Nelz's Blog

I recently found this article: On Being A Senior Engineer

I really liked it, and will borrow the “bulleted list” of characteristics that I will work towards myself…

• Mature engineers seek out constructive criticism of their designs.
• Mature engineers understand the non-technical areas of how they are perceived.
• Mature engineers do not shy away from making estimates, and are always trying to get better at it.
• Mature engineers have an innate sense of anticipation, even if they don’t know they do.
• Mature engineers understand that not all of their projects are filled with rockstar-on-stage work.
• Mature engineers lift the skills and expertise of those around them.
• Mature engineers make their trade-offs explicit when making judgements and decisions.
• Mature engineers don’t practice CYAE (“Cover Your Ass Engineering”).
• Mature engineers are empathetic.
• They don’t make empty complaints.
• Mature engineers are aware of cognitive biases.

This seems like a good list of ideals to work towards in the new year.

Keynote: “Frying Squirrels & Unspun Gyros” – (Yahoo)

All about HA planning

29% of DataCenter outages caused by UPS failures - point: some defenses create their own failure modes

If you solve for Datacenter-sized outages, the ‘little stuff’ is mostly taken care of

Keynote: Performance of Web vs Apps

Apps are trending to have more impact/viewship/etc than the web

Fragmentism is a scary future with Apps

“Pushing Pixels” (i.e. highly graphical apps) seems to be best served by Apps right now

Responsiveness is very compelling when considering your choice

App lifecycle (approval, etc) is MUCH SLOWER than Web

“Conditional Tier Rendering” – use Node.js to choose client/server rendering

In many scenarios, Web seems to have the advantage right now

Keynote: [Political|Commercial] [Threats|Opportunities] for Faster & Stronger Web
(Union Square Ventures)

Ops as viewed by Investors: “Speed is a feature”. Invest in it.

Why has web been so successful:

• Supportive Legislation
• Decentralized Internet
• Open Standards

Now (+ Possible Future)

• Restrictive Legislation
• Walled Gardens
• Controlled Internet

Lame claim by ISPs: “We haven’t invested enough in infrastructure, so therefore we should be able to control what crosses it.” >:-|

App: No “View Source”, No Linking

Historically Recognized Patterns in Technological Adoption: ~20 years in there’s a temporary crash while the world adapts to a structure of Networks over the older Hierarchies

Combat the threats to the internet:

• Engage (politically)
• Build!

[? slashawesome.net ?]

Keynote: Lightning Talks

Intel – Agile Application Performance Management

SNOOZE!!

Akamai – Akamai Internet Observatory

Basically, they are opening up some subsets of their data to be analyzed by the ‘open data’ community.

Example: in 60 seconds, gather 1.3 BILLION log lines

Their data should give a view of 20-30% of world internet usage

http://www.akamai.io

Compuware – UX Management

SNOOZE

Citrix – Blah blah Network Utility pitch…

SNOOZE

GoDaddy – Blah blah

Unfortunately, it seems that misogyny is a point of company pride for them.

Lightning Demos

YSlow

• now has a cmd-line version
• now open-source
• new URL: yslow.org

integrates with PhantomJS; this can then integrate with Continuous Integration tools!!!

Chrome

about://tracing

you can see low-level chrome processing info

(can help you speed up a site)

“CrRenderMain” is the proc to keep an eye on

FYI, ~16ms is how often a redraw should happen for current refresh-rates
to see examples: jankfree.com

BrowserScope

Pretty cool tool to see actual API adherence from many browsers

Changing Culture and Being a Force for Awesome… – (Jesse Robbins)

“The right culture is a requirement for survival and success at web scale.”

