The Backend Engineering Show with Hussein Nasser
535 episodes - English - Latest episode: about 2 months ago - ★★★★★ - 5 ratingsWelcome to the Backend Engineering Show podcast with your host Hussein Nasser. If you like software engineering you’ve come to the right place. I discuss all sorts of software engineering technologies and news with specific focus on the backend. All opinions are my own.
Most of my content in the podcast is an audio version of videos I post on my youtube channel here http://www.youtube.com/c/HusseinNasser-software-engineering
Buy me a coffee
https://www.buymeacoffee.com/hnasr
🧑🏫 Courses I Teach
https://husseinnasser.com/courses
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
My website went down - enom outage analysis
January 16, 2022 20:08 - 25 minutes - 17.5 MBenom my DNS registrar had an outage which took down my site husseinnasser.com lets discuss 0:00 Intro 5:00 How DNS Works 12:00 Outage report 16:00 Will I migrate my DNS? 21:40 Does decentralize mean anything anymore?
Thoughts on Low code | The Backend Engineering Show
January 05, 2022 17:05 - 20 minutes - 14.3 MBIn this episode of the backend engineering show, I’ll discuss the low code movements and their pros and cons. 0:00 Intro 2:00 Evolution of Languages 8:40 Low Code Movement 10:00 Side Effect of Low Code 13:00 Leaky Abstractions Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com Introduction to NGINX (link redirects to udemy with coupon) https://nginx.husseinnasser.com Python on the Backend (link redirects to ude...
Tech I want to explore in 2022
January 03, 2022 18:20 - 21 minutes - 14.5 MBThese are some fundamental technologies that I want to explore in 2022. 0:00 The Way I learn 4:20 Database Engineering 7:00 Network Engineering 9:30 Hardware and Operating Systems 15:00 The problem with software engineering Collateral Knowledge Video https://www.youtube.com/watch?v=6YKbVpWmeLM&t=3s Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Fundamentals...
How TikTok short content is delivered through HTTP - Devtooling TikTok
December 29, 2021 15:20 - 19 minutes - 13.5 MBWelcome to another dev tools video, in this video I use dev tools to break down how Tiktok website works to pull short-form content. We will use therock as a subject. It is an interesting episode, enjoy
An HTTP request journey to the Backend | Backend Engineering Show
December 23, 2021 22:33 - 37 minutes - 25.7 MBIn this episode of the backend engineering show, I explain the journey of an HTTP request that gets initiated from a click on a link. I discuss DNS, TCP, API Gateways, reverse proxies, load balancers, backend web servers, and much more. Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg 🧑🏫 Courses I Teach https://husseinnasser.com/courses
The Journey of an HTTP request to the Backend | Backend Engineering Show
December 23, 2021 22:33 - 36 minutes - 25.2 MBIn this episode of the backend engineering show, I explain the journey of an HTTP request that gets initiated from a click on a link. I discuss DNS, TCP, API Gateways, reverse proxies, load balancers, backend web servers, and much more. Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg 🧑🏫 Courses I Teach https://husseinnasser.com/courses
Log4DoS - New Denial of Service discovered in log4j | The Backend Engineering Show
December 19, 2021 15:02 - 19 minutes - 17.8 MBRight after the latest patch log 4j 2.16, a new denial of service vulnerability surfaced on log4j resulting in a new 2.17 patch. Let us discuss. 0:00 log4dos 4:50 History of log4j fixes 15:20 All love to the open source maintainers Previous Backend Engineering show episode coverage of log4shell https://youtu.be/77XnEaWNups https://logging.apache.org/log4j/2.x/security.html# Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Conten...
