Welcome to All Cloud, No Cattle Weekly #12: Let It Burn
Tech
OVH: Major Incident Impacting Strasbourg DataCenter
• At 00:47 CET on Wednesday 10 March 2021, a fire broke out in a room at one of our four OVHcloud data centers in Strasbourg (SBG2).
SBG1 and SBG2 are major European data centers, hosting some really important services. Their loss hurts quite a bit.
SearchEngine Journal has a good running list of the services affected.
It Can Happen to You: Accidentally Quadratic
Matt Keeter:
I’d encourage you to read the whole thing, but in short, GTA Online had accidentally quadratic performance when parsing a large JSON blob (due to repeated calls to strlen); fixing this improved loading time by almost 70%.
“Accidentally quadratic” just became an instant favorite for me. Right up there with “fractal wrongness.””
Our journey from a Python monolith to a managed platform
Naphat Sanguansin on the Drobox tech blog:
Likewise, in production, the fate of their endpoints was tied to every other endpoint, regardless of the stability, criticality, or level of ownership of these endpoints.
Their journey is amazing, but this puzzled me. Monolithic codebases do not necessarily need to be run monolithically in production; you can run canaries dedicated to specific endpoints.
@racheltrue trips on an iCloud bug
Type error: cannot set value
trueto propertylastName
It’s a cheap shot to say that there’s an xkcd for everything here, but even more to the point I’m reminded about Falsehoods Programmers Believe About Names.
In this case, the code didn’t properly handle the possibility that “True” could actually be someone’s name.
Javascript is a hell of a drug.
git/banned.h
1
2
3
4
5
6
/*
* This header lists functions that have been banned from our code base,
* because they're too easy to misuse (and even if used correctly,
* complicate audits). Including this header turns them into compile-time
* errors.
*/
A great list of C funcs that inevitably lead to security sadness, and I love that GitHub (true to their ethos) makes this public.
Half of curl’s vulnerabilities are C mistakes
Daniel Stenberg, appearing here for the second time in less than a month:
Possibly due to the slightly different question, possibly because I’ve categorized one or two vulnerabilities differently, possibly because I’m biased as heck, but my count end up at:
51 out of 98 security vulnerabilities are due to C mistakes. That’s still 52%.
The initial phrasing makes it sound like “C mistakes” are the primary cause of all historically reported vulnerabilities in curl, when it’s really just the majority of still open vulnerabilities.
Henry G. Baker Archive
Mark Dominus:
I discovered Baker’s writing probably in the early 1990s and immediately put him on my “read everything this person writes” list. I found everything he wrote clear and well-reasoned. I always learned something from reading it. He wrote on many topics, and when he wrote about a topic I hadn’t been interested in, I became interested in it because he made it interesting.
Sometimes I thought Baker was mistaken about something. But usually it was I who was mistaken.
Baker’s website was one of the first truly useful and interesting sites I really remember, and it’s just a couple of pieces short of being a proper blog long before blogs were a thing. It warms the heart to know it’s been archived.
It used to be quite common to mirror your friends’ and colleagues’ websites to ensure their posterity, and that’s a social side of the web that sadly has gone by the wayside.
Perhaps I’ll take a moment this week and archive Stuart Cheshire’s site.
Grab Bag
Computational tools reveal secrets of 17th-century sealed letter
Researchers at Leiden University:
The team solved the problem of how to read a sealed letter without damaging it through the use of X-ray microtomography, an advanced scanning technology. A series of thousands of scans isolated the exact position of iron particles in the ink, thus making the writing visible. A computer-controlled algorithm, which itself took four years to develop, was then employed to piece these scans together like a massively complicated 3D jigsaw, allowing the letter to be virtually unfolded.
Absolutely crazy.