mADDy's BLOG !

.engineer .hacker .gamer
You can mailme,tweetme,yahoome,facebookme anytime , anywhere ! Find me at Pace Wisdom Solutions
Recent Tweets @madhukarah

One of the questions we always get asked at meet-ups and conversations with other engineers is, “what’s your stack?” We thought it would be fun to give a sense of all the systems that power Instagram, at a high-level; you can look forward to more in-depth descriptions of some of these systems in… Read More

So, you’re hosted in a single zone, and if you’re in US-East presumably went down last night. Stop it. AWS has seven regions across the world, three of which are in the US. Each region is split in up to five avaliabilty zones.

You need to use more than just mulitple zones if you want to stay up…

Read More

Password hashing best practice (TL;DR use bcrypt) has been a bit in the spotlight recently.

There has been a natural progression in the blogosphere as it tracks LinkedIn’s shame.  Yes you should use a password hash function with integrated salting e.g. bcrypt or scrypt.  Yes its scary reading developers comment as they fuddle through trying to invent their own solution in the comments to stories.

And that blogosphere progression has now reached 2-factor authentication.  This just slipped in from an expert (who downplayed salt; yes, stretching is critical, but you would be crazy to stretch without salting too):

But the real answer is things like two-factor authentication with smart phones. Two factor authentication seems like the answer to me. I think ten years from now this is going to be a common approach. [Thomas H. Ptacek]

Its a step in the right direction of course.