are connected by routers in cross boundary network. Around 6AM jan 4 , the cross network boundary routers setting between LB and backend and backend to DB started to drop packets. This lead to the load balancers slowly marking backends as unhealthy and removing them from the fleet Which compounded the amount of requests The number of failed requests eventually triggered the provisioning service to start spinning an absurdly large number of backend servers However the provisioning service couldn’t keep up with the huge demand and shortly started to time out for the same networking reasons and eventually ran out of maximum open file handles. Eventually Slack’s cloud provider increased the networking capacity and backend servers went back to normal around 11 AM PST This was a summary of the slack outage, Now set back, grab your favorite beverage and lets go through the detailed incident report! 0:00 Outage Summary 2:00 Detailed Analysis Starts 5:20 The Root Cause 30:00 Corrective Actions
1/15/202144 minutes, 20 seconds
Episode Artwork

HAProxy is closer to QUIC and HTTP/3 Support - Let’s discuss HAProxy 2.3

In this video I go through the new most exciting features in HAProxy, one of my favorite proxies. HAProxy 2.3 adds exciting features such as forwarding, prioritizing, and translating of messages sent over the Syslog Protocol on both UDP and TCP, and OpenTracing SPOA, Stats Contexts, SSL/TLS enhancements, an improved cache, and changes in the connection layer that lay the foundation for support for HTTP/3 / QUIC. Resources https://www.haproxy.com/blog/announcing-haproxy-2-3/ 0:00 Intro 2:00 Connection Improvements 5:40 Load Balancing 11:36 Cache 15:00 TLS Enhancements
1/14/202122 minutes, 26 seconds
Episode Artwork

Apache Kafka 2.7 is One Step Closer to Killing ZooKeeper

In this video I go through the new features in Apache Kafka 2.7, it is very interesting to see the amount of work Apache Kafka is doing to get closer to removing ZooKeeper   *  [KAFKA-9893] - Configurable TCP connection timeout and improve the initial metadata fetch * [KAFKA-9915] - Throttle Create Topic, Create Partition and Delete Topic Operations * [KAFKA-10054] - Add TRACE-level end-to-end latency metrics to Streams * [KAFKA-10259] - KIP-554: Add Broker-side SCRAM Config API * [KAFKA-10338] - Support PEM format for SSL certificates and private key   https://dist.apache.org/repos/dist/release/kafka/2.7.0/RELEASE_NOTES.html https://blogs.apache.org/kafka/entry/what-s-new-in-apache4 Confluence Mobile - Apache Software Foundation
1/13/202119 minutes, 17 seconds
Episode Artwork

Is EventStoreDB the First Native gRPC Database?

I discussed this in many of my videos, the need for a database that natively supports a multiplexing protocol such as QUIC, gRPC or HTTP/2 in order to allow multiple isolated clients to make requests to the database without taking the overhead of establishing multiple connections.    Resources https://www.infoq.com/news/2021/01/eventstoredb/ https://developers.eventstore.com/clients/dotnet/5.0/streams/#writing-to-a-stream
1/12/202112 minutes, 43 seconds
Episode Artwork

Demonstrate your Skills as Backend Engineer To Recruiters - Building a Full Backend Portfolio

A lot of you guys ask me this question. “I have experience but not sure how to show it, how do I build my backend portfolio such that I can get hired in my dream job. “ Building a backend portfolio takes time and effort and In this video I will be discussing 9 tools that you can add to your backend portfolio 0:00 Intro Live Projects 1:50 System Design Documents 3:45 Architectural/System Design Diagrams 5:45 UX/UI (in case of frontend) 7:13 Papers 8:30 Books 9:50 Blog articles 10:55 Videos 12:44 Podcast 14:45 Summary 15:45
1/10/202120 minutes, 36 seconds
Episode Artwork

WhatsApp’s Ultimatum, What can They see and What are They Collecting (In Details)

WhatApp has updated their terms of usage and privacy policy which caused many users to move to other platforms. This video will be a detailed report of their privacy policy, what they collect and what they can collect and see. https://www.whatsapp.com/legal/privacy-policy https://cdn.arstechnica.net/wp-content/uploads/2021/01/Image-from-iOS.png cards 1:30 end to end 16:30 Samesite cookie 0:00 WhatsApp New Privacy 4:00 Your Account Information 5:30 Your Messages 12:15 Your Connections 13:00 Automatically Collected Information 17:45 Summary
1/9/202120 minutes, 35 seconds
Episode Artwork

Have a Node JS Server? Update it Now!

NodeJS Jan 2021 released its security update and its time to go through them!   Resources https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/use-after-free in TLSWrap (High) (CVE-2020-8265) HTTP Request Smuggling in nodejs (Low) (CVE-2020-8287) OpenSSL - EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)
1/7/20217 minutes, 25 seconds
Episode Artwork

The Slack Outage (Early Report & Speculations)

On Jan 4th 2021 7:14 PST All Slack services went down. This video is an early report of the incident and speculation of what might have caused this outage. We still don’t know what caused the outage, we will wait for the full incident report from slack and I'll make a video once that's up.  https://status.slack.com/
1/5/202111 minutes, 31 seconds
Episode Artwork

My Thoughts on How Clever the SolarWinds Hack Really Is

The SolarWinds hack is one of the largest highly coordinated and intelligent attempt to hit enterprise companies. In this video, I briefly explain how smart this is.
1/4/20215 minutes, 30 seconds
Episode Artwork

Got Bit by A Docker Default on my Postgres Container, Interesting Story, let us discuss!

While working on a Postgres docker container executing some queries I noticed that my index-only scan query is hitting the heap which it shouldn't. After digging deep I found that it's the shared memory that docker allocates by default. Defaults are never enough, very interesting train of thought that I thought I’d share with you  The Blog I found that helped me find it https://blog.makandra.com/2018/11/investigating-slow-postgres-index-only-scans/
1/3/20215 minutes, 43 seconds
Episode Artwork

2021's Exciting Backend Tech - Serverless, QUIC, Microservices, The Backend Engineering Show

Let us discuss what I'm excited for in Backend Tech in 2021 and answer your great questions
1/2/20212 hours, 21 minutes, 48 seconds
Episode Artwork

My Process of Designing and Architecting Software

In this video, I go through my process of how I design and architect full software from A-Z. This is part of a Twitter thread that you guys seem to enjoy so I decided to make a video on the topic. Although the spec I generate is usually Backend oriented this is applicable for all software.  Twitter thread https://twitter.com/hnasr/status/1339021983195918337?s=20
12/29/202015 minutes, 25 seconds
Episode Artwork

How to Overcome Procrastination

In this video, I go through how I overcome procrastination as a software engineer.  What is Procrastination? 0:00How to Defeat  * Reward based system - a reward after achieving  1:20* discipline, remembering why started this, your goal 3:16* Professional - I need to do the work and ship 6:10
12/28/20209 minutes, 45 seconds
Episode Artwork

2020 Retrospective

2020 retrospective Intro 0:00 Goals 0:50 Teaching vs Documenting 4:30 Channel Growth 7:40 2021 10:50
12/24/202012 minutes, 57 seconds
Episode Artwork

The 2020 Google Outage (Detailed Analysis)

0:00 Intro 1:00 Summary of the Outage 4:00 Detailed Analysis of the Incident Report On Dec 14 2020 Google across the globe suffered from an outage that lasted 45 minutes nobody could access most of Google services. Google has released a detailed incident report discussing the outage, what caused it, technical details on their internal service architecture and what did they do to mitigate and prevent this from happening in this in the future In this video, I want to take a few minutes to summarize the report and then go into a detailed analysis. You can find youtube chapters to jump to the interesting part of the video. pick your favorite drink, sit back relax, and enjoy. Let's get started. let's start with an overview of how the google id service works, the client connects to Google authentication service to get authenticated or retrieve account information The account information is stored in a distributed manner between the different service ids for redundancy. when an update is made to an account on the leader node, the existing data in all nodes are marked as outdated, this is done for security reasons. Let’s say you updated your credit card info, privated your profile or deleted a comment, it is extremely dangerous to serve that outdated information. This was the key to the outage. The updated account is then replicated based on Paxos Consensus protocol. The user id service has a storage quota controlled by an automated quota management solution when the storage usage of the service changes. the quota is maintained accordingly either reduced or increased based on the demand .. So What Exactly Happened that caused the outage? In October 2020, google migrated their quota management to a new system and registered the id service with the new system. however some parts of the old system remained hooked up specifically the parts regarding the reading of the service usage. And because the service is registered to the new system, the old qouta system reported 0 usage as it should. So when the new quota manement asked its service for its usage it was incorrectly reporting 0. Nothing happened for a while since there was a grace period, but that period expired on December Thats when the new quota system kicked and saw the id service with 0 usage and started reducing the qouta for the id service down .. you are not using it why waste? The quota kept reducing until the service had no space left. This has caused updates to the leader node to fail, which caused all data to go out of date in all nodes which in turn escalated globally to what we have seen. Resource https://status.cloud.google.com/incident/zall/20013
12/20/202051 minutes, 33 seconds
Episode Artwork

Indexing Woes, The Secret to Backend Interviews, What is on my Bookshelf? The Backend Engineering Show

The Backend Engineering Show Live with Hussein Nasser episode 10 we discuss many great questions!! Indexing Woes, The Secret to Backend Interviews, What is on my Bookshelf? Backend Engineering Show
12/19/20202 hours, 6 minutes, 21 seconds
Episode Artwork

Postgres Instances hacked and used to mine crypto - Let us discuss how is that possible

Exposed Postgres instances are being ssh into and used as a botnet to mine bitcoin, in this video we explain how does that happens.   the trick is the COPY FROM PROGRAM command
12/15/20207 minutes, 39 seconds
Episode Artwork

Did Google run out of disk space? - The Google Outage ( Early report )

At 3:47 am PST almost all google services went down including, gmail, youtube, drive, docs, meet, nest , google maps and many more. It took close to an hour to bring them back up. We still don’t know what caused this outage, in this video we will try to make sense from what we have gathered so far. A detailed analysis video will follow once we get a response from google symptoms Could not sign in to google (account not found) Could not authenticate if you already have a token Services not require authentication also fails to retrieve certain account information (profile, YouTube comments) Guess -> Borg Service that provide authentication, authorization went down, a fix? Storage qouta issue? https://twitter.com/googlecloud/status/1338493015145504770 https://www.tomsguide.com/news/gmail-and-youtube-down-several-google-services-are-not-working-latest-updates Google down? Realtime status, issues and outages for the UK | Downdetector Google Workspace Status Dashboard
12/14/20207 minutes, 10 seconds
Episode Artwork

Certificates Gone Bad! Certificate Revocation Techniques Explained (CRL, OCSP, OCSP Stapling)

When the private key of a matching public key that belong to a certificate is leaked, an attacker can intercept server hello, use their own dh parameters sign it with the stolen private key and ship it to the client effectively doing MITM. This is extremely dangerous and we have no way in the client to know a MITM has happened. That is why a certificate sometimes has to be revoked, and in this video I’m going to discuss those revocation techniques. 0:00 How Certificate Works 3:00 Certificate Revocation List 4:10 OCSP 7:00 OCSP Stapling
12/14/202010 minutes, 29 seconds
Episode Artwork

Impostor syndrome and Staying Motivated - The Backend Engineering Show with Hussein Nasser - Q&A

In The Backend Engineering Show Live, we discuss Impostor syndrome and Staying Motivated in software engineering field.
12/12/20201 hour, 50 minutes, 50 seconds
Episode Artwork

Oblivious DoH (oDOH) Introduces a TLS Terminating Proxy with additional Layer of Encryption

Oblivious DoH is a technology that separates IP addresses from queries, so that no single entity can see both at the same time. Cloudflare, Apple & Fastly worked on this and did a good write-up of the tech, we discuss it in this video https://blog.cloudflare.com/oblivious-dns/ https://blog.cloudflare.com/oblivious-dns/
12/9/202011 minutes, 41 seconds
Episode Artwork

Meet mySQL RAPID - distributed, in-memory, columnar, query processing engine by ORACLE

Oracle introduces a Game Changer Feature in MySQL that allows for OLAP & OLTP workloads in a single database. This is huge let us discuss https://www.oracle.com/emea/news/announcement/oracle-announces-mysql-database-service-with-integrated-analytics-engine-2020-12-03.html https://dev.mysql.com/doc/mysql-analytics/en/mysql-analytics-introduction.html 0:00 Intro 1:40 History of ETL 7:00 How Kafka Helped Data Warehouse 8:20 How RAPID Solves this 11:14 MySQL Database Service Analytics Engine (RAPID) Architecture 14:00 Loading Data 18:00 Summary
12/6/202020 minutes, 52 seconds
Episode Artwork

The Road to QUIC - what’s wrong w/ HTTP/1.1, HTTP/2, HTTP Pipelining, CRIME, HTTP/2 HOL, HPACK - The Backend Engineering Show Live with Hussein Nasser #8

In The Backend Engineering Show Live we will have a casual Q&A around QUIC Outline  HTTP/1.1 Trouble HTTP/2 Trouble QUIC Handshake QUIC 0RTT HPACK vs QPACK Why HTTP/3
12/5/20202 hours, 3 minutes, 6 seconds
Episode Artwork

Will AWS Babelfish Succeed Moving Developers Away from SQL Server to Postgres?