Bad news: changing culture takes time

Jesse’s Rule: Don’t Fight Stupid, Make More Awesome

Changing Culture:

• start small, build trust & safety
• create champions
• use metrics to build confidence
• celebrate successes
• exploit compelling events

Hack for Change

• Starting Small
• small is safe
• call it an experiment
• Creating Champions
• get exec sponsors, start @ your boss
• give *everyone else* the credit
• give ‘special status’ (e.g. pins/shirts/hats/etc)

Metrics

• find KPI that supports change
• track & use that KPI ruthlessly
• first, use it to show value
• later, use it to show cost of lagging
• tell a story with your data, not just a number

Celebrate Success

• tell a powerful story
• always be positive about people and talk about how they
• overcame a problem
• NEVER about people who created a problem
• leave room for people to come to your side
• Exploit Compelling Events

just wait, it will happen
no “I told you so”, just “what do we do now?”

re: Permission - ”No” frequently means “I don’t know how to say Yes to you“: Use creativity to hack whatever the barriers are

Wisdom of the Crowd: Real User Measurement

• “RUM”
• Look into using BOTH of these: “window.performance” and “window.onerror”
• Google Analytics has been doing for ~1 year, you may already have the data!

Leveling Up – Take Your [Ops|Eng] Role to the Next Level

Work: “It’s not just *what* you do, it’s also *how* you do it.”

Decent talk, but I didn’t take many notes. Hopefully the slides will be put up later, but this blog post from the speaker covers a lot of the same ground: http://katemats.com/2012/05/29/rocking-your-job-leveling-up/

Logging as Event Streams – (Rackspace)

Logging meets the cloud

• many multi-tenant services
• many servers across many teams

Logging is an ‘Event Emitter’ (as realized when working with Node.js)

Structured Logging

• since 1995
• many producers, many consumers
• many programming languages

JSON
pretty much all languages can use it
can set up as newline terminated
*grep* works on it
can do hierarchical data (recommended: only go 1 level deep)

Message Tags / IDs

• Easy to search for strings (I.e. “AH02571″)
• Important for internal usage, and especially for Open Source

Ref: Zipkin: Uses 64bit integer as ID

Shipping Logs

• ALWAYS write to local disk first (ALWAYS!)
• svlogd (?)
• Scribe – Abandoned by Facebook
• Flume – Hadoop focused
• syslog – Solid contender, very robust

Chose Scribe

• does bulk log mv, can buffer / retry / etc

Graylog2

• opensource
• many imports
• indexes in to ElasticSearch
• use regex to build pre-fab notification sets

Log Data: You don’t need to keep it forever

Scalable System Ops – (Tumblr)

[Note: Lots of great info in this talk, but a lot was out of my experience. (Provisioning servers, etc.) Not gonna recreate it
here, but suggest anyone interested in provisioning to look for this talk.]

“Collins” – tool to help w/provisioning

Use a lot of Unix principles when building tools

[Note: By the afternoon I was super tired and worn out, so my notes got very terse, to the point that I will only sum up what I can about the talk.]

Down With the Fancy Pants

“Complex systems fail in complex ways.”

“Premature optimization is the root of all evil.”

Basically, this talk was a caution to critically look at your stack to see if you can reduce weaknesses by removing unproven technologies.

Solving IT Issues with Differential Diagnosis

The speaker talked about his success in adopting learnings from the medical community to apply Differential Diagnosis and the Hypothetico-
Deductive Model to IT problems.

Basically, he encourages us to use more scientific rigor when trying to find the root causes of system malfunctions.

Choose Your Own Adventure

This was a very fun talk, appropriately placed at the end of the conference.

Adam brought a long experience in Ops/SysAdmin/Dev to speak about a range of topics chosen by audience members yelling out their
preference from a list of choices.

Challenges to Cultural Change

These are slides to a talk that I didn’t attend, but this echo’s a bunch of good advice from Jesse Robbins’ Keynote presentation. I’m including it because it was well recieved: http://www.slideshare.net/lnxchk/challenges-to-cultural-change

EDIT: 28 June 2300h – light editing for formatting

I started the day poorly. Even though I got in on time, I forgot to bring a notebook.

Also, I didn’t properly charge my laptop, so I couldn’t take notes with that. It took me until 10AMish before I found a notebook for jotting down my notes, so the first couple are very incomplete. Mea culpa.

Keynote by Facebook:

I found the discussion of their new hire process very interesting: ”New Hire Cave” for 6 weeks w/Mentors and fixing bugs

They also had some interesting results with iteration, even when applied to the building of their datacenters and hardware.