Detailed analysis on the Amazon US-EAST-1 Outage - Video Podcast
December 18, 2021 01:24 - 54 minutes - 30.9 MBIn this episode of the backend engineering show, we go through a deep dive to uncover the reason behind the outage on December 7th, 2021 Amazon outage. RCA https://aws.amazon.com/message/12721 All outage analysis videos https://www.youtube.com/watch?v=dhZ5--R42AM&list=PLQnljOFTspQXdkZLiYCCh_5RBP1-T-Rnx Get the Fundamentals of Database Engineering udemy course https://database.husseinnasser.com
Detailed analysis on the Amazon US-EAST-1 Outage | The Backend Engineering Show
December 18, 2021 01:17 - 54 minutes - 31.4 MBIn this episode of the backend engineering show, we go through a deep dive to uncover the reason behind the outage on December 7th, 2021 Amazon outage. RCA https://aws.amazon.com/message/12721 All outage analysis videos https://www.youtube.com/watch?v=dhZ5--R42AM&list=PLQnljOFTspQXdkZLiYCCh_5RBP1-T-Rnx Get the Fundamentals of Database Engineering udemy course https://database.husseinnasser.com Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join
The Log4j vulnerability | The Backend Engineering Show
December 15, 2021 02:12 - 35 minutes - 33 MBIn this episode of the backend engineering show, I discuss the log4j vulnerability (CVE-2021-44228 also known as log4shell) that took the Internet by storm. 0:00 Intro 1:00 log4j 5:30 How the attack started 11:00 Attack with DNS 17:00 Remote Code Execution 23:00 Remedy 31:00 Scanning References https://nvd.nist.gov/vuln/detail/CVE-2021-44228 https://youtu.be/oC2PZB5D3Ys 🧑🏫 Courses I Teach https://husseinnasser.com/courses Become a Member on YouTube https://www.youtube.com/chan...
Postgres HOT Optimization | The Backend Engineering Show
December 03, 2021 14:43 - 25 minutes - 14.6 MBIn this episode of the backend engineering show taken from my udemy Q&A I discuss the reasons behind Postgres HOT Optimization or heap only tuple.
Postgres HOT Optimization | Backend Engineering Show
December 03, 2021 14:43 - 25 minutes - 23.6 MBIn this episode of the backend engineering show taken from my udemy Q&A I discuss the reasons behind Postgres HOT Optimization or heap only tuple. --- Send in a voice message: https://anchor.fm/hnasr/message Support this podcast: https://anchor.fm/hnasr/support
Postgresql index bloat | The Backend Engineering Show
November 11, 2021 04:03 - 27 minutes - 25.5 MBPostgresql database implements MVCC by creating a new row version for any update/delete/or insert. While this is a sound implementation to support concurrent transactions reading old version of the rows, it does have some side effects and this is what I want to discuss in this episode of the backend engineering show. 0:00 Intro 1:00 Postgres MVCC design 6:42 MVCC on other databases 11:15 Side-effects of Row-versioning 17:00 Postgres HOT optimization 19:50 How Index bloat affects Perfor...
What is the cost of Indexing too many columns - Udemy Q&A November 2021
November 05, 2021 15:55 - 27 minutes - 15.8 MBHead to https://database.husseinnasser.com to get a discount coupon for my introduction to database engineering. In this video, I answer some of your questions on the Introduction to Database Engineering Course.
when indexes are useless | The Backend Engineering Show
October 30, 2021 22:37 - 27 minutes - 18.7 MBhead to https://database.husseinnasser.com to get a discount coupon for my Introduction to Database Engineering course In this episode of the backend engineering show, I’ll discuss three instances where indexes can be useless and might add overhead to your operations. Let us discuss. 0:00 Intro 1:34 What is an Index? 4:00 The Cost of Indexes 6:40 Most values are the similar 13:00 WHERE UPPER(NAME)=‘RICK’ 17:10 Composite Index 23:00 How do I know if I’m using an Index
the cost of long-running database transaction (postgres/mysql)
October 21, 2021 02:05 - 9 minutes - 8.72 MBThe cost of a long-running update transaction that eventually failed in Postgres (or any other database for that matter. In Postgres, any DML transaction touching a row creates a new version of that row. if the row is referenced in indexes, those need to be updated with the new tuple id as well. There are exceptions with optimization such as heap only tuples (HOT) where the index doesn’t need to be updated but that doesn’t always happens. If the transaction rolls back, then the new row ver...
The cost rolling back transactions (postgres/mysql)
October 21, 2021 02:05 - 9 minutes - 10.8 MBThe cost of a long-running update transaction that eventually failed in Postgres (or any other database for that matter. In Postgres, any DML transaction touching a row creates a new version of that row. if the row is referenced in indexes, those need to be updated with the new tuple id as well. There are exceptions with optimization such as heap only tuples (HOT) where the index doesn’t need to be updated but that doesn’t always happens. If the transaction rolls back, then the new row versio...