In AWS re-invent, Amazon announced open sourcing Babelfish for PostgreSQL, a SQL Server-compatible end-point for PostgreSQL to make PostgreSQL fluent in understanding communication from apps written for SQL Server. Let us discuss what is this technology and whether if its gonna really move developers away form Microsoft SQL Server to Postgres Resources https://aws.amazon.com/blogs/opensource/want-more-postgresql-you-just-might-like-babelfish/ Chapters 0:00 Intro 1:30 Postgres vs SQLServer 5:20 What is Babelfish? 9:40 Why Babelfish May not Work 10:06 Will Babelfish Includes everything? 11:46 BabelFish is an Extra Layer 13:35 What REALLY is Babelfish? 15:00 Performance
12/3/202022 minutes, 6 seconds
Episode Artwork

We Need a Solution to NPM Trojans - post-install hell

Attackers have been disguising trojans and other malicious codes in post-install NPM packages and developers have been targeted. This is another incident from NPM. NPM needs to step up and solve this problem https://www.zdnet.com/article/malicious-npm-packages-caught-installing-remote-access-trojans/
12/3/20206 minutes, 43 seconds
Episode Artwork

A Detailed Analysis of The Amazon Kinesis Outage on US East-1 Region

AWS US east-1 experienced an outage Nov-25-2020. Amazon has updated us with summary detailing what exactly happened to amazon Kinesis that caused the outage let us discuss it 0:00 Intro 1:00 Tldr (diagram) 7:30 Detailed Analysis of What Happened 25:00 Why Cognito Went Down 31:20 Why CloudWatch Went Down 33:20 Why Lambda and AutoScaling Went Down 35:50 Why EventBridge, Elastic Kubernetes and Container Service Went Down 38:00 Why Service Status Went Down 40:00 Summary https://aws.amazon.com/message/11201/
11/29/202046 minutes, 19 seconds
Episode Artwork

AWS US East-1 Region Experienced Outages, What was the Cause? let us discuss!

AWS US east-1 experienced an outage yesterday, let us discuss what could have been the problem and what amazon did to solve it — Latest Update (6:23 PM PST): We’d like to provide an update on the issue affecting the Kinesis Data Streams API, and other dependent services, within the US-EAST-1 Region. We have now fully mitigated the impact to the subsystem within Kinesis that is responsible for the processing of incoming requests and are no longer seeing increased error rates or latencies. However, we are not yet taking the full traffic load and are working to relax request throttles on the service. Over the next few hours we expect to relax these throttles to previous levels. We expect customers to begin seeing recovery as these throttles are relaxed over this timeframe. Resources https://www.datacenterdynamics.com/en/news/aws-us-east-1-region-suffers-errors-and-outages-impacting-its-status-page/ https://disqus.com/by/disqus_DZeJlmjjGx/ https://downdetector.com/status/amazon/ https://www.youtube.com/watch?v=I9v-fCz0HZY&feature=youtu.be
11/26/202010 minutes, 37 seconds
Episode Artwork

Basic Caching Techniques Explained - Spatial, Temporal, Distributed, Write-Through, Write-Back, Cache Aside

In this video I go through the three type of caching and how it is kept in sync. 0:00 Intro 0:30 What is Caching? 1:20 Spatial Cache 3:30 Temporal Cache 5:00 Distributed cache 6:30 Write-Through Cache 8:00 Write-Back Cache
11/25/202010 minutes, 23 seconds
Episode Artwork

Why Redis Became the Most Popular Database on the Cloud in 2020

According to Sumo Logic's research, Redis is now officially the most popular database in 2020 on AWS cloud deployment. Let us discuss some of the reasons why the in-memory database became so popular   https://www.theregister.com/2020/11/23/redis_the_most_popular_db_on_aws/
11/24/202012 minutes, 39 seconds
Episode Artwork

Using GitHub Actions ? Be Aware of this High-Severity Injection Bug Found in GitHub Actions

Felix Wilhelm of Google Project Zero found an injection Vulnerability affecting GitHub Actions and Workflow Commands specifically related to setting malicious environment variables by parsing STDOUT Resources https://github.blog/changelog/2020-10-01-github-actions-deprecating-set-env-and-add-path-commands/ https://bugs.chromium.org/p/project-zero/issues/detail?id=2070&can=2&q=&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary&cells=ids https://www.zdnet.com/article/google-to-github-times-up-this-unfixed-high-severity-security-bug-affects-developers/
11/23/20208 minutes, 54 seconds
Episode Artwork

DO NOT COMMIT .ENV Files! BotNet Harvesting Credentials and API Keys from Public .ENV files

A botnot caught scanning the web for .ENV file and harvesting Credentials, API Keys and Passwords. Let us discuss   https://www.zdnet.com/article/botnets-have-been-silently-mass-scanning-the-internet-for-unsecured-env-files/
11/22/20208 minutes, 14 seconds
Episode Artwork

Envoy Proxy Fixes Two Zero Day vulnerabilities (UDP Proxy, TCP Proxy)

The Envoy Proxy fixed two zero day vulnerabilities, from Envoy groups : We are announcing the fixes for two zero days that were identified today: Crash in UDP proxy when datagram size is > 1500. This can happen if either MTU > 1500 or if fragmented datagrams are forwarded and reassembled: https://github.com/envoyproxy/envoy/pull/14122. This issue was already under embargo and a new issue was opened in public GitHub. Proxy proto downstream address not restored correctly for non-HTTP connections: https://github.com/envoyproxy/envoy/pull/14131. This issue was opened publicly recently but the security implications were not clear at the time. This will affect logging and network level RBAC for non-HTTP network connections. Resources https://groups.google.com/g/envoy-security-announce/c/aqtBt5VUor0 0:00 0:20 UDP Proxy Crash 2:15 Incorrect Downstream Remote Address
11/22/20207 minutes, 47 seconds
Episode Artwork

Communication Protocols QA - The Backend Engineering Show Live with Hussein Nasser

In this live stream we have a Q&A about Communication Protocols in the Backend , enjoy. We Talk about Masque, WebTransport, WebSockets, TCP, UDP and more
11/21/20201 hour, 38 minutes, 41 seconds
Episode Artwork

SAD DNS - A Clever DNS Cache Poisoning Attack

A group of researchers from UC Riverside and Tsinghua University announced a new attack against the Domain Name System (DNS) called SAD DNS (Side channel AttackeD DNS). In this video I explain this attack 0:00 Intro 1:00 What is DNS? 3:10 Original DNS Poisoning 6:30 DNS Poisoning with Fragmentation Attack 9:30 ICMP Explained 13:00 DNS Poisoning with ICMP Error Messages   Resources https://blog.cloudflare.com/sad-dns-explained/ https://www.saddns.net/ https://bit.ly/3lHTn45 https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol
11/19/202020 minutes, 24 seconds
Episode Artwork

Is this the end of WebSockets? - The New WebTransport Protocol

There is a new Protocol called WebTransport, it sets to solve some limitations in WebSockets, the question is will this completely replaces WebSockets? I’ll leave this question to you guys. Let us discuss Resources https://www.youtube.com/watch?v=jTBM9CDO_Wk&feature=youtu.be https://datatracker.ietf.org/doc/draft-kinnear-webtransport-http2/ https://datatracker.ietf.org/doc/draft-vvv-webtransport-http3/ https://datatracker.ietf.org/doc/draft-vvv-webtransport-quic/
11/19/202011 minutes, 11 seconds
Episode Artwork

Is FireFox HTTPS only Mode The death of HSTS?

FireFox Enables HTTPS Only Mode, let us discuss  https://blog.mozilla.org/security/2020/11/17/firefox-83-introduces-https-only-mode/ What does it mean? Death of HSTS? No more plugins Will it ever become default? (Government sites unencrypted, backward compatible)
11/18/20208 minutes, 11 seconds
Episode Artwork

Denial of Service through DNS request Discovered in Node JS (CVE-2020-8277)

A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of service by getting the application to resolve a DNS record with a larger number of responses. (CVE-2020-8277)  I discuss this attack in this video and whether you should fix it.  Impacts: * Versions 12.16.3 and higher on the 12.x release line * Versions 14.13.0 and higher on the 14.x release line * All versions of the 15.x release line   Resources https://nodejs.org/en/blog/vulnerability/november-2020-security-releases/#:~:text=Denial%20of%20Service%20through%20DNS,a%20larger%20number%20of%20responses. Code Fix  https://github.com/nodejs/node/commit/022899e1d5
11/17/20206 minutes, 53 seconds
Episode Artwork

🔴 Facebook's is all about QUIC, MASQUE, RIP Kafka's Zookeeper, dotNET 5 and more! - Backend Engineering Show Live with Hussein Nasser

In this Livestream we discuss the following topic  Facebook moving to QUIC https://engineering.fb.com/2020/10/21/networking-traffic/how-facebook-is-bringing-quic-to-billions/ Multiplexed Application Substrate over QUIC Encryption (masque) https://datatracker.ietf.org/wg/masque/about/ KIP500, Kafka removing ZooKeeper https://www.confluent.io/blog/how-to-prepare-for-kip-500-kafka-zookeeper-removal-guide/ DotNET 5 https://devblogs.microsoft.com/dotnet/announcing-net-5-0/
11/15/20201 hour, 4 minutes, 39 seconds
Episode Artwork

What is HTTP CONNECT? and Why MASQUE (Multiplexed Application Substrate over QUIC Encryption) is replacing it

HTTP CONNECT Method allows the client to create a tunnel through a proxy to forward any free-form content through it. Let us discuss why do the pros and cons of this 0:00 Intro 1:45 HTTP Proxy 5:50 HTTPS Proxy 9:40 HTTP CONNECT 14:15 HTTP CONNECT Chaining 16:10 Pros & Cons of CONNECT 23:20 MASQUE Resources https://tools.ietf.org/html/rfc7231#section-4.3.6 Multiplexed Application Substrate over QUIC Encryption (masque) https://datatracker.ietf.org/wg/masque/about/ What if you want to connect to the secure site? cards 18:40 http/2 clear smuggling https://www.youtube.com/watch?v=B2VEQ3jFq6Q 17:40 layer 4 proxy https://www.youtube.com/watch?v=aKMLgFVxZYk 16:50 WebSockets https://www.youtube.com/playlist?list=PLQnljOFTspQUGjfGdg8UvL3D_K9ACL6Qh 21:00 HTTP/2 https://www.youtube.com/watch?v=fVKPrDrEwTI
11/15/202027 minutes, 8 seconds
Episode Artwork