Keynote by Google:

Prediction APIs, giving browser hints as to ‘normal’ or expected flows

“chrome://predictions” – Chrome 20+, can see url suggestion trees

Keynote – Lightning Demos:

http://webpagetest.org

• “page speed index” = how long until pixels rendered
• PageSpeed Insights (Google)
• render order vs load order
• public as of today
• can see “critical (render) path”

http://httparchive.org

• real-life data from ‘in the wild’
• free
• see trends
• based on WebPageTest.org

Keynote – “How Complex Systems Fail”

A.k.a. How Complex Systems DON’T Fail

(Speaker comes from medical background, but research translates to what we do in Ops)

We should be programming for resilience in addition to reliability

I.e. how the operations people can use/fix/tune our apps

Design for Resilience:

• support continuous maintenance
• reveal control to operators
• show the ‘lift points’ (heavy equip analogy)
• support mental simulation
• open objects/methods
• deep six “don’t touch me”‘s

Keynote – “Broadening the User Perspective”

historically web ops have concentrated on load-times

new metrics:

• when browser starts painting
• when full screen displayed
• when window becomes interactive
• “Web Timings” spec

“Beyond CDN” – (Akamai)

Major ISPs are peering networks, secondary networks have to pay to exchange/interchange data with main ISPs
Growth Expectations in the near future:

• First Mile (Site -> Interchanges) – 20X
• Last Mile (ISP -> End User) – 50X
• Middle Mile (Interchange -> Interchange) – only 6X – THIS IS GOING TO BE BOTTLENECK!

ISPs not motivated to invest in Middle Mile, cost center

Interesting Example: The two major Brazilian ISPs hate each other, routes via Miami for interchange

“Real Time at Twitter”

monolithic app ['monorail' ] -> JVM based SOA

1st problem: ops visibility

• was all in nagios & Ganglia
• difficult to change (not responsive)

solved: created visibility stack

• self-service timings infrastructure (w/a query language?)

then abstracted out network substrate

• started as local interfaces
• evolved to remote interface

“Zipkin” – github project; trace tool

“Iago” – github project; load generation tool

“Finagle” – github project; enabled much of their SOA

“Thrift” also used as common ‘language’ between services

They started by deploying new features ‘dark’, then slowly turned up usage

“Rollbacks: The Impossible Dream”

Entire concept based on transactional db model

No One Tests: Disaster Recovery / Rollback

Preventative Design:

• Increased Resilience – less need for rollback
• DevOps – better integration b/w engineers and ops
• Small, Iterative changes
• Accept that sometimes failure happens
• TEST! – There are only a *few* things that truly “can’t be tested”
• “Assumption is the mother of all fuckups”

Ops Mythologies (“it can’t be done”) come from scar tissue – kill your myths!

“Using Node.js to Improve the Performance of Mobile Apps and Mobile Web”

radio waves suck! – vs fiber/copper

high latency requests b/c of physical movement/constraints

client-side MVC sucks

maybe we should emulate the Google homepage, which ‘barfs’ the whole site out quickly

Interesting: mobile networks try to ‘guarantee’ delivery of data once it’s actually made it to the mobile network itself

Rendering HTML vs rendering JSON have tradeoffs to be considered for mobile

“Mojito” for rendering page fragments via Node.js

“Stability Patterns” – (Michael Nygard)

[Note: this was a subset of the book "Release It!" which everyone should just buy & read]

A killer test harness would be one that throws “Out-of-Spec” errors:

• E.g. Returns MP3 instead of XML when on XHR
• E.g. … many other evil considerations

“Time to First Tweet” – (Twitter)

Moving initial load from Client-Side Rendering -> Server-Side Rendering

Performance is highly contextual

Used “Navigation Timing API” – supported by IE9, FF7, Chrome

Represents most users, pulled data from small % of users

Because they are in the middle of a Rails -> JVM change, they have a multi-language templating solution

• Templating on Client: Mustache.js -> Hogan.js
• Templating on Server: Mustache.java
• (and another C++ implementation w/ Ruby bindings)

Migrating away from HashBang

Loading JS

• CommonJS and AMD
• decouple loading from execution
• enables multiple loading times: lazy, parallel, etc
• transparent to JS developers

Layering On pushState support

• want fast in-app navigation
• want to avoid full-page refreshes in modern browsers
• keeps simple index-ability
• Best of Both Worlds!