TLS and HTTPS Options in Microsoft IIS
October 13, 2021 03:30 - 20 minutes - 13.9 MBIn this episode of the backend engineering show, I’ll discuss all HTTPS/TLS binding options in Microsoft IIS and also explain why every web server and reverse proxy should have some of these fine level control. Chapters 0:00 Intro 1:00 Require Server Name Indication (SNI) 5:00 Disable TLS 1.3 Over TCP 8:30 Disable Legacy TLS 10:00 Disable OCSP Stapling 12:00 Disable QUIC 14:30 Disable HTTP/2 17:30 Certificate Get my database course https://database.husseinnasser.com Get my NGINX course https:...
On Graph Databases | The Backend Engineering Show
October 10, 2021 17:42 - 22 minutes - 15.4 MBI get a lot of emails asking me to talk about graph databases, so I want to start researching them, but I wanted to give you guys the framework of how I think about any databases to defuse any “magic” that might be there. In this video, I discuss what constrains a database and how the use cases try to work around them. 0:00 Intro 1:50 What constrains a database? 4:00 Indexing Techniques 5:30 Storage Engines - Row-Store 9:00 Columnar Databases 12:00 Graph use cases 16:00 Graph Storage...
Certificates gone bad | The Backend Engineering Show
October 08, 2021 02:15 - 28 minutes - 19.3 MBCertificates contain useful metadata including the public key, domain name, signature, etc. However, the private key can be leaked which causes the certificate to be invalid/dangerous to keep around. In that particular situation, we need a mechanism to revoke certificates and that is what I’m going to discuss in this show. 0:00 Intro 0:30 Why Certificates 12:00 Certificates can go bad 14:50 Certificate Revocation Lists (CRLs) 18:30 OCSP (Online Certificate Status Protocol) 20:40 OCSP S...
Detailed analysis on the facebook outage
October 06, 2021 20:29 - 43 minutes - 25.2 MBIn this episode, I go through the Facebook detailed article regarding their October 4th, 2021 outage and discuss it in length. enjoy Facebook blog: https://engineering.fb.com/2021/10/05/networking-traffic/outage-details/ 0:00 Introduction on Facebook Networking Architecture 12:00 The Cause of the Outage 17:00 What’s DNS 23:00 DNS Servers disabled BGP ads 27:00 Could the outage have been prevented? 32:00 Why did it take so long? 38:00 Why you can’t just flip everything on 41:30 Summa...
Facebook, WhatsApp, Instagram is Down here’s what might’ve caused it (early report)
October 04, 2021 17:44 - 8 minutes - 7.55 MBQuick summary of the Facebook, Instagram and WhatsApp outage on Oct 4th 2021
How Airline WIFI allows Texting but not Media in WhatsApp/iMessage
September 27, 2021 00:16 - 10 minutes - 12.5 MBIn this episode I discuss my recent flight through Alaskan airlines and how they block certain services but allow only texting.
Spook.js - This will bloat Chrome even more | The Backend Engineering Show
September 13, 2021 17:15 - 18 minutes - 12.4 MBSpook.js is a new transient execution side channel attack which targets the Chrome web browser. We show that despite Google's attempts to mitigate Spectre by deploying Strict Site Isolation, information extraction via malicious JavaScript code is still possible in some cases. Resources https://www.spookjs.com/ https://www.chromium.org/developers/design-documents/site-isolation Paper: https://www.spookjs.com/files/spook-js.pdf Chapters 0:00 Process Isolation in Chrome 8:00 Spook.js sub...
SSL Striping | The Backend Engineering Show
September 06, 2021 12:09 - 39 minutes - 27 MBIn this episode of the backend engineering show, I’ll go through the SSL Stripping attack, what caused it, what were the mitigations enforced to solve it, and why it is still a problem. 0:00 Intro 2:10 The Web Security Model 14:30 SSL Stripping Example 22:00 How to Solve SSL Stripping? 27:00 Limitations of HSTS 31:00 Summary Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-...
TCP/IP turns 40 | The Backend Engineering Show
September 03, 2021 13:41 - 29 minutes - 16.7 MBLet us take a moment to appreciate the TCP/IP design by discussing it.
gRPC over HTTP/3 is finally a thing | Backend Engineering Show
September 02, 2021 06:00 - 47 minutes - 27.4 MBThe gRPC team just submitted a proposal to support HTTP/3. This is big news and we have been waiting for a long time for this. In this show, I’ll discuss why would you want gRPC, why gRPC picked HTTP/2, what is actually wrong with HTTP/2 and what HTTP/3 solves. And Finally, I’ll discuss what is wrong with HTTP/3 and pitfalls that you as gRPC user might run into. Let us discuss! 0:00 Intro 1:30 why gRPC 5:20 gRPC & HTTP/2 7:30 gRPC & HTTP/3 8:50 What is wrong with HTTP/2 29:30 What is g...
