Architecture Weekly #186 - 1st July 2024
Welcome to the new week! Regular expressions are one of the classic examples of hate and hate relationships. Yes, it’s not a typo; hate and hate. Do you know anyone who loves or knows how to write moderately complex regex? And can they keep their skill for longer than two weeks without forgetting how to do it? Maybe this whole wave of Large Language Models is about having someone who will show us how to write regexes. Maybe we hate regular expressions so much that we don’t care about hallucinations. Still, undeniably, regular expressions are useful and powerful. Let me show you an example, but be careful; I warned you already! In my recent article, I showed an example of using Regular Expressions to filter Event Store catch-up subscriptions by event types. Thanks to that, you can reduce network traffic by getting notifications about new events. Speaking about EventStoreDB, on their blog, there’s also an interesting case study written by their customer on how they joined the Event Sourcing capabilities with Machine Learning. Intriguing, detailed write-up showing how they translated business use case into this mixture: And as we’re into Event-Driven solutions, check a nice list of common misconceptions around the guarantees you may expect from them: Sometimes, I get the feeling that I could rename this newsletter to Supply Chain Attack Weekly. Those types of attacks are getting so popular and spectacular. We talked about the tooling infiltration in the Solar Winds case and OSS maintainer injection with the xz library; today, I have the next version. The rapid pace of new improvements in JavaScript tooling required the development of custom polyfills to align implementations where environments (e.g., browser type) can’t keep up with standard enhancements. One of the most popular was Polyfill JS. It was distributed in multiple ways; one of the most popular was CDN, which is their custom CDN: cdn.polyfill.io. Yet, in February, an unexpected thing happened: a Chinese company bought the project together with the CDN domain. And now, bang! it appeared the domain was injecting the malware. It was enough to include the link to the script from the CDN. The issue was found and explained by Sansec, a company that is specialising in ECommerce security and quickly after by BleepingComputer It seems that even more CDNs were used as the attack's vector (even Cloudflare was probably used). Both Sansec and Bleeping Computer sites were targeted by DDoS attacks either to slow down the spreading of the news about the issue or as revenge. Both the most popular CDNs, Cloudflare and Fastly, are now doing the automatic redirection of the malware redirections: All of that points to the Chinese hacker group. Funnily enough, the owner claims that no malware was distributed… Ok, but as it’s the Architecture Weekly, what should we, the people responsible for architects, get out of that? Security should definitely be one of our main concerns and part of the design and implementation process. Obviously we should ensure that our dependencies are continuously updated, we should also invest in being able to quickly make deployment to guard ourselves if something like that happens. We should also use trustworthy CDNs. Of course, trust is not easy to detect. It’s also interesting how our decentralised web is decentralised in theory. Having central trustworthy vendors makes it harder to commit a breach, as they’re investing heavily in it, but… if the breach is committed, it’ll likely spread much, much further and faster. Read also about another dangerous breach made by Russian hackers: Cyber wars are definitely real nowadays and mixed precisely with geopolitics. Jumping to other industry news. Uber wrote that they're moving their Big Data and Machine Learning to Google Cloud. The article itself is not that interesting. It's mostly marketing news, but what’s the most interesting there is that they’re still using HDFS, Hadoop, and Spark, which got out of fashion recently. They’re planning to move to Google Cloud services like Google Big Query. It’s also interesting if taking such a load and popular platform will help Google increase its ML/AI adoption, which was losing publicity with GenAI advances and marketing. DataDog released their annual report on Cloud Costs: Here are the most important points from it:
The amount of wasted time on containers is crazy. Also, cross-AZ costs mean that we’re getting better at designing with redundancy, and cloud providers know how to charge us. I’m wondering what would be the real GPU usage if it wasn’t so hard to get them. Check also interesting write-ups on documenting our architectures: And check the free ebook from ScyllaDB on Database performance: I haven’t read it yet fully, but from what I skimmed so far, it’s a decent reading. Check also other links! Cheers Oskar p.s. I invite you to join the paid version of Architecture Weekly. It already contains the exclusive Discord channel for subscribers (and my GitHub sponsors), monthly webinars, etc. It is a vibrant space for knowledge sharing. Don’t wait to be a part of it! p.s.2. Ukraine is still under brutal Russian invasion. A lot of Ukrainian people are hurt, without shelter and need help. You can help in various ways, for instance, directly helping refugees, spreading awareness, and putting pressure on your local government or companies. You can also support Ukraine by donating, e.g. to the Ukraine humanitarian organisation, Ambulances for Ukraine or Red Cross. Architecture
Databases
DevOpsAI
AWS.NET
Coding LifeIndustry
Security
TriviaYou're currently a free subscriber to Architecture Weekly. For the full experience, upgrade your subscription. |
Older messages
Architecture Weekly #185 - 24th June 2024
Monday, June 24, 2024
This edition is 50 shaded of coupling! Yeah, I know how that sounds, but we discussed why coupling is not an end goal but a metric to evaluate tradeoffs. We also discussed how to actually make
Architecture Weekly #184 - 17th June 2024
Monday, June 17, 2024
It's a new Monday, the right time for the new set of software architecture materials! This time, we started with visualisations that were made right for great explanations of queuing concepts. I
Architecture Weekly #183 - 10th June 2024
Monday, June 10, 2024
To GraphQL or not to GraphQL, that's the question we started this edition. We discussed the different perspectives on that. One of the issues is authorisation management, and from that, we went
Architecture Weekly #182 - 27th May 2024
Monday, June 3, 2024
Let's start this edition with the security. We always put it as the last point, but should we? We started with a spectacular Snowflake breach. We discussed if LLMS could help to avoid it (spoiler:
Papers We Love #2 - How do committees invent? (Melvin E. Conway)
Monday, June 3, 2024
Watch now (73 mins) | Hey! 😀 In the 2nd edition of Papers We Love, we tackled the famous article Mel Conway's article where he introduced his law. You probably already know the quote: Organizations
You Might Also Like
Aspire Deployment: Course Updates (coming soon)
Wednesday, October 23, 2024
Hey, it's Milan. Just wanted to share something I'm working on as we're getting closer to the .NET 9 release. I'm working on a brand new chapter for my courses about integrating .NET
📟 Turning Old Tech Into Keychains — How to Use Android's Theft Protection Feature
Tuesday, October 22, 2024
Also: Modern Video Games Are Too Easy, and More! How-To Geek Logo October 22, 2024 Did You Know When Galoob released the "Game Genie" product in the 1990s to allow players on the Nintendo
Unlock Python's Pattern Matching, Combinatoric Iterators, SSH Scripting, and More
Tuesday, October 22, 2024
Structural Pattern Matching in Python #652 – OCTOBER 22, 2024 VIEW IN BROWSER The PyCoder's Weekly Logo Structural Pattern Matching in Python In this tutorial, you'll learn how to harness the
Daily Coding Problem: Problem #1586 [Hard]
Tuesday, October 22, 2024
Daily Coding Problem Good morning! Here's your coding interview problem for today. This problem was asked by Airbnb. An 8-puzzle is a game played on a 3 x 3 board of tiles, with the ninth tile
Mapped | The Home Price-to-Income Ratio of Large U.S. Cities 🏘️
Tuesday, October 22, 2024
The top five large US cities have a home price-to-income ratio more than double the national average of 4.7. View Online | Subscribe | Download Our App Presented by Hinrich Foundation NEW REPORT:
Ushering In
Tuesday, October 22, 2024
Netflix's Theatrical Strategy • Blade Runner vs. Elon Musk • Disney vs. App Store • Anthropic's AI PC Control • AirPods Hearing Boost Ushering In Netflix's Theatrical Strategy • Blade
Speeding up with SIMD and Go assembly
Tuesday, October 22, 2024
Plus some Go code generation magic, test parallelism, and working with Excel spreadsheets. | #528 — October 22, 2024 Unsub | Web Version Together with Ardan Labs Go Weekly A Taste of Go Code Generator
LW 155 - Optimizing Shopify Themes for Long Product Descriptions
Tuesday, October 22, 2024
Optimizing Shopify Themes for Long Product Descriptions Shopify Development news and articles
Secure Your Election 2024 eBook at the Best Value Today ⏰
Tuesday, October 22, 2024
Stay informed with our visual guide to the US Presidential Election—exclusively for VC+ members, along with additional updates. View email in browser Now Available: The Visual Guide to the US Election
Startups of The Year: How To Vote
Tuesday, October 22, 2024
Top Tech Content sent at Noon! How the world collects web data Read this email in your browser How are you, @newsletterest1? 🪐 What's happening in tech today, October 22, 2024? The HackerNoon