In Browser: on click; if has History API support then intercept the click and request link via XHR

On Server: if request is via XHR send just the partial, otherwise send whole HTML page (decorate)

Cut 95th percentile by 75%

Summary

Overall, it was a pretty good day.

I think the presentations I’ve seen were pretty good. The best and most polished presentations are on all the new front-end and/or client-side tooling and techniques. The (still strong but) weakest presentations seem to be around some of the back-end and server-side techniques. I guess my critique is the tone of these presentations: they seem to be saying “this is the way we’re going”, rather than coming from a position of “we’ve done this and it was successful because of X, Y, Z.”

I actually didn’t hate the exhibit hall for this conference. For the most part the vendors seem to be staffing with actual staff, and only about 30% are resorting to ‘booth babes’. (EdgeCast and Dyn seem to be the worst ‘booth babe’ offenders. I’m considering telling them tomorrow that they lose some credibility that way. I am also considering asking the GoDaddy staff “WTF is wrong with your CEO?”)

I’m looking forward to tomorrow, but I can tell I’m going to be a zombie once the
day is over.

PS: Too tired to format this mind dump right now… Will come back and fix it up in the next couple of days.

EDIT: Formatting mostly fixed on 28 June 2300h.

Last night I had an idea. I want to support the Occupy Wall Street movement, but I don’t have the time to actually fly out to NYC to sit with everyone. But, I do have enough discretionary cash around that I could buy the flight. Why not find someone (or several someones) how is either flexibly- or un-employed, and I can send them to represent both their voices as well as mine?

I went about casting a net on my Twitter account, and I already have two potential occupiers lined up. But, from that post I also received encouragement to scale this up and accept donations.

I’ve never done this before, but I signed up for an account on WePay. I am now accepting donations if anyone wants to add their support sending people to sit with the #OWS movement.

This blog post serves as a way of providing the social proof of who is behind the donation page. If you donate and you don’t like how your money got spent, I am the guy you’re going to come talk to.

So, if you want to help have your voice, as a part of the 99%, to be heard but you don’t have the time to spare, please consider donating.

At one point in my life, I was a volunteer Firefighter/EMT. During my time working in paramedicine, I learned a valuable concept: the pertinent negative.

Let’s say you’re examining someone who fell from a height. In your report you node that yes, they had a laceration on their hand. But it is also important to note that you examined them and found no evidence of any other broken limbs. Not noting your investigation into broken limbs could mean one of two things: either you didn’t check their limbs, or you did and found nothing of concern.

By noting the pertinent negative, you clear up that ambiguity.

I find this concept incredibly useful in software. Frequently, I need a pertinent negative to do my job well. (Did that script complete without errors, or did it not even run? In a report, a 0 entry tells me that the item did fit my search criteria and it had no requests. Etc.)

I have to say that this concept of pertinent negatives keenly reminds me of how important an ‘invention’ zero was.

I recently went to my second South by Southwest Interactive (SxSW or SxSWi) in Austin, TX. If you’re not familiar with the conference, it is a 5-day internet and technology subsection of the greater SXSW conference which also has Music and Film components.

SxSWi has a long history of being a great place for cutting-edge technology makers and creators to mingle and share ideas. I personally saw, felt, and benefited from this great tradition. However, people who have been attending the conference for more than 3 years say that it has changed substantially as its influence has been recognized, and there are continually growing populations of the ‘business-y’ (read ‘douchebag’) hangers-on: marketers, salespeople, and those I think of as ‘traders in idea derivatives’. (Luckily, for my part, I was able to find a tribe of people who are actually creative and engaged in what they do, so I was able to minimize my exposure to the unsavory, financially-motivated elements.)

But not fully. There are several blog posts I’m sure I could write about the interactions between ‘the Makers’ and ‘the Sellers’, but one aspect of our differences really calls out to me for comment: business cards.