HTTP/2 Push is Being Removed, let us discuss

HTTP/2 Push is being removed since it is very difficult to implement and has no added value. Let us discuss  Resource https://groups.google.com/a/chromium.org/g/blink-dev/c/K3rYLvmQUBY/m/vOWBKZGoAQAJ Video https://www.youtube.com/watch?v=uAfNRJJ_BrA
11/12/20207 minutes, 20 seconds
Episode Artwork

Opening Old Wounds - Why Uber Engineering Switched from Postgres to MySQL

An article from 2016 which caused lots of discussions in the software engineering community. We bring it back and open old wounds and discuss it again.  0:00 Intro 3:00 Problems with Architecture of Postgres 4:00 Postgres on-Disk Format 9:45 Replication 13:19 Write Amplification 16:44 Replication Bandwidth 21:16 Data Corruption 24:00 Replica MVCC 31:30 Postgres Upgrades 33:00 MySQL on-Disk Format 37:00 MySQL Replication 40:00 Connection Handling https://eng.uber.com/postgres-to-mysql-migration/ https://news.ycombinator.com/item?id=12166585
11/11/202048 minutes, 2 seconds
Episode Artwork

WebRTC (Web Real-Time Communication)

WebRTC (Web Real-Time Communication) is a free, open-source project that provides web browsers and mobile applications with real-time communication (RTC) via simple application programming interfaces (APIs). In this video I go through webrt and discuss all the concepts of WebRTC in details. We will learn about NAT, STUN, TURN, ICE, SDP, Signaling and we will show a demo too! Finally we will talk about the pros & cons 0:00 Intro 3:44 WebRTC Overview 11:17 NAT 16:54 NAT Translation Methods 26:20 STUN 33:30 TURN 35:00 ICE 38:00 SDP 40:52 Signaling 43:30 WebRTC Demo 1:00:00 WebRTC Pros & Cons 1:04:00 Bonus WebRTC Content ! tags webrtc, Web Real-Time Communication, webrtc video, webrtc samples, webrtc tutorial, webrtc , interactive connectivity establishment ice , session description protocol, session initiation protocol, peer to peer, getUserMedia, RTCPeerConnection
11/9/20201 hour, 12 minutes, 21 seconds
Episode Artwork

GeoDNS, Active Active, MicroServices, Evil Garbage Collectors and More! Live with Hussein Nasser

Live Q&A discussion of different backend engineering topics
11/7/20201 hour, 36 minutes, 30 seconds
Episode Artwork

Facebook Moves their Backend and Frontend to QUIC, it wasn’t smooth but they saw great results Let us discuss

Facebook move to QUIC from TCP was not smooth but they did see some improvement in all their apps. Let us discuss this Article https://engineering.fb.com/networking-traffic/how-facebook-is-bringing-quic-to-billions/ 0:00 Intro 3:00 What is QUIC? 10:45 Facebook Backend 14:30 FaceBook Frontend 15:20 GraphQL 17:00 The Trouble with QUIC 23:00 Static & Video Content 25:15 Instagram App 26:00 QUIC Future
11/5/202030 minutes, 39 seconds
Episode Artwork

Installing This Twilio Malware NPM Package Opens a Backdoor on Your Developer Machine

SonaType detected a Malware in NPM registry imitating to be Twilio package that opens a reverse connection to a remote server and allows attacker to access your local machine content. Let us discuss Since this command is unix specific it won’t work on Windows https://blog.sonatype.com/twilio-npm-is-brandjacking-malware-in-disguise Resources SSH Tunneling https://youtu.be/N8f5zv9UUMI Ngrok https://www.youtube.com/watch?v=pR2qNnVIuKE
11/3/202019 minutes, 59 seconds
Episode Artwork

Chrome dedicated certificate root store is coming soon, what does that mean? let us discuss

According to ZDNET "Chrome will soon have its own dedicated certificate root store" Let us discuss what that might mean to privacy   https://www.zdnet.com/article/chrome-will-soon-have-its-own-dedicated-certificate-root-store/
11/2/20207 minutes, 32 seconds
Episode Artwork

Remotely access any TCP/UDP service bound to a victim machine - Let us discuss NAT Slipstreaming

Ever heard of HTTP Smuggling? will this is smuggling a TCP packet into an HTTP body so that it can be interpreted by the router to open internal ports to your machine. NAT Slipstreaming was discovered by Samy Kamkar,  Article and research by @SamyKamkar  https://samy.pl/slipstream/
11/2/202020 minutes, 32 seconds
Episode Artwork

TLS - Live Stream (by Hussein Nasser)

Let us have a casual chat about TLS, Security, Certificates and more
10/31/20201 hour, 36 minutes, 9 seconds
Episode Artwork

All About Database ACID

In this live stream I discuss all about Database ACID one by one and we also answer interesting questions!  Enjoy!  Watch stream here https://www.youtube.com/watch?v=QCKZ3VZ87Qo&feature=youtu.be
10/24/20201 hour, 27 minutes, 22 seconds
Episode Artwork

Should You Become a Full stack Engineer?

My Thoughts on Full Stack Engineering
10/23/202014 minutes, 20 seconds
Episode Artwork

Uber’s new Backend Architecture for Processing Payments

In this video I discuss the new Uber Backend Architecture that they deployed to process payments and jobs and orders. https://youtu.be/mL0fzj7e6WU Revolutionizing Money Movements at Scale with Strong Data Consistency https://eng.uber.com/money-scale-strong-data/
10/22/202027 minutes, 45 seconds
Episode Artwork

Column vs Row Oriented Databases Explained

In this video, I explain the differences between Column vs Row Oriented Database Storage how efficient each method is, and their pros & cons 0:00 Intro 2:50 Row-Oriented Database 15:30 Column-Oriented Database 26:30 Pros & Cons
10/20/202035 minutes, 4 seconds
Episode Artwork

Moving from a Network Engineer to a Backend Engineer - Career Path Advice

In this video I explain how Network Engineers can move to be a Backend Engineer by capitalizing on their skills in networking. Network Engineers can build great and improve the communication protocols that Backend Engineers use for service to service communication. Network Engineers can also be specialized in Proxies, Reverse Proxies, Load Balancers and Caching Layers.
10/19/20208 minutes, 27 seconds
Episode Artwork

Software Engineering is Overwhelming

Software Engineering is overwhelming and hard, I discuss how to ease up that burden and make it fun here. 0:00 Intro 2:20 Learning Software Engineering 17:55 Bugs 23:30 Design Activities 28:50 Summary 🎙️Listen to the Backend Engineering Podcast https://husseinnasser.com/podcast 🏭 Backend Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT 💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2 🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC 🏛️ Software Archtiecture Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9 📩 Messaging Systems https://www.youtube.com/playlist?list=PLQnljOFTspQVcumYRWE2w9kVxxIXy_AMo Become a Member https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join Support me on PayPal https://bit.ly/33ENps4 Stay Awesome, Hussein
10/18/202035 minutes, 6 seconds
Episode Artwork

WebSockets - Live Stream (By Hussein Nasser)

In this live stream we will keep the theme about WebSockets, scaling, layer 7 proxying vs layer 4 proxying in websockets ,  interesting problems and just chatting!       0:00 Intro 13:00 Stream Starts 21:30 WebSockets 1:08:00 Securing WebSockets 1:13:00 Scaling WebSockets Watch on YouTube https://www.youtube.com/watch?v=brKJFkLQWYo&feature=youtu.be
10/17/20201 hour, 26 minutes, 12 seconds
Episode Artwork

Database Partitioning Explained

In this video, I will go through Database Partitioning and explain it in details, pros and cons with a demo using PostgreSQL.
10/15/202041 minutes, 6 seconds
Episode Artwork

Indexing in PostgreSQL vs MySQL

In this video, I explain how both Postgres and MySQL store their indexes and their effect on reads vs writes. Let us discuss 0:00 Intro 1:00 Tables 2:00 Indexes 3:20 Indexing in Postgres 5:00 Indexing in MySQL 6:35 What Happens on Update on Postgres 7:20 What Happens on Update on MySQL 9:00 Reads on Postgres 9:40 Reads on MySQL
10/13/202013 minutes, 50 seconds
Episode Artwork

Discord Backend Architecture Discussion

In this Video I discuss Discord WebRTC and Voice chat backend architecture, it is a very interesting article, let us discuss it  https://blog.discord.com/how-discord-handles-two-and-half-million-concurrent-voice-users-using-webrtc-ce01c3187429 0:00 Intro 3:30 WebRTC As a Choice? 8:00 ReWriting WebRTC 11:20 Backend Architecture 20:00 Failover 26:00 My Thoughts
10/12/202029 minutes, 39 seconds
Episode Artwork

PostgreSQL 13 Has Some Performance Boosts! Let us discuss it!

PostgreSQL 13 Has Some Performance Boosts! Let us discuss it! Postgres 13 has been released and it has some interesting features how about we discuss it! Resources Press-release https://www.postgresql.org/about/featurematrix/detail/341/ Feature Matrix https://www.postgresql.org/about/featurematrix/ “The PostgreSQL Global Development Group today announced the release of PostgreSQL 13, the latest version of the world’s most advanced open source database. PostgreSQL 13 includes significant improvements to its indexing and lookup system that benefit large databases, including space savings and performance gains for indexes, faster response times for queries that use aggregates or partitions, better query planning when using enhanced statistics, and more. Along with highly requested features like parallelized vacuuming and incremental sorting, PostgreSQL 13 provides a better data management experience for workloads big and small, with optimizations for daily administration, more conveniences for application developers, and security enhancements. "PostgreSQL 13 showcases the collaboration and dedication of our global community in furthering the abilities of the world's most advanced open source relational database," said Peter Eisentraut, a PostgreSQL Core Team member. "The innovations that each release brings along with its reputation for reliability and stability is the reason why more people choose to use PostgreSQL for their applications." PostgreSQL, an innovative data management system known for its reliability and robustness, benefits from over 25 years of open source development from a global developer community and has become the preferred open source relational database for organizations of all sizes.”
10/11/202023 minutes, 46 seconds
Episode Artwork

HTTP - Live Stream

In this Live stream, I discuss HTTP and answer interesting questions about HTTP, TLS, UDP, QUIC, WebSockets and more from the community  watch the vod here https://www.youtube.com/watch?v=J6G8DdLgdJ4
10/10/20201 hour, 3 minutes, 48 seconds
Episode Artwork

Why Discord Moved from MongoDB to Apache Cassandra, Let us Discuss

In this Article Stanislav Vishnevskiy elegantly discusses why Discord moved from MongoDB to Apache Cassandra, the challenges they faced, limitations of both Mongo & Cassandra. Well written article let us discuss   https://blog.discord.com/how-discord-stores-billions-of-messages-7fa6ec7ee4c7
10/9/202025 minutes, 54 seconds
Episode Artwork

We Need to Stop the Microservices Madness - Scaling with Common Sense

I stumbled upon this interesting article titled Scaling with common sense, the author goes into different topics of the bad practices of pre-mature scaling and optimization specifically with regards to microservices and k8. Let us discuss Resources https://zerodha.tech/blog/scaling-with-common-sense/ 0:00 Intro 3:00 Comparisons are almost always meaningless. 5:30 Scaling starts with well built software. 8:50 Eat healthy and exercise daily. 10:15 KISS, don’t be afraid, and boring better cool. 12:00 The bottleneck is almost always the database. 13:40 RDBMS works, almost always. 15:00 Everyone forgets to index. 17:30 Don’t use an RDBMS. What? 19:40 Networking/IO is really hard. Network as little as possible. 21:20 Connections are hard. Connect little, pool much. 25:00 Latency is THE metric. 26:10 The Internet is the Wild Wild West. 28:40 Caching is a silver bullet, almost. 29:00 Dumb caching is best caching. 29:40 Some application state may not be bad. 31:20 HTTP APIs can be E-Tagged (304) too. 34:12 Allocation is expensive. 37:40 Multi-threading and concurrency are necessary, but hard. 38:30 Some technologies are genuinely slow. Use fast technologies. 39:30 Scaling horizontally, vertically, and “enterprisely”. 40:30 Human impediment. 42:20 My Thoughts on Microservices 🎙️Listen to the Backend Engineering Podcast https://husseinnasser.com/podcast 🏭 Backend Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT 💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2 🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC 🏛️ Software Archtiecture Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9 📩 Messaging Systems https://www.youtube.com/playlist?list=PLQnljOFTspQVcumYRWE2w9kVxxIXy_AMo Become a Member https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join Support me on PayPal https://bit.ly/33ENps4 Stay Awesome, Hussein
10/7/202047 minutes, 23 seconds
Episode Artwork

How did I get served an Instagram Ad by browsing a completely different website?