KeepAlive | The Backend Engineering Show
August 29, 2021 19:23 - 35 minutes - 20.3 MBI discuss keepalive in TCP and HTTP and its pros and cons 0:00 Intro 3:28 What is KeepAlive 8:30 TCP KeepAlive 10:30 Middleboxes and Single-Path TCP 16:30 Middle Boxes and Keepalive 19:30 The FTP KeepAlive trap 25:00 HTTP KeepAlive 30:00 What's a good keepalive timeout? https://daniel.haxx.se/blog/2020/02/10/curl-ootw-keepalive-time/ https://datatracker.ietf.org/doc/html/rfc1122#section-4.2.3.6 https://datatracker.ietf.org/doc/html/rfc793#section-3.5 Become a Member on YouTube h...
The Anatomy of a Proxy Server | The Backend Engineering Show
August 23, 2021 19:00 - 23 minutes - 13.7 MBIn this video I’ll illustrate how a proxy server works under the hood. I Will go through how connection establishment works without a proxy, with an HTTP proxy and finally with HTTPS proxy in tunnel mode and TLS termination mode. 0:00 Intro 1:00 Connection Establishment without a Proxy 5:00 Connection Establishment with an HTTP Proxy 15:22 Connection Establishment with an HTTPS Proxy (Tunnel mode) 19:50 Connection Establishment with an HTTPS Proxy (TLS Termination) cards 16:25 https:/...
How Redis efficiently snapshots gigabytes of memory to disk (forking)
August 21, 2021 14:54 - 4 minutes - 5.28 MBI discuss the concept of process forking, copy on write (COW) aka shadowing, and how Redis the in-memory database take advantage of that for asynchronous snapshotting, https://redis.io/topics/persistence
Table Clustering (Clustered Index) - The pros and cons
August 20, 2021 06:00 - 28 minutes - 16.3 MBIn this episode of the backend engineering show, I discuss database clustering. This is also known as table clustering, clustered index or Index organized table all names represents the same thing. I will talk about the benefits of clustering and also the disadvantages of implementing clustering. This feature is also implicitly implemented in certain databases. More readings https://www.postgresql.org/docs/14/sql-cluster.html https://oracle-base.com/articles/8i/index-organized-tables https:/...
Synchronous and asynchronous workloads are everywhere
August 12, 2021 12:00 - 35 minutes - 20.3 MBIn this video, I’ll explain synchronous vs asynchronous operations and then discuss examples where this shows up. In programming, real-time messaging, database systems, and operating systems. 0:00 Definition Synchronous vs Asynchronous 4:15 sync vs async In Programming 7:50 Sync vs Async In Real-time messaging 17:00 Sync vs Async In Database Replication 23:50 Sync vs Async in Database Commits 29:30 Sync vs Async in fsync Operating System cache Become a Member on YouTube https://www.y...
CPU Throttling in the Web Server Pool - Microsoft IIS as a Backend
August 09, 2021 03:00 - 22 minutes - 21.2 MBIn this episode of the Backend Engineering show, I'll discuss the advanced section settings in the Application Pool in Internet Information Services in IIS. Chapters 0:00 Intro 0:30 What is an Application Pool 3:00 IIS Multi-processing 5:18 .NET CLR Version 6:00 32-bit apps 6:21 Pipeline Mode (CGI vs ISAPI vs Native) 8:45 Max Queue 10:18 CPU Limiting 16:00 Processor Affinity 20:00 Summary --- Send in a voice message: https://anchor.fm/hnasr/message Support this podcast: https:/...
Microsoft IIS as a Backend - CPU Throttling
August 09, 2021 03:00 - 22 minutes - 13.1 MBIn this episode of the Backend Engineering show, I'll discuss the advanced section settings in the Application Pool in Internet Information Services in IIS. Chapters 0:00 Intro 0:30 What is an Application Pool 3:00 IIS Multi-processing 5:18 .NET CLR Version 6:00 32-bit apps 6:21 Pipeline Mode (CGI vs ISAPI vs Native) 8:45 Max Queue 10:18 CPU Limiting 16:00 Processor Affinity 20:00 Summary
Partial Indexing is a double-edged Sword
August 03, 2021 03:00 - 18 minutes - 17.3 MBWhile the benefits of partial indexes can have a great impact on your database system performance, the implications are also great if misused. Let us discuss partial indexing (Also known as filtered indexes in SQL Server) Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑🏫 Courses I Teach https://husseinnasse...