Some people can be really, really intense about business cards. (Check out this guy.) In some business cultures, not treating the business card exchange with the proper respect can end up costing you potential partners.

My impression is that at SxSW, people think of business card dispensing as a quantity-over-quality proposition. Some members (with whom I am friends) of the “How Not to Be a Douchebag at SXSW” panel (2010, 2011) panel even give advanced warnings that there are people who approach business-card delivery in this manner.

The whole business card thing is so ripe for mockery that @scottyiseri and I created a fake ‘Angel Investment’ firm, just so we could give out the fake business cards you see at the top of the post. (I ended up dispensing these cards out to friends, so they could in turn use them as a way to avoid giving their actual information to someone who was being egregiously douche-y.)

But it wasn’t the blatant card-distributors that got to me, it was the nuanced ones. After one session, I ended up with a card from a recruiter from North Carolina, and another from a small-business efficiency consultant from New Jersey. These cards were handed to me while I was having actual, pertinent conversation about the session with the card-givers. Twenty minutes later in my hotel room I was tearing the cards up and throwing them away. I had zero need for these cards.

On the plane ride home I got to thinking about those cards. I realized that every single unwanted card that ended up in my possession was a symbol of laziness: my laziness in protecting my integrity. (And I’m pretty into my integrity.) If I have absolutely no interest in your business card, and have no intent of ever trying to contact you ever again, why accept the business card? (You may say ‘politeness’, but I don’t buy it, because any ‘good’ marketer will politely bully their way into your wallet if you give them the chance.)

Going forward I have a new resolution. I will no longer passively accept business cards, I will either actively accept (less likely) or actively reject (more likely) any business card that is offered to me.

Will you join me? (Why not?)

So, I go to check some traffic stats on one of my silly sites, and I find some wierd referrers:

Both of the the Bit.ly referrers (like “forexmarket”) just resolves to this URL “www.plus500.com/SiteNotAvailable.aspx”.

It’s just a stupid banner page with a big GIF built to look like an actual web page.

What the fuck is the point? Yah, I was interested enough to investigate it, but only forensically… There is no way I would ever do any business with this place.

The other thing that frustrates me is that Bit.ly let the redirect through, even though they know it’s a spammy thing. (A couple of weeks ago when I first found these types of referrers, I tried to follow the link, but Bit.ly warned me about not-above-board behavior of the link. Why no longer?)

Also, the landing page is using Google Analytics. Does this mean all the good tools that those of us who aren’t devil-spawn are being used by they outright shitheads? I guess I know the answer, even if it does hit me right in my idealism.

For the past few months I’ve been commuting from San Francisco to Palo Alto via CalTrain, which was the impetus for me to finally get a Translink card ClipperCard. (I actually got my card right at the tail end of stock of Translink-branded cards, just before they renamed the whole system. At that time you could either order the card from the website, which was an ineffectual joke, or you could cough up five bucks and get just get a new one at your local Walgreen’s, which is what I did.)

Not that I have a whole lot to hide nor do I wear a tinfoil hat, but every once in a while I like to do a personal audit of where my privacy could be (or is) getting invaded. So, I’ve been collecting informal data points about my experience with the ClipperCard, which is what leads to this post.

What They Expect

Here is my daily paper trail (all times are approximate):

• 0800: “tag on” an inbound #14 MUNI near Duboce & Mission
• 0810: “tag on” an outbound #47 MUNI near 11th & Mission
• 0840: “tag on” at the CalTrain station at 4th & King
• CalTrain conductor scans my ClipperCard on the 0844 Southbound train
• 0926: “tag off” in Palo Alto on the Southbound side of the tracks
• 1700: “tag on” at the CalTrain station in Palo Alto on the Northbound side of the tracks
• CalTrain conductor scans my ClipperCard on the 1706 Northbound train
• 1744: “tag off” at the CalTrain station at 4th & King
• 1746: “tag on” to an inbound #47 MUNI at 4th & King
• 1800: “tag on” to an outbound #14 MUNI at 11th & Mission