In this video I explain how I was browsing a website (displate) and was served the exact same thing on my Instagram feed
9/30/20206 minutes, 19 seconds
Episode Artwork

HTTPS and HTTP/3 negotiation is now Faster thanks to Cloudflare, RIP HSTS, Let us Discuss

Watch the Video here  https://youtu.be/76sgBHUl7iI Alessandro Ghedini wrote an interesting article discussing how DNS queries can help speed up HTTPS and HTTP/3 communication let us discuss this article https://blog.cloudflare.com/speeding-up-https-and-http-3-negotiation-with-dns/ 3:30 TLS video https://www.youtube.com/watch?v=AlE5X1NlHgg 4:57 HSTS https://www.youtube.com/watch?v=kYhMnw4aJTw 8:15 http/2 c smuggling https://www.youtube.com/watch?v=B2VEQ3jFq6Q 15:30 ESNI https://www.youtube.com/watch?v=t0zlO5-NWFU
9/30/202018 minutes, 21 seconds
Episode Artwork

Microsoft 365 Outage, What Happened and What Caused it? Let us discuss

On September 28 2020 Microsoft 365 Service went down, what caused it? and what did Microsoft did to solve it. Resources https://twitter.com/msft365status/status/1310696819135901696?s=21 https://status.office.com/ https://answers.microsoft.com/en-us/msoffice/forum/msoffice_account-mso_imobile-mso_o365b/error-aadsts90033/d2ba3ef2-fe85-411d-b4fe-5c44df1e121c https://answers.microsoft.com/en-us/msoffice/forum/msoffice_o365admin-mso_other-mso_o365b/aadsts90033-a-transient-error-has-occurred-please/8117f18e-9de9-46d7-9505-1708b2a1c732 https://docs.microsoft.com/en-us/answers/questions/35944/aadsts90033-a-transient-error-has-occurred-please.html
9/29/202013 minutes, 22 seconds
Episode Artwork

When to Build a Stateless vs Stateful Back-ends using the right protocols (UDP, TCP, HTTP, QUIC, WebSockets)

In this video I explain how communication protocols are built on top of each other and how each protocol can be stateful or stateless. We need to understand this in order to know which protocol to use to build the right backend. 
9/24/20209 minutes, 6 seconds
Episode Artwork

Russia Follows in China’s footsteps and attempts to block TLS 1.3, ESNI, DoH & DoT, let us discuss

It looks like Russia is submitting a proposal to block TLS 1.3, ESNI, DoH , DoT, let us discuss  Resources  https://www.zdnet.com/article/russia-wants-to-ban-the-use-of-secure-protocols-such-as-tls-1-3-doh-dot-esni/  https://en.wikipedia.org/wiki/SORM
9/23/202012 minutes, 52 seconds
Episode Artwork

Casting Firefox to your TV, Roku or Game Console? Watch out for this major DANGEROUS bug!

What scared me about this bug is how EASY it is to execute, no MITM, no special software.. its all exploiting of existing software.. Let us discuss   The SSDP engine in Firefox for Android (68.11.0 and below) can be tricked into triggering Android intent URIs with zero user interaction.  This attack can be leveraged by attackers on the same WiFi network and manifests as applications on the target device suddenly launching, without the users' permission, and conducting activities allowed by the intent.   Resources https://en.wikipedia.org/wiki/Simple_Service_Discovery_Protocol https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-tech-notes/-/tree/master/firefox-android-2020 https://twitter.com/init_string  https://twitter.com/LukasStefanko/status/1307013106615418883
9/22/202011 minutes, 6 seconds
Episode Artwork

GoogleBot Crawler Now Uses HTTP/2 to Index the Web, Let us discuss how this affects our Back-end?

Google Bot is now attempting to use HTTP/2 to crawl the web Ever since mainstream browsers started supporting the next major revision of HTTP, HTTP/2 or h2 for short, web professionals asked us whether Googlebot can crawl over the upgraded, more modern version of the protocol. Today we're announcing that starting mid November 2020, Googlebot will support crawling over HTTP/2 for select sites. Article https://webmasters.googleblog.com/2020/09/googlebot-will-soon-speak-http2.html * Intro 0:00 * What is a Crawler 1:06 * Current Crawler uses h1 2:00 * Crawler now uses h2 4:40 * Less connections, slightly high CPU usage 6:30 * Opting out of h2 crawling 9:00 * FAQ 11:40 Http/2 playlist 0;50 https://www.youtube.com/playlist?list=PLQnljOFTspQWbBegaU790WhH7gNKcMAl- http/2 not cheap 7;00 https://www.youtube.com/watch?v=GriONb4EfPY lucid chart 9;50 https://www.youtube.com/watch?v=gejfT1h6LBo h2c smuggling 18:30 https://www.youtube.com/watch?v=B2VEQ3jFq6Q
9/18/202021 minutes, 57 seconds
Episode Artwork

How I Got "Slightly" Better at Communicating my Ideas Effectively as a Software Engineer

In this video, I explain how I got better at communicating my thoughts, opinions and ideas and how making content on YouTube Channel actually helped. I still have a long way but I found that making content and continuously trying to get better at delivering the core point helps.
9/18/20208 minutes, 11 seconds
Episode Artwork

My Opinion on the “Stop Using React” Article

There was a recent article titled Stop Using React which spawned lots of discussions. I want to give my thoughts on this article and React in general.   Resources https://dev.to/ender_minyard/why-you-should-stop-using-react-g7c  https://timkadlec.com/remembers/2020-04-21-the-cost-of-javascript-frameworks/   0:00 Intro 3:20 Its Slow 8:30 Its expensive 12:00 its inaccessible 14:00 React goes against the web 18:00 made by facebook 21:00 my thoughts
9/17/202028 minutes
Episode Artwork

Best Practices Working with Billion-row Tables in Databases

In this video, I discuss 3 methods to work with tables of billion rows. This discussion is inspired by a comment on my YouTube video on Twitter System Design right here https://www.youtube.com/watch?v=gfq-LG9ZJQA&lc=UgyYbm5889dW0XtKhsV4AaABAg Chapters Intro 0:00 1. Brute Force Distributed Processing 2:30 2. Working with a Subset of table 3:35 2.1 Indexing 3:55 2.2 Partitioning 5:30 2.3 Sharding 7:30 3. Avoid it all together (reshuffle the whole design) 9:10 Summary 11:30
9/14/202014 minutes, 28 seconds
Episode Artwork

Another Unsecured ElasticSearch Cluster Exposed with 900GB worth of private data, let us discuss

It seems like these incidents are very common and not sure why ElasticSearch in particular. Let us discuss      https://www.zdnet.com/article/leaky-server-exposes-users-of-dating-site-network/
9/13/20206 minutes, 17 seconds
Episode Artwork

How I deal with Stress and being Overwhelmed during the Pandemic as a Software Engineer and a Content Creator

Some of you asked me how to deal with stress at my work and my content creation here on YouTube I share my thoughts with you Intro 0:00 Stress from Work 2:40 Feeling down with no clear reason 7:13 Feeling anxious overwhelmed with stuff to learn 14:55 Pandemic 21:14
9/13/202027 minutes, 6 seconds
Episode Artwork

Unimog - Cloudflare’s edge load balancer has blown me away, let us discuss

Unimog is a layer 4 load balancer built for Cloudflare scale. Cloudflare has written a great blog about it so let us discuss this technology. Video: https://youtu.be/Q0irm6xzNNk Resources https://blog.cloudflare.com/unimog-cloudflares-edge-load-balancer/ 0:00 Intro 3:33 Layer 4 vs Layer 7 Load Balancers 7:00 Anycast 13:45 Packet Forwarding 23:30 XDP and Network stack 26:45 Maintaining established connection 31:00 Edge Computing 32:00 UDP Routing 33:00 Unimog Summary 34:00 Open Source Software 36:00 K8 Rant 40:00 Conclusion Cards 6:30 L4 vs L7 proxying https://www.youtube.com/watch?v=aKMLgFVxZYk 12:30 vip https://www.youtube.com/watch?v=85XY7H2JPbs 13:30 tcp handshake https://www.youtube.com/watch?v=bW_BILl7n0Y&t=5s
9/12/202042 minutes, 20 seconds
Episode Artwork

WOW! h2c Smuggling is a serious flaw and very easy to execute, Let us discuss this

Jake Miller a security researcher discovered a serious flaw in proxies that allow h2c clear text upgrade and bypass proxy rules. Let us discuss Thanks to @Textras for sending this article! https://twitter.com/thebumblesec/status/1303305853525725184?s=21 https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c?hs_amp=true
9/11/202019 minutes, 33 seconds
Episode Artwork

Kafka Consumer Group is a Brilliant Design Choice and We should Discuss it

Apache Kafka is an interesting software, every design decision the team makes perfect sense. I decided to dive deep into the discussion of the consumer group concept which is underrated and talk more about it. 0:00 Intro 1:24 Messaging Systems Explained 3:30 Partitioning 4:30 Pub/Sub vs Queue 6:55 Consumer Group 10:00 Parallelism in Consumer Group 10:30 Partition awareness in Consumer Group 11:30 Achieving Pub/Sub with Consumer Group 14:00 Head of Line blocking in Kafka
9/9/202021 minutes, 23 seconds
Episode Artwork

Is there a Limit to Number TCP Connections a Backend can handle?

Someone asked me a question and I felt its interesting to make a video about, is there a limit to the maximum number of TCP connections a Client can make to the server? If there is what is it? and how does that make sense in all the configurations? 0:00 Intro 1:00 Is there a Max Connection Limit? 4:30 64K Connection Limit Explained 7:20 Max Connections on Reverse Proxies and Max Connections 14:30 How does Router get around Max Connections? 7:00 3 million whatsapp https://www.youtube.com/watch?v=vQ5o4wPvUXg 10:25 envoy https://www.youtube.com/watch?v=40gKzHQWgP0& 12:50 google https://www.youtube.com/watch?v=CUiBVTcgvBU 14:00 Active Active https://www.youtube.com/watch?v=d-Bfi5qywFo
9/7/202019 minutes, 31 seconds
Episode Artwork

Doordash moves their Backend to Apache Kafka from RabbitMQ, VERY interesting! Let us discuss it!

