Blog‎ > ‎

Integiry, Python 3.6, Azure Cosmos, CockroachDB, Web Development, Viper, App Engine, Network Protocols

posted Jun 30, 2018, 10:44 PM by Sami Lehtinen   [ updated Jun 30, 2018, 10:45 PM ]
  • Integrity in messages and files, as there should be a clear trailer with optionally contains checksum, hash, or signature. It's always a good to have some kind of batch, message and integrity indicators. Like data level checksum or even final sum and count of rows in a batch, in a distinct format. Which makes it clear, that whole message was received and the content rows match with the trailer at least on some crude level. In worst case partial message could get through and part of data lost due to lack of proper checks. As example assuming that whole message was processed, when it was only partially processed. Of course this shouldn't be a problem, if other things are done correctly. But layered checking is at times a very good thing to do. Because you'll never know if someone has skipped some checks in the process stack, because "some other layer" will probably take care of that. And when everybody starts thinking like that. Yep, you'll already know what the end result will be.
  • Optimizations which made Python 3.6 faster than Python 3.5 (Video). It's very nice that Decimal is 40x faster in Python 3.6 than it was with Python 2.7. Because I'm naturally using a lot of Decimal's. It's also nice that ElementTree is 2x faster than it used to be. But what about JSON? Probably not, because they didn't cover than in the talk.
  • Azure Cosmos Database - Quicklyish checked it's documentation out, without actually running anything on it. Does seem pretty similar to Google Spanner and many other distributed storages, like the CockroachDB.
  • CockroachDB - Very similar to Azure Cosmos and Google Spanner. It's mostly interesting how they can manage distributed database with consistency and acceptable performance. Of course that performance for repeated actions on same objects is extremely poor, compared to non-distributed ones. But that's apples to oranges comparison. Here's reminder how they can do it without Atomic Clocks. Google Spanner use the TrueTime, which requires globally synchronized atomic clocks. This is also where the sharding comes important, because you can't increment sequentially something like a counter with distributed database, at quick pace, because there's certain time which the object is being locked with every write. -> Loop which increments counter in database, will be extremely slow compared to local implementations. But this is of course the totally wrong way of doing it. And should be avoided in these distributed cases. High Availability is of course extremely welcome feature for many environments. Distributed SQL is here to say. Also it's of course possible to do eventually consistent reads, when ever consistency isn't required. This allows very fast local reads without synchronization.
  • Web Developer Security Checklist. A nice short checklist how to develop secure and robust web applications. Encryption, Minimal Privilege, Key Store, SQL Injection, Prepared Statements, Vulnerability Scanning, Secure Development Environments, MFA, DOS and DDoS protection, Rate Limits, API protection, TLS, httpOnly, HSTS, CPS, X-Frame-Option, X-XXS-Protection, CSRF, API authentication and authorization, Input Validation, System Separation and Isolation, database, logical services, etc. Only white list small set of carefully selected hosts, restrict outgoing IP and protect traffic,  minimal access privilege for staff, rotate passwords and keys according schedule, centralized logging, IDS, no unused services or servers, audit and design, penetration testing, threat model, practice for security incidents.
  • Viper - Ethereum a new programming language. I'm familiar with the concept, but I haven't really looked into it. Maybe I could during the summer vacation or so. Or maybe not.
  • Python 3.6 support on Google App Engine - Finally, this is one of the platforms which I really like. If I need it. For most of my personal needs, cheap VPS is much more cost efficient. It's also awesome that Google App Engine (GAE) flexible environments are also available in Europe-West region. Which is of course part of Google Cloud Platform (GCP).
  • Network protocols - A very nice networking article, if you're not already familiar with Internet (IP) networking basics. Yet there was nothing new for me.