Partial Indexing | Backend Engineering Show
August 03, 2021 03:00 - 18 minutes - 10.7 MBWhile the benefits of partial indexes can have a great impact on your database system performance, the implications are also great if misused. Let us discuss partial indexing (Also known as filtered indexes in SQL Server) Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑🏫 Courses I Teach https://husseinnasser.com/cou...
Turns out MySQL Statement-based Replication might not be a good idea, Lets discuss why
July 31, 2021 05:00 - 17 minutes - 16.5 MBReplication is the process of pushing changes from the master node to worker replica nodes in a database system to allow for horizontal scalability. One of the methods of replication is statement-based which is popular in MySQL. In this episode of the Backend Engineering Show, I explain why statement-based replication is actually a bad idea. Resources https://www.youtube.com/watch?v=jsWwFL_iqVM https://dev.mysql.com/doc/refman/8.0/en/replication-sbr-rbr.html https://engineering.fb.com/20...
MySQL Statement-based Replication might not be a good idea
July 31, 2021 05:00 - 17 minutes - 12.2 MBReplication is the process of pushing changes from the master node to worker replica nodes in a database system to allow for horizontal scalability. One of the methods of replication is statement-based which is popular in MySQL. In this episode of the Backend Engineering Show, I explain why statement-based replication is actually a bad idea. Resources https://www.youtube.com/watch?v=jsWwFL_iqVM https://dev.mysql.com/doc/refman/8.0/en/replication-sbr-rbr.html https://engineering.fb.com/2021/07...
Can Redis be used as a Primary database?
July 30, 2021 12:00 - 13 minutes - 8.99 MBThis episode of the backend engineering show is sponsored by my friends at RedisLabs. I’m going to break this video into three sections, we will first define features that qualify a primary database? Then we will see if Redis actually check the boxes of a primary database and finally we explore the features of Redis that take it beyond a primary database. I was personally surprised by most of those. Chapters 0:00 Intro 1:00 What Qualifies a primary database 3:00 Does Redis Check the boxe...
Why the Internet went dark for two hours - Let's discuss the Akamai outage
July 22, 2021 22:04 - 55 seconds - 863 KBThere was a two hours DNS outage on a company called Akamai that broke several services today July 22, 2021, https://appleinsider.com/articles/21/07/22/akamai-dns-problem-causing-wide-internet-issues Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🔥 Members Only Content https://www.youtube.com/playlist?list=UUMO_ML5xP23TOWKUcc-oAE_Eg Support my work on PayPal https://bit.ly/33ENps4 🧑🏫 Courses I Teach https://husseinnasser.com/courses
Microsoft IIS as a Backend - HTTP/HTTPS Bindings
July 20, 2021 22:33 - 11 minutes - 8.04 MBIIS (Internet Information Services) is Microsoft's Windows web server. It is feature-rich and very easy to enable. I have been using it for a long time but I noticed I never actually make a video about it. In this video, I'll explore the IIS binding and explain all the options in that form. I might make more videos in the future to explore different aspects of this web server. Videos mentioned Leaky abstractions https://youtu.be/4a3bI7AYsy4 HTTP/2 Limitations https://youtu.be/CUiBVTcgvB...
NodeJS July 2021 Security Releases
July 09, 2021 00:44 - 11 minutes - 7.72 MBIn today's show I go through the NodeJS Security Releases for the month of July 2021, lots of interesting vulnerabilities to discuss. 0:00 Intro 1:00 CVE-2021-22918 - libuv DNS Out of bounds Crash 3:40 CVE-2021-22921 - Node Windows installer Local Privilege Escalation 7:30 CVE-2021-27290 - ssri Regular Expression Denial of Service (ReDoS) Resources https://nodejs.org/en/blog/vulnerability/july-2021-security-releases/ https://hackerone.com/reports/1211160 https://snyk.io/vuln/SNYK-JS-...