Doordash the food delivery service has built an asynchronous task processing backend with Celery and RabbitMQ. They are having lots of outages and problems. Let us discuss how they solved their problem by moving to Apache Kafka. Very well written article. Resource https://doordash.engineering/2020/09/03/eliminating-task-processing-outages-with-kafka/ https://www.rabbitmq.com/connections.html#high-connection-churn  
9/6/202031 minutes, 7 seconds
Episode Artwork

Why Application-Layer Protocol Negotiation is Critical for HTTP/2 Backends

Application-Layer Protocol Negotiation (ALPN) is a Transport Layer Security (TLS) extension that allows the application layer to negotiate which protocol should be performed over a secure connection in a manner that avoids additional round trips and which is independent of the application-layer protocols. It is needed by secure HTTP/2 connections, which improves the compression of web pages and reduces their latency compared to HTTP/1.x. The ALPN and HTTP/2 standards emerged from development work done by Google on the now withdrawn SPDY protocol. https://en.wikipedia.org/wiki/Application-Layer_Protocol_Negotiation 1:30 TCP Handshake 1:40 TLS
9/6/20207 minutes, 50 seconds
Episode Artwork

When to use UDP vs TCP in Building a Backend Application?

In this video I explain when to use TCP vs UDP as a communication protocol on your backend app. I go through the advantages and disadvantages of UDP I also discuss the protocol within the context of Chatting System, Multiplayer game, and building a browser and a web server   0:00 Intro 2:00 UDP 3:00 TCP 6:00 UDP vs TCP for Building a Chatting System  9:20 UDP vs TCP for Building a Multiplayer game  15:30 UDP vs TCP for Building a Browser and WebServer 19:11 Summary
9/5/202021 minutes, 21 seconds
Episode Artwork

Your Backend Might not Be Ready for HTTP/2 - Watch This Before Implementing it

HTTP/2 is a protocol that allows multiplexing which can be very beneficial however HTTP/2 is not always cheap and might not be a good choice for your backend. * Intro 0:00 * What is HTTP/2 ? 1:30 * HTTP/2 Pros 5:10 * HTTP/2 Advantages on Browsers 5:30 * HTTP/2 Advantages on Reverse Proxy Connection Pooling 9:20 * HTTP/2 Problem 11:00 Google Talk https://www.youtube.com/watch?v=xxN4FfwaANk
9/4/202017 minutes, 58 seconds
Episode Artwork

Envoy Proxy Crash Course, Architecture, L7 & L4 Proxying, HTTP/2, Enabling TLS 1.2/1.3 and more

Envoy is an open-source L7 proxy and communication bus Originally built at Lyft to move their architecture away from a monolith. In this video, I want to go through the following * What is Envoy? 0:00 * Current & Desired Architecture 0:48 * Envoy Architeture 3:00 * DownStream/Upstream 7:30 * Clusters 9:19 * Listeners 10:50 * Network Filters 11:50 * Connection Pools 13:45 * Threading Model 18:34 * Example 21:25 * Show the 4 apps 24:30 * Install Envoy Brew 26:00 *  https://www.getenvoy.io/install/envoy/macos/ * Envoy as a Layer 7 Proxy 27:30 * Proxy to all 4 backend NodeJS services 28:00 * Split load to multiple backends (app1/app2) 40:00 * Block certain requests (/admin) 45:30 * Envoy as a Layer 4 Proxy (tcp router) 47:50 * Create DNS record 54:00 * Enable HTTPS on Envoy (lets encrypt) 55:30 * Enable HTTP/2 on Envoy 1:03:00 * Disable 1.1/1.0 Enable TLS 1.2 and TLS 1.3 ONLY on Envoy 1:04:30 * SSL Labs test 1:06:40 * Summary 1:07:24 Config https://github.com/hnasr/javascript_playground/tree/master/envoy Resources https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/intro/terminology https://www.envoyproxy.io/docs/envoy/latest/intro/arch_overview/upstream/connection_pooling#arch-overview-conn-pool 🏭 Backend Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT 💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2 🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr 🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC 🐘 Postgres Videos https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj 🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r 🧮 Programming Pattern Videos https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe 🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv 🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO 🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX 🔆 Javascript Videos https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM 👾Discord Server https://discord.gg/CsFbFce Become a Member https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join Support me on PayPal https://bit.ly/33ENps4 Become a Patreon https://www.patreon.com/join/hnasr? Stay Awesome, Hussein
8/31/20201 hour, 13 minutes, 5 seconds
Episode Artwork

I finished Researching Envoy Proxy here is what I think, Let us Discuss

Envoy Proxy is an L3/L4 Proxy that is designed to be service mesh, In this video, I discuss my initial thoughts about the product, design choices, and much more. The actual full video on Envoy will be coming soon stay tuned.
8/29/20206 minutes, 49 seconds
Episode Artwork

Postgres Vacuum Explained

In this video, I explain Postgres Vacuum while I walk my dog.
8/28/20207 minutes, 20 seconds
Episode Artwork

Cloudflare fixes a HUGE limitation in HTTP/2 implementation of NGINX - This should be ported to all proxies

Cloudflare is doing fantastic job to the web community security and backend engineering. This latest fix is awesome it is the ability to auto-tune window size buffer when it comes to uploading HTTP/2 traffic. Article https://blog.cloudflare.com/delivering-http-2-upload-speed-improvements/ 4:15 slow tcp start https://www.youtube.com/watch?v=rgPcxg8gjho&t=1s 5:40 HTTP crash course https://www.youtube.com/watch?v=0OrmKCB0UrQ&t=4s 6:20 TCP crash course https://www.youtube.com/watch?v=qqRYkcta6IE 12:20 Bandwidth bideo https://www.youtube.com/watch?v=6Tf80mbhyAQ
8/27/202016 minutes, 4 seconds
Episode Artwork

A SameSite Cookie Exception was made to avoid Redirect Loop in Single Sign On (SSO) Let us Discuss

SameSite Cookie Lax is interesting and we are finding new exceptions everyday. Let us discuss this one where lax cookies will be sent on POST request as long as the cookies are fresh (2 minutes) Resources https://www.chromestatus.com/feature/5088147346030592
8/27/202011 minutes, 51 seconds
Episode Artwork

Inefficient Code in Chrome puts ENORMOUS load on DNS Roots Just for a pretty UX, let us discuss...

This code was introduced for a user experience ending up taking 50% of the traffic on DNS Root server.   Sorry I was touching my hair a lot just took a shower lol. With regards to this article I want to ask you guys a question, Chrome put this feature in order to improve the user experience but it ended up having a huge cost. Did you ever make a choice between performance and user experience? which one usually wins for you? would love to know your opinion   Resources   https://arstechnica.com/gadgets/2020/08/a-chrome-feature-is-creating-enormous-load-on-global-root-dns-servers/ https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#dnsinterceptionchecksenabled https://news.ycombinator.com/item?id=24231857 https://blog.apnic.net/2020/08/21/chromiums-impact-on-root-dns-traffic/
8/27/202020 minutes, 54 seconds
Episode Artwork

Windows 95 is 25 Years Old Today and I am feeling nostalgic, let us discuss

Windows 95 was a great operating system, wrote so many apps on top of it and played so many games too. Join me as I discuss this https://www.theverge.com/21398999/windows-95-anniversary-release-date-history
8/24/202011 minutes, 15 seconds
Episode Artwork

REST API has a major limitation and Vulcain solves it, Let us discuss

GraphQL was born to solve a major limitation in REST API, but the cost of GraphQL and barrier to entry is high. Vulcain addresses REST limitations by introducing HTTP/2 push.  Is a simpler alternative? let us discuss   Learn about Vulcain here https://github.com/dunglas/vulcain
8/24/202010 minutes, 20 seconds
Episode Artwork

Chrome is enabling RAW TCP AND UDP Connections! Let us discuss

Chrome is enabling Raw TCP and UDP from the Browser, this is big news! let us discuss the implication, security and benefit for us backend engineers. resources https://www.theregister.com/2020/08/22/chromium_devs_raw_sockets/ raw tcp spec https://github.com/WICG/raw-sockets
8/22/202017 minutes, 9 seconds
Episode Artwork

Pessimistic concurrency control vs Optimistic concurrency control in Database Systems Explained

In this video, I discuss the different concurrency control at database transactions, specifically the pessimistic vs optimistic concurrency control. and the pros and cons of each.    0:00 Intro 3:00 concurrency Control 5:30 Pessimistic concurrency Control 9:20 Optimistic concurrency Control  Resources  https://en.wikipedia.org/wiki/Optimistic_concurrency_control https://www.baeldung.com/java-jpa-transaction-locks https://docs.oracle.com/javaee/7/api/javax/persistence/OptimisticLockException.html https://en.wikipedia.org/wiki/Time-of-check_to_time-of-use https://www.2ndquadrant.com/en/blog/postgresql-anti-patterns-read-modify-write-cycles/
8/20/202016 minutes, 49 seconds
Episode Artwork

A Critical Jenkins Bug Discovered - This is why Building a Web Server is Hard

Jenkins has just released a statement that there is a potential bug (CVE-2019-17638) where an attacker can steal content from other legitimate requests. In this video, I describe the bug and why being a web server is difficult.  2;00 HTTP Smuggling https://www.youtube.com/watch?v=PFllH0QccCs 7;50 multi-Threading https://www.youtube.com/watch?v=0vFgKr5bjWI&t=1s   Resources https://nvd.nist.gov/vuln/detail/CVE-2019-17638 https://en.wikipedia.org/wiki/Jetty_(web_server) https://www.jenkins.io/security/advisory/2020-08-17/
8/19/202015 minutes, 14 seconds
Episode Artwork

My Struggle with the English Language in the US as an Arab Native Speaker and a Software Engineer

Some of you asked me to talk about how I learned to speak good English on my YouTube videos. I wanted to make a video on the fact that It wasn't always that easy and I struggled a lot and still struggling with English.   I have immigrated to the United State in 2015 In this video, I want to explain my struggle with the English language as an Arabic native speaker and how I got better but still, I need lots of work.  Speaking Tech English is definitely easier than Social.
8/18/202016 minutes, 21 seconds
Episode Artwork

What are Third Party Cookies, How do they work?

In this video I explain in details what are third party cookies and how do they work and explain the same site property that google changed  0;30 SameSite 6;00 CORS 6;22 Content Security Policy https://www.youtube.com/watch?v=nHOuakyHX1E  https://blog.chromium.org/2020/01/building-more-private-web-path-towards.html
8/17/202016 minutes, 27 seconds
Episode Artwork

When Designing a Backend System Minimize the “What If” Questions

What if questions sometimes cripple the system design for backend application and complicate the end product. I discuss this in this video.    Stay Awesome Hussein Nasser
8/16/20209 minutes, 21 seconds
Episode Artwork

I ask this question to every Backend Engineer I interview

Light video today discussing my interviewing skills for software engineering positions. I always ask this open ended question and allow the candidate to go free.
8/16/202011 minutes, 43 seconds
Episode Artwork

Is YAGNI (You aren’t gonna need it) Still Relevant in Backend Engineering System Design?

YAGNI stands for You aren’t gonna need it and its a pillar in extreme programming, in this video I discuss this philosophy within the context of Backend Engineering.  https://en.wikipedia.org/wiki/You_aren%27t_gonna_need_it  * Extreme Programming Rob Jefferies * You Aren’t Gonna Need it  .. true but only if the design is well defined  * But I am going to need it * Waterfall vs Agile
8/16/202015 minutes
Episode Artwork

WOW! China Blocks TLS 1.3 with ESNI - Let us discuss

SNI or server name indication is a TLS Extention that indicate which server/host/domain the client want to communicate with. This is to allow for hosting of multiple websites on the same public static ip address. For the longest time all ISPs used SNI to block hosts and websites, China is now blocking the encrypted version SNI. 0:00 Intro 2:00 DNS and DOH 3:30 SNI 6:30 ESNI 11:00 The Block The ESNI and DOH stops this but China want https://www.zdnet.com/article/china-is-now-blocking-all-encrypted-https-traffic-using-tls-1-3-and-esni/ https://tools.ietf.org/html/draft-ietf-tls-esni-07#section-3.2
8/9/202013 minutes, 52 seconds
Episode Artwork

Let us discuss HSBC moving from 65 relational databases into one global MongoDB database

HSBC moving from 65 relational databases to a single Global MongoDB, that might be true but it's misleading as not all systems are moved. Resources https://diginomica.com/hsbc-moves-65-relational-databases-one-global-mongodb-database Why some devs don't use MongoDB https://news.ycombinator.com/item?id=23507197 https://news.ycombinator.com/item?id=19497817 https://news.ycombinator.com/item?id=18366385 https://news.ycombinator.com/item?id=23270429
8/7/202010 minutes, 24 seconds
Episode Artwork

FireFox Changes to SameSite Cookie Default Behavior Following Chrome’s footsteps - Great Change

SameSite Cookie attribute has been introduced to secure the web and only send cookies within a trusted and safe context.  SameSite Cookies Video  https://www.youtube.com/watch?v=aUF2QCEudPo
8/6/20207 minutes, 4 seconds
Episode Artwork

Chrome Blocks Downloads For Files Hosted on HTTP (insecure) URLs - GREAT CHANGE!