Ways to Mess With the System

1. I have a monthly pass for the CalTrain. I’ve realized that my pass doesn’t ever require that I tag on and tag off, as long as it responds appropriately to the on-train scanning by the conductors.
2. The only times I’ve gotten away without being scanned by a CalTrain conductor is when the train is packed to standing-room-only because of a baseball game in the city. You might be able to sneak past the conductors, but I wouldn’t count on it.
3. Similarly to CalTrain, I don’t really need to tag on to the MUNI busses, as long as my monthly pass resolves itself to a Fare Inspector. Most of the drivers will either look at you funny or explicitly require you to least flash your card by the reader. However, you can get a beep out of the readers by placing your card on the reader, but then removing it quickly. The reader realizes there’s some kind of card in front of it, but I’m assuming it can’t figure out exactly whose card is there, so it gives an error-sounding beep. This usually satisfies the drivers. (Only once in a month of doing this did a driver shame me into fully tagging the reader.)

What They Can (Still) Learn

If I didn’t take the pains to mess with my own data, you could have a pretty good idea that I live somewhere near Duboce & Mission and that I work somewhere in Palo Alto. With further analysis (and further data that I didn’t provide here), you could also notice that on alternating Wednesdays I don’t go to Palo Alto, but I seem to take the 14 to work somewhere in downtown, probably near 3rd and Mission.

I was able to mostly obfuscate my whereabouts with regard to the MUNI surface busses, except for the occasional pedantic driver. Plus, there’s a built-in obfuscation because they don’t require a tag off. However, this obfuscation doesn’t hold if you are trying to get into one of the underground stations downtown (or BART, for that matter).

For CalTrain, I was able to obfuscate the specific stops where I get on and off, but since my monthly pass is specifically identified as a Zone 1 (SF to San Bruno) to Zone 3 (Atherton to Sunnyvale) and I use “Limited” or “Express” lines (which only service certain stations), they can still get a general idea as to where I’m located.

Additionally, if you look at the records of the conductor scans, you’ll find that on my return trip I am repeatedly found within 2 or 3 scans of specific other customers. You might be able to deduce that since I am likely coming back from work, these other people are highly likely to be my coworkers. And if these people explicitly tagged on, there’s a high probability that you now know where I got on, even though I didn’t tag on myself.

Other (Potential) Problems With the System

To use the website to add cash in addition to the loaded passes, you had to do some configuration. I didn’t recognize it as a problem at the time, but it required that you have a valid credit/bank card. A friend of mine (who had to cut up her credit cards to pursue a debt-free lifestyle) said she was basically left by the wayside with regards to the ClipperCard and the benefits of its use. (Which is becoming, more an more, mandatory for monthly pass holders.) I do not know if this is still the case, but it sounds like something the ClipperCard implementers would do.

Another thing to keep in mind is that all my travel is also hooked up to my Credit Card via the ClipperCard website. You’d have to talk to other black-hat-ier people than I to learn how vulnerable the ClipperCard site is. (As a none-too-impressed end user of the website, I am sure the implementation has plenty of security holes.)

One last thing to keep in mind is who has access to your ride records. A co-worker said he was able to get a CSV file of all his ClipperCard tag ins, just by calling the Customer Service line and the rep running a quick query to get all his activity. This means the reps probably have access to everyone’s records at their whim. I have dealt with Customer Service at ClipperCard, and I’m sure it’d be pretty easy to socially engineer one of them into giving up a whole bunch of information.

Do I Care?

What does this all mean? Well, with a little bit of effort, you could figure out where I am likely to be at several points during the week. Why do I care about this? Imagine a universe where I am a vocal proponent of a measure that takes aim at MUNI drivers’ pay, and people within the union want to find me at some point to change my mind for me… Is my data easily obtainable, especially to those within the public transit system? I think so.

Conclusion

In this exercise, I’ve tried to show just how vulnerable your personal location data can be, and how it could be used to gain some further bits of knowledge about you.

In reality, the biggest risk to the average person in the ClipperCard system are the potential for a third-party (hacker) to get your credit card and personally-identifying information. A far smaller secondary risk is having your historical transit records and patterns made vulnerable, specifically because access to this information is a lot less regulated than access to your personal financial information.