Scaling CPU-intensive Backends - The Backend Engineering Show
July 05, 2021 06:00 - 20 minutes - 11.7 MB🧑🏫 Courses I Teach https://husseinnasser.com/courses In this episode, I’d like to discuss the methods of scaling CPU-bound or intensive workloads on the backend. This show will discuss the scaling of the workload on a single machine taking full advantage effectively of all its resources, then we will discuss horizontal scalability to multiple machines. 0:00 Intro 1:00 What do I mean by Scaling 3:20 CPU-Intensive/Bound Workload 6:00 Effective Scaling CPU-Bound Backends in Single Machin...
Should you go with an Optimistic or Pessimistic Concurrency Control Database?
July 01, 2021 21:00 - 21 minutes - 12.5 MBMongoDB, Postgres, Microsoft SQL Server, or MySQL, or any other database manages concurrency control differently. There are two methods, pessimistic and optimistic, both have their pros and cons. Let explore how different databases implement this and what is the effect on performance/scalability. This is often known as Optimistic vs pessimistic locking. Although I don't really like to use locking with this because it confuses the story. 0:00 Intro 2:20 What is Concurrency Control 6:00 Pe...
Microsoft Paid them $20k for finding one of a kind XSS bug in Edge
June 28, 2021 15:55 - 9 minutes - 6.28 MB@MrRajputHacker @Th3Pr0xyB0y found critical universal XSS (an XSS that affects the entire browser, not just one page) on Microsoft Edge. They responsibly reported the bug and detailed it in their article. Let us discuss Resources https://cyberxplore.medium.com/how-we-are-able-to-hack-any-company-by-sending-message-including-facebook-google-microsoft-b7773626e447 https://docs.microsoft.com/en-us/DeployEdge/microsoft-edge-relnotes-security https://msrc.microsoft.com/update-guide/vulnerabil...
B-tree vs B+ tree in Database Systems
June 27, 2021 19:06 - 32 minutes - 18.7 MBIn this episode of the backend engineering show I'll discuss the difference between b-tree and b+tree why they were invented, what problems do they solve, and the advantages and disadvantages of both. I'll also discuss the limitation of implementing b-tree over b+tree and how Discord ran into a memory limitation using b-tree Mongo. Check out my udemy Introduction to Database Engineering course https://husseinnasser.com/courses Learn the fundamentals of database systems to understand an...
Let’s discuss the DarkRadiation ☢️ Ransomware
June 24, 2021 03:54 - 16 minutes - 9.43 MBSSH Wormable, Written in Bash and VERY hard to detect. Let’s discuss the DarkRadiation ☢️ Ransomware. This new ransomware is cut from a different cloth. Let us discuss * SSH Wormable * Encrypts with AES (OpenSSL) * It mutates so anti-viruses can’t catch it * Bash * Still under development https://www.trendmicro.com/en_us/research/21/f/bash-ransomware-darkradiation-targets-red-hat--and-debian-based-linux-distributions.html Support my work on PayPal https://bit.ly/33ENps4 Become a Mem...
My thoughts on the ALPACA Attack (Detailed analysis)
June 22, 2021 06:00 - 42 minutes - 24.4 MBThe ALPACA attack stands for application layer protocol confusion attack and discovered by a group of German computer scientists. Let us spend some time analyzing how this attack really works and how dangerous this is. Resources https://alpaca-attack.com/ALPACA.pdf https://var.thejh.net/http_ftp_cross_protocol_mitm_attacks.pdf https://github.com/RUB-NDS/alpaca-code https://github.com/RUB-NDS/alpaca-code/blob/master/testlab/servers/files/nginx-attacker/html/upload/ftps.html https://twit...
Facebook Awarded him $30,000 for Finding a Critical Instagram Bug
June 17, 2021 16:28 - 10 minutes - 7.27 MBThis Indian computer scientist uncovered a severe bug that allows anyone to view private content. Let’s see how he did it. https://link.medium.com/goNhkJgv9gb Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5xP23TOWKUcc-oAE_Eg/join 🧑🏫 Courses I Teach https://husseinnasser.com/courses
Zero-downtime restarts
June 13, 2021 07:00 - 14 minutes - 10.1 MBIt is inevitable that a backend service will need to get restarted to pick up a new code change, configuration change, or get out of an invalid state. In this show, I'll discuss why do we need restart services and what alternative ways are there to get around it. And then I'll talk about how to achieve a zero-downtown restart and it is not straightforward as one might think. Support my work on PayPal https://bit.ly/33ENps4 Become a Member on YouTube https://www.youtube.com/channel/UC_ML5...