A great change by Chrome team, downloading files on HTTP insecure channels is insecure. Let us discuss  Resource  https://www.zdnet.com/article/google-to-block-some-http-file-downloads-starting-with-chrome-83/
8/6/20208 minutes, 49 seconds
Episode Artwork

How Homomorphic Encryption will revolutionize Software Engineering

Homomorphic encryption is a form of encryption allowing one to perform calculations on encrypted data without decrypting it first. The result of the computation is on an encrypted form, when decrypted the output is the same as if the operations had been performed on the unencrypted data.  In this video I go through what homomorphic encryption is and how it will change software engineering forever. 0:00 Intro 2:25 What is Encryption? 3:55 Why we can’t always encrypt? TLS terminator proxies to looks Search and Analyse data Database indexing, functions 8:30 Meet Homomorphic encryption -Perform operations on encrypted data -We decrypt the data to process it.. -Imagine no more TLS termination! In proxies 13:20 IBM FHE toolkit code demo Country csv database, encrypted and then search 21:00 Pros & Cons of Homomorphic Encryption Resources https://github.com/IBM/fhe-toolkit-linux/blob/master/GettingStarted.md https://www.youtube.com/playlist?list=PL0VD16H1q5IOEQuRdgRVt1M8uQSbpVzTb https://arstechnica.com/gadgets/2020/07/ibm-completes-successful-field-trials-on-fully-homomorphic-encryption/?comments=1&start=80 https://github.com/IBM/fhe-toolkit-linux/blob/master/GettingStarted.md cards 1;05 encryption video https://www.youtube.com/watch?v=Z3FwixsBE94 3;45 tls https://www.youtube.com/playlist?list=PLQnljOFTspQW4yHuqp_Opv853-G_wAiH- 7;41 steve gipson https://www.youtube.com/watch?v=UKvK76Rnqus
8/2/202024 minutes, 9 seconds
Episode Artwork

Dropbox migrates to Envoy from NginX - Let us discuss

Dropbox has fully migrated their proxying needs from nginx to envoy proxy. They wrote this detailed article about the reasons and motivations and problems faced during migration. It is an interesting read. Let us discuss https://dropbox.tech/infrastructure/how-we-migrated-dropbox-from-nginx-to-envoy Migrating Dropbox from Nginx to Envoy | Hacker News 0:00 Intro 4:20 What is this Article about? 6:10 Performance 11:15 Security 14:28 Missing Features in NginX 23:24 Migration was NOT Seamless 33:00 Summary
8/2/202035 minutes, 38 seconds
Episode Artwork

Twitter hackers caught (Full analysis) - What really happened, how they got caught and can homomorphic encryption prevents this?

The twitter hackers got caught and the case is closed, what have we learned? what really happened? and how can we prevent such attacks in the future, can homomorphic encryption help? Resource https://www.theverge.com/2020/7/31/21349920/twitter-hack-arrest-florida-teen-fbi-irs-secret-service 0:00 Intro 2:00 Summary of July 15 3:30 How the attack really happened? 8:00 How the attackers got caught? 10:45 How could this be prevented? 12:15 Can homomorphic encryption help?
8/2/202017 minutes, 39 seconds
Episode Artwork

MariaDB vs MySQL SSD NVMe vs SATA Performance - Discussions on the Percona Benchmark

This is an analysis of the #percona benchmark article comparing MySQL & mariaDB performance with regards to SSD disks with NVMe vs SATA controllers. Pretty neat  0:00 Intro 1:00 MariaDB vs MySQL 2:15 SATA vs NVMe 4:30 SATA Benchmark 7:30 NVMe Benchmark 10:00 SSD & B-Trees 11:20 Best Practices mySQL for SSDs    Resources https://www.percona.com/blog/2020/07/29/checkpointing-in-mysql-and-mariadb/ https://www.percona.com/blog/2020/07/30/how-mysql-and-mariadb-perform-on-nvme-storage/?utm_campaign=2020%20Blog%20Q3&utm_content=135945936&utm_medium=social&utm_source=twitter&hss_channel=tw-35373186 https://www.samsung.com/semiconductor/global.semi.static/best-practices-for-mysql-with-ssds-0.pdf   🏭 Backend Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT  💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2  🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr  🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC  🐘 Postgres Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj  🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r  🧮 Programming Pattern Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe  🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv  🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO  🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX  🔆 Javascript Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM  👾Discord Server https://discord.gg/CsFbFce  Become a Member  https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join  Support me on PayPal https://bit.ly/33ENps4  Become a Patreon https://www.patreon.com/join/hnasr?  Stay Awesome, Hussein
7/30/202013 minutes, 56 seconds
Episode Artwork

MongoDB and ElasticSearch Clusters WIPED! The Meow attack and how Backend Engineers can prevent it

Bob Diachenko discovered an attack on MongoDB and ElasticSearch clustered that are unsecured. We discuss this attack in detail and how we as Backend Engineers can secure our databases.   0:00 The Meow Attack again MongoDB & ElasticSearch 1:43 How does it work? 5:00 Scope of the Attack 6:00 How Backup & MVCC Help 8:30 What does “Unsecure” mean? 11:00 Protecting Database Instances
7/30/202016 minutes, 29 seconds
Episode Artwork

I started Researching WebRTC and…..

My progress of researching webRTC
7/28/202022 minutes, 32 seconds
Episode Artwork

Advice to Anyone starting a Software Engineering YouTube Channel

This is a podcast I did with @Adarsh Menon where I discuss my journey into Backend Engineering and some lessons learned during the course of my 20+ years engineering journey. Enjoy    0:00 Intro 2:45 Podcast Starts 3:15 How did you get into programming? 10:15 What problems do you solve at Esri ? 14:55 Generalist or Specialist ? 24:45 Advice to people starting out 33:15 On being Humble 47:05 YouTube advice for tech YouTubers 53:45 Thoughts on starting a company 56:45 Advice to 22 year old Hussein     🏭 Backend Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT  💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2  🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr  🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC  🐘 Postgres Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj  🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r  🧮 Programming Pattern Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe  🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv  🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO  🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX  🔆 Javascript Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM  👾Discord Server https://discord.gg/CsFbFce  Become a Member  https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join  Support me on PayPal https://bit.ly/33ENps4  Become a Patreon https://www.patreon.com/join/hnasr?  Stay Awesome, Hussein
7/26/20201 hour, 4 minutes, 8 seconds
Episode Artwork

One Line of Code can open you for a MITM attack, Let us Discuss

Was reading this article and it is interesting how relatable to backend engineering and security and how many times I made this mistake before. In this video I discuss how it is not a good idea to ignore certificate validation which can lead MITM attacks.   This article shows an ASUS router that does not verify TLS certificate which is a flaw discovered by Martin Rakhmanov a security researcher.   0:00 Intro 2:00 Validate Certificate  12:18 How to mitigate  18:00 Avoiding MITM   Resources https://www.techradar.com/news/this-router-is-vulnerable-to-fake-updates-and-cross-site-scripting-attacks   🏭 Backend Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT  💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2  🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr  🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC  🐘 Postgres Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj  🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r  🧮 Programming Pattern Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe  🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv  🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO  🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX  🔆 Javascript Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM  👾Discord Server https://discord.gg/CsFbFce  Become a Member  https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join  Support me on PayPal https://bit.ly/33ENps4  Become a Patreon https://www.patreon.com/join/hnasr?  Stay Awesome, Hussein
7/25/202019 minutes, 15 seconds
Episode Artwork

WhatsApp handles 3 MILLION TCP Connections Per Server! How do they do it? Let us discuss

WhatsApp is a chatting application written in Erlang. Let us have a discussion on how WhatsApp managed to run 3 million TCP connections on each FreeBSD server.   WhatsApp has the following metrics 42 Billion messages a day 1 Billion users 3 Million connections!!   0:00 Intro 2:00 How WhatsApp reached 1,2 then 3 Million Connection 7:00 How Many Processes?  10:00 Server Side Load Balancing 13:50 Client Side Load Balancing   Resources https://blog.whatsapp.com/1-million-is-so-2011 https://blog.whatsapp.com/on-e-millio-n https://developers.facebook.com/videos/f8-2016/a-look-at-whatsapp-engineering-for-success-at-scale/   🏭 Backend Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT  💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2  🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr  🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC  🐘 Postgres Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj  🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r  🧮 Programming Pattern Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe  🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv  🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO  🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX  🔆 Javascript Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM  👾Discord Server https://discord.gg/CsFbFce  Become a Member  https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join  Support me on PayPal https://bit.ly/33ENps4  Become a Patreon https://www.patreon.com/join/hnasr?  Stay Awesome, Hussein
7/25/202016 minutes, 38 seconds
Episode Artwork

TLS 1.1 is Dead … Well Almost! thanks to Chrome 84- Deep Dive Analysis

In this video I go through why TLS 1.0 and TLS 1.1 should go away.   Resources https://threatpost.com/riskrecon-the-tls-1-2-deadline-is-looming-do-you-have-your-act-together/157296/ https://www.zdnet.com/article/chrome-84-released-for-blocking-notification-popups-on-spammy-sites/ ‪https://www.theregister.com/2020/07/20/microsoft_roundup/‬
7/21/202014 minutes, 48 seconds
Episode Artwork

Remote Code Execution bug found in Popular Node.js changelog library (I go through the code)

Github security team has found a remote execution code in Node.JS library changelog. In this video I describe the bug and go through the code  Resources https://portswigger.net/daily-swig/github-security-team-finds-remote-code-execution-bug-in-popular-node-js-changelog-library https://github.com/conventional-changelog/standard-version/pull/351/files https://github.com/advisories/GHSA-7xcx-6wjh-7xp2
7/21/202010 minutes, 44 seconds
Episode Artwork

My Thoughts on the Massive VPN Leak of 1.2 TB User logs

In this video I discuss the VPN Leak of 1.2 TB of user logs data, IP addresses, password and much more   Resources https://www.theregister.com/2020/07/17/ufo_vpn_database/ https://www.comparitech.com/blog/vpn-privacy/ufo-vpn-data-exposure/
7/20/202016 minutes, 33 seconds
Episode Artwork

The Cloudflare Outage - What Happened? And my Thoughts

In July / 17 Cloud Flare had a 27 minutes outage, we discuss this outage what caused it and my thoughts on this ..  https://blog.cloudflare.com/cloudflare-outage-on-july-17-2020/
7/18/202010 minutes, 40 seconds
Episode Artwork

My Thoughts on The Twitter “Hack”

A hacker used Twitter’s own ‘admin’ tool to spread cryptocurrency scam. In this video I discuss this attack
7/16/20209 minutes, 36 seconds
Episode Artwork

Server-Sent Events Crash Course

Server-Sent Events or SSE is when the server sends events to the client in a unidirectional manner. In this video I explain Server-Sent Events and compare it to websockets and HTTP and Long Polling.   Source Code https://github.com/hnasr/javascript_playground/tree/master/server-sent-events  Resources https://developer.mozilla.org/en-US/docs/Web/API/EventSource   0:00 Intro 1:50 HTTP 1.0/1.1 3:40 WebSockets 5:00 Server Sent Events 7:30 SSE Use Cases 9:00 SSE Code Example 18:00 SSE Pros & Cons 25:20 Do You Need SSE? 28:30 Summary
7/14/202029 minutes, 47 seconds
Episode Artwork

HOW Would TikTok Be Blocked in US (Technical Explanations)

In this video I go through all possible ways the US can use to block TikTok?  0:00 Intro 0:22 App Stores 1:30 DNS 2:20 ISP Level Block  3:30 DOH/ DOT 5:00 SNI  5:50 VPN
7/8/20206 minutes, 20 seconds
Episode Artwork

Have a Database User for each Express Route - Best Practices for Backend Application with Postgres

This is a question from one of you guys that I thought I'd answer in its own video since its loaded.  Q/A - Shark Beak I currently have the same setup for my side project. What do you think about having a 'create table if not exist' running on startup that creates this table? Good/bad?    It is always a good idea to have a specific database user for each route with specific permissions and use connection pooling as much as possible.
7/6/20206 minutes, 53 seconds
Episode Artwork

ZeroMQ

ZeroMQ is an Open Source Messaging Library designed for a high-performance asynchronous messaging library. In this video I discuss this tech and build a simple queue with this tech 0:00 Intro 1:48 What is ZeroMQ? 4:48 Messaging Patterns 6:42 Socket Types 8:55 Simple Queue 11:00 Code 23:20 ZeroMQ Pros & Cons 29:30 Summary Source Code https://github.com/hnasr/javascript_playground/tree/master/zeromq-simplequeue Resources https://github.com/booksbyus/zguide/tree/master/examples/Node.js https://en.wikipedia.org/wiki/ZeroMQ https://blog.scottlogic.com/2015/03/20/ZeroMQ-Quick-Intro.html http://zguide.zeromq.org/page:chapter3#advanced-request-reply Outline What is ZeroMQ? Message library Message Patterns Broker less Simple you build the components that you need Sockets Types REQ REP PUSH PULL ROUTER DEALER Message PatternS Synchronous Request/Response Asynchronous Request/Response Publish/Subscribe Push/Pull Exclusive Pair Example! (Simple Queue (Push Pull)) Pros & Cons Pros Simple (meh) Efficient lightweight Great for small use cases Cons You have to write customize If you are building a large distributed message queue then you need to implement all features Feels over-engineered Could be simpler.
7/5/202029 minutes, 54 seconds
Episode Artwork

Discussing Layer 7 Reverse Proxy D=DOS Mitigation (Security Now Video by Steve Gibson )

Discussing Layer 7 Reverse Proxy D=DOS Mitigation (Security Now Video by Steve Gibson )
7/2/202014 minutes, 10 seconds
Episode Artwork

Google Chrome and Firefox to Join Apple’s Safari in One Year Certificate Validity (My opinion)

Google Chrome and Firefox to Join Apple’s Safari in One Year Certificate Validity (My opinion)
7/2/202014 minutes, 5 seconds
Episode Artwork

What is TCP Fast Open and how can it speeds up Web Application

TCP Fast Open Spec https://tools.ietf.org/html/rfc7413#section-1
6/30/202012 minutes, 29 seconds
Episode Artwork

What is TCP Slow Start and how Does it affect your Web Application Performance?

In this video I discuss what is the TCP Slow Start and its effect on performance of backend applications, proxies and even frontend applications.
6/30/202011 minutes, 38 seconds
Episode Artwork

Why you can’t run an unencrypted HTTP/2 Server on Port 80 - Protocol Ossification Explained

In this video, I explain why we can't run unencrypted HTTP/2 or HTTP/3 without enabling TLS. This is because of Protocol Ossification.
6/30/20209 minutes, 17 seconds
Episode Artwork

Why Turning on HTTP/2 Was a Mistake (My opinion on the lucidchart article)

Article: Why Turning on HTTP/2 Was a Mistake - Lucidchart - https://www.lucidchart.com/techblog/2019/04/10/why-turning-on-http2-was-a-mistake/  In this video I discuss this article and my opinion.  That is not a limitation of HTTP/2 but of the application that couldn't handle the request. It is like driving a volvo all your life and then switching to a Ferrari and saying it was a mistake because its too fast. I disagree with the solutions of throttling the LB and I think the app should either be architected to not send this much requests if possible or just add more servers since HTTP is stateless you should be able to scale. HTTP/2 however does use more cpu it is dealing with many streams. The article doesn’t explain if it was H2 all the way though or not.    0:00 Intro 1:17 HTTP/1.1 Current Architecture  4:00 What happened when They Enabled HTTP/2 AT LB 7:00 Why I disagree with the throttling  8:00 Proposed Solutions  12:15 Why HTTP/2 can be CPU intensive   Card at minute 3 playlist http2   🏭 Backend Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUNnO4p00ua_C5mKTfldiYT  💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2  🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr  🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC  🐘 Postgres Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj  🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r  🧮 Programming Pattern Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe  🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv  🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO  🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX  🔆 Javascript Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM  👾Discord Server https://discord.gg/CsFbFce  Become a Member  https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join  Support me on PayPal https://bit.ly/33ENps4  Become a Patreon https://www.patreon.com/join/hnasr?  Stay Awesome, Hussein
6/28/202015 minutes, 5 seconds
Episode Artwork

What Recruiters really look for in a Backend Engineer? (Unpopular opinion)

In this video I have a conversation with you on how we one break it into backend engineering answer most of your questions, what should you write in a CV, what recruiters expect for backend engineers etc..   Question: Hey Hussein, I hope you are doing well, Are there any tips or tricks I can do to make it easier to break into the industry as a back-end developer? i mean what are recruiters looking for in a CV? i would be glad if you made a video about that.
6/19/202025 minutes, 39 seconds
Episode Artwork

Multicast DNS

In this video I discuss multicast DNS. Wikipedia defines multicast dns In computer networking, the multicast DNS (mDNS) protocol resolves hostnames to IP addresses within small networks that do not include a local name server.    0:00 Intro 0:30 DNS Explained in LAN 4:00 Multicast DNS
6/17/20206 minutes, 53 seconds
Episode Artwork

Overengineering in Software

In this video, I explain the different cases where we overengineer software especially in two pieces, software code, and system design and architecture.  Chapters 0:00 Intro 1:45 OverEngineering in Software Development 7:15 OverEngineering System Design
6/17/202018 minutes, 35 seconds
Episode Artwork

Can your ISP block you from Watching A Single YouTube Video?

We know ISP can block you from going to YouTube all together but can they block you from watching a single youtube video? I discuss that in this video  Stay Awesome, Hussein
6/7/202011 minutes, 38 seconds
Episode Artwork

What Caused Stripe and Ruku to stop working on May 30th 2020? Expired Root Certificate Bug Explained

In this video I explain what happened to services such as stripe & roku which failed to establish TLS sessions because the ROOT certificate AddTrust External CA Root has expired. This is a bug in openSSL and other software the perform this kind of validation.   I explain what happened in details..   Resources https://twitter.com/sleevi_/status/1266647545675210753 https://tools.ietf.org/html/rfc4158 https://ohdear.app/blog/resolving-the-addtrust-external-ca-root-certificate-expiration
6/2/20208 minutes, 43 seconds
Episode Artwork

MultiThreading and MultiProcessing over a Single TCP Connection, Good Idea?

Sharing a Single TCP Connection whether this is HTTP, WebSockets or just RAW TCP protocol between multi-threading or multi-processes application is bound to cause bad undesirable effects. I explain this in this video and give example of how QUIC & HTTP/2 have solved this problem.   Pooling 5:00 QUICK Database 6:30 HTTP/2 Playlist 7:00
5/31/20209 minutes, 2 seconds
Episode Artwork

How Does Database Store Tables on Disk? Explained both SSD & HDD

in this video I explain how database systems store their data on Disk both f from SSD (solid-state drives) and HDD (HarD disk drive).   There are many factors that go into that discussion so I tried to cover the high level here.   Reseources https://www.extremetech.com/extreme/210492-extremetech-explains-how-do-ssds-work https://www.percona.com/blog/2019/12/18/give-love-to-your-ssds-reduce-innodb_io_capacity_max/
5/30/202018 minutes, 55 seconds
Episode Artwork

Understand Fundamentals not Tools (e.g. WebSockets vs Socket.io, Javascript vs React, Python vs Django)

Understand Fundamentals not Tools (e.g. WebSockets vs Socket.io, Javascript vs React, Python vs Django)
5/26/20204 minutes, 43 seconds
Episode Artwork

How to Spot Good Software Documentations from Really Bad one?

In this video I discuss all about software documentation.Good doc from bad doc and how to differentiate and is documentation the only source of learning about a particular tech?
5/25/202012 minutes, 18 seconds
Episode Artwork

7 Tips To Optimize Your Backend API (Without Caching)

In this podcast I discuss 7 Tips To Optimize Your Backend API (Without Caching)  1) The serialization representation (XML/JSON, pbf) 0:40 2) Preheating connections 3) H1 vs H2 4)TCP meltdown (big distance) 5) Proxies 6) large payload (select * ) 7) Client side processing (transfomring the work)
5/24/20207 minutes, 47 seconds
Episode Artwork

10 FrontEnd Performance Tips To Improve Your Application (Any Programming Language)

In this video, I would like to discuss 10 performance tweaks and tips that you can apply to your frontend application to improve its performance and efficiency. These tips are applicable to any programming language on Web, mobile, or desktop application.  Chapters 0:00 Intro 0:40 Optimistic queries 1:57 Paging 3:00 Lazy Loading 4:00 Request what you Need 6:53 Connection State 10:00 LRU Cache 11:10 Group Notifications 12:30 Avoid Expensive Queries Even At Expense of Bad UX 14:00 Design your UX So you Minimize Requests
5/20/202015 minutes, 3 seconds
Episode Artwork

Agile vs Waterfall Software Development Methodology Explained

In this video I explain the difference between Agile & Water, the pros & cons and more. Chapters 0:00 Intro 1:00 Waterfall 5:00 Agile
5/19/202015 minutes, 41 seconds
Episode Artwork

How WebSockets Work with HTTP/2 (RFC8441 Explained)

In this video I explain how WebSockets work in the new HTTP/2 protocol. This is explained in the  Bootstrapping WebSockets with HTTP/2 in RFC8441 https://tools.ietf.org/html/rfc8441 https://link.medium.com/v5sB9nbUp6  1:00 HTTP2 5:50 HTTP/2 limitations
5/13/20208 minutes, 39 seconds
Episode Artwork

Machine Learning Occupancy Detection System being deployed in California

Metroexpress lane is implementing a Machine Learning Occupancy Detection System which I found interesting. In this video I discuss machine learning, supervised learning, labeling and much more.
5/11/202010 minutes, 35 seconds
Episode Artwork

What is a Multitenancy Architecture and Why Is it becoming popular?

In this video I explain the multi-tenancy architecture. The basic idea is to have a single instance of your application to serve multiple tenants or customers and the properties are this. This is as opposed to isolated or dedicated infrastructure. Shared Instance One database hosting multiple customers Isolation at the application level Can be multi-processes and multi-instances as long as they are pooled Stateless Tags Multitenancy, software Multitenancy, Multitenancy explained, Multitenancy architecture https://www.zdnet.com/article/defining-the-true-meaning-of-cloud/
5/9/20208 minutes, 15 seconds
Episode Artwork

How Important are algorithm and data structures in backend engineering?

Algorithms & Data Structures are critical to Backend Engineering however it really depends on what kind of application and infrastructure you are building. In this video I want to go through the following   1 Backend Engineers are two types - Integrating Existing Backend  - Core Backend  Example Building a CRUD API? Online Cinema system, URL shortener, You will pick up a database and write your logic Building a social network?  * are you gonna be integrator use a ready made graph database?  * Are you gonna use a off the shelf database and write your logic in the application? * Are you gonna build your own graph database platform?  * Any of these scenarios you will run into problems slow performance and you need to understand why  Building a monitoring system? are you gonna integrate an existing database ? or build your own?     2. Be Pragmatic  (Algorithms are not always the solution)   * Most performance issues are not algorithm problems, they are just bad bugs. and misuse .. paging  We are a sorted 100 items takes 1 minute to sort and return.. merge sort or heap or quick sort won’t help you   3. Always keep learning to be open to learn new Algorithms
5/9/202013 minutes, 29 seconds
Episode Artwork

My Preferred Method of Learning Backend Engineering Technologies Fast

In this video I want to talk about my preferred method of learning backend engineering technologies, I prefer podcasts and youtube videos some people prefer books. My First Programming Book My Problem with Learning in Books My Preferred Method of learning (Podcasts) YouTube Videos Problem is Biased .. Details in WIkipedia then Recommended Podcasts https://softwareengineeringdaily.com/ https://www.dataengineeringpodcast.com/ https://changelog.com/podcast Recommended YouTube Channels https://www.youtube.com/user/TechGuyWeb https://www.youtube.com/user/99baddawg https://www.youtube.com/channel/UCRPMAqdtSgd0Ipeef7iFsKw https://www.youtube.com/channel/UCn1XnDWhsLS5URXTi5wtFTA
5/5/202011 minutes, 39 seconds
Episode Artwork

What is a Message Queue and When should you Queues?

Message Queues system like RabbitMQ and Kafka are amazing technologies but when should you actually use a message queue? I discuss this in this video.
5/1/202013 minutes, 4 seconds
Episode Artwork

RabbitMQ Channels, HTTP/2 Streams and How QUIC can fix the limitation Message Queues

In this video I talk about RabbitMQ Channels compared to HTTP/2 Streams and how QUIC helps mitigate some of the major limitations in Channels and Streams. Chapters 0:00 Intro 0:10 RabbitMQ Channels 3:10 HTTP/2 Streams 6:00 How QUIC Helps
5/1/20209 minutes, 49 seconds
Episode Artwork

Can QUIC Protocol be used as in Databases ? Web Application Database Pooling, head of line blocking and more

In this video I discuss why QUIC will make a great communication protocol for databases and how it solves a critical problem with stateless web applications. Web applications uses database connection pooling to establish database connections on the backend. But that creates other sorts of problems. Timecodes 0:00 Intro 0:20 Database Communication Protocols 2:00 Problem with Sharing Database Connections 6:50 How QUIC streams can help Databases
4/29/202012 minutes, 41 seconds
Episode Artwork

When should you shard your database?

Database Application level sharding is the process of splitting a table into multiple database instances in order to distribute the load. However, Sharding a database is an expensive operation (maintainability and overhead) and I suggest you do that only when you absolutely need to. That means when your single instance database can no longer serve queries with minimum latency. So I suggest you monitor that and only shard if necessary.. I rather do replication make master / backup and make requests read from replica than Sharding just because it is easier.. good question... nice idea for a video 5:00 Partition horizontally 7:45 Replication (Master/backup) Scale reads 11:00 Scale writes by region 12:30 Sharding 16:40 Sharding in YouTube
4/28/202021 minutes, 19 seconds
Episode Artwork

Advice for Junior backend engineers who just started new jobs

In this video I give some advice to junior backend engineers who just started their new jobs and feel overwhelmed. Backend engineering jobs can be overwhelming at the start, there are so much to learn, so much to read, documentation, tests, code in multiple programming languages. Here are some advice for Junior backend engineers. 0:00 Intro 1:20 Take your time 6:05 Stay hungry keep learning 8:36 Assume your collages know something you don’t 12:42 Don’t bad mouth other people code even if its bad 17:19 Question everything
4/25/202023 minutes, 29 seconds
Episode Artwork

Why System Design and Architecture is an Art ?

Creating a software design is an art here is why 
4/23/20202 minutes, 34 seconds
Episode Artwork

What makes a good Software Tester?

Software Testing is Art, In this video, I discuss what makes a Good Software Tester. How can you become a better software tester that people line up to give pick you? Organizations build software products. But the software is useless if it is filled with bugs. A bug discovered after the product is shipped costs the organization a lot of money. A bug that is discovered before shipping saves the organization time and resources. So organizations line up to find good software engineers that are great in troubleshooting and testing.
4/22/202011 minutes, 22 seconds
Episode Artwork

JSON Web Token

JSON Web Token (JWT, sometimes pronounced JOT) an internet standard for creating JSON-based access tokens that assert some number of claims. The tokens are signed either using a private secret or a public/private key. In this video I want to discuss the difference between JWT and Session Based Auth, will show examples with Node JS and Postgres. Finally I’ll discuss the pros and cons of JWT.
4/19/202057 minutes
Episode Artwork

Main Difference between Asynchronous, Multithreading and Multiprocessing Programming

In this video I explain the main difference between asynchronous execution, multithreading and multiprocessing programming. There are advantages and disadvantages of each approach. Synchronous 0:30 Multithreading a process have many threads shared resources 3:20 Async io single thread 6:00 Multiprocessing  11:00 Threads are evil https://web.stanford.edu/~ouster/cgi-bin/papers/threads.pdf sync vs async, multithreading vs multiprocessing, multithreading async, threading
4/12/202015 minutes, 32 seconds
Episode Artwork

How End to End encryption work?

In this video I explain End to End encryption within the context of WhatsApp. I explain how encryption and TLS works then the problem of having a centerlized server decrypting the traffic, I then talk about how end to end encryption (e2e) can help mitgate that and finally I explain the problems with e2e encryption Classic Encryption Example 1:00 End to end encryption 3:25 Problem with E2E 7:30 - Trust? Fingerprints/CA (QR whatspp) encryption 00:30 encryption, e2e encryption, end to end encryption, whatsapp end to end encryption, how e2e works, e2e limitations
4/12/202013 minutes, 51 seconds
Episode Artwork

WhatsApp Limits Messages that can be Forwarded

WhatsApp Introduced long time a go Unlimited forwarding then limited Up to 5 times Double forwarded too many times (last year) Double forwarded messages can only be forwarded once or even none Forwarding feature end to end encryption Sent/delivered/read https://www.cnbc.com/2020/04/07/whatsapp-limits-message-forwards-to-combat-coronavirus-misinformation.html
4/12/20205 minutes, 13 seconds
Episode Artwork

Forward Proxy vs Reverse Proxy Explained

In this video, I explain the difference between a proxy and a reverse proxy. This is a refreshed version of the proxy video I made.   What is a Proxy ?  Proxy use cases - Logging - Anonymity - Geofencing  - Caching - Block sites (office)  - Enable Polyglot    What is Reverse Proxy?  Reverse Proxy Example Reverse Proxy Use Cases  - Caching (Varnish)  - Load Balancing - Ingress (/pics)  - Canary Deployment   Many types of proxy check it here  Q and A * can we use proxy and reverse proxy together?  * Can I use Proxy to hide my identity instead of a VPN?  * Can I use proxy just for HTTP?     tags: proxy vs reverse proxy, reverse proxy benefits, what is a reverse proxy, what is a proxy, what is the difference between proxy and reverse proxy   Sidecar proxy 4:14 Load balance 7:40  Proxy Reverse Proxy 5:00   🏭 Software Architecture Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9  💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2  🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr  🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC  🐘 Postgres Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj  🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r  🧮 Programming Pattern Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe  🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv  🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO  🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX  🔆 Javascript Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM  👾Discord Server https://discord.gg/CsFbFce  Support me on PayPal https://bit.ly/33ENps4  Become a Patreon https://www.patreon.com/join/hnasr?  Stay Awesome, Hussein
4/9/202014 minutes, 17 seconds
Episode Artwork

What is a Distributed Transaction in Microservices?

In this video I explore what is a distributed transaction but first I explain what is a transaction, then why we invented distributed transactions and finally discuss proposed solutions to implement distributed transactions   Cards 2:40 ACID https://www.youtube.com/watch?v=pomxJOFVcQs 7:30 Microservices https://www.youtube.com/watch?v=T-m7ZFxeg1A    Transactions 2:30 Compensating Edits 6:40 Atomic Clocks 11:50 Event Sourcing 13:30 Mini-Monolith 15:20   Resources  https://www.youtube.com/watch?v=YPbGW3Fnmbc  https://www.youtube.com/watch?v=S4FnmSeRpAY  https://www.youtube.com/watch?v=epOLEdaPSLQ  https://softwareengineeringdaily.com/2018/12/19/linkerd-service-mesh-with-william-morgan/     🏭 Software Architecture Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9  💾 Database Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2  🛰 Network Engineering Videos https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr  🏰 Load Balancing and Proxies Videos https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC  🐘 Postgres Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj  🚢Docker https://www.youtube.com/playlist?list=PLQnljOFTspQWsD-rakNw1C20c1JI8UR1r  🧮 Programming Pattern Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe  🛡 Web Security Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv  🦠 HTTP Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO  🐍 Python Videos https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX  🔆 Javascript Videos  https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM  👾Discord Server https://discord.gg/CsFbFce  Support me on PayPal https://bit.ly/33ENps4  Become a Patreon https://www.patreon.com/join/hnasr?  Stay Awesome, Hussein
4/5/202021 minutes, 27 seconds
Episode Artwork

Chrome follows FireFox steps - Rolling back SameSite cookie change

A very necessary change and good step made by Google Chrome Team to rollback the same site cookie change Blog https://blog.chromium.org/2020/04/temporarily-rolling-back-samesite.html Firefox re-enables https://www.youtube.com/watch?v=sh3TPId35Ec SameSite Cookie Attribute https://www.youtube.com/watch?v=aUF2QCEudPo
4/4/20205 minutes, 17 seconds
Episode Artwork

Bloom Filters Explained

In this video I explain why we invented bloom filters and where you can use it to make your queries more efficent.
4/2/20209 minutes, 18 seconds
Episode Artwork

What is On Demand TLS?

On-Demand TLS is a new feature developed by Caddy Web Server that allows TLS certificate to be generated on the first request, I explain this tech and their pros and cons in this video.
3/30/202014 minutes, 54 seconds
Episode Artwork

Lazy Loading vs Eager Loading with Node JS & Express

Lazy Loading is a technique where a piece of data is being loaded when needed instead prior. This ensures Fast startup times but can delay requests. In this video I’ll show both Eager loading and the lazy loading with example Node JS
3/29/20208 minutes, 22 seconds
Episode Artwork

The good the bad and the ugly on gRPC

In this podcast I discuss the good, the bad and the ugly about gRPC. No technology is perfect. 
3/28/202015 minutes, 51 seconds
Episode Artwork

This is why gRPC was invented

THIS IS MAIN reason gRPC was invented 8:40 -> 16:40 (8 minutes) In this video I discuss the reasoning and all the problems and limitations that lead to the invention of gRPC.
3/28/20209 minutes, 2 seconds
Episode Artwork

Firefox re-enables TLS 1.0 & TLS 1.1 to allow access to legacy websites hosting COVID19 information

Firefox has disabled TLS 1.0 and TLS 1.1 to improve your website connections. Sites that don't support TLS version 1.2 will now show an error page.  We reverted the change for an undetermined amount of time to better enable access to critical government sites sharing COVID19 information. https://www.youtube.com/watch?v=grVVuGnN9IE https://www.mozilla.org/en-US/firefox/74.0/releasenotes/ https://twitter.com/cramforce/status/1242515799215988737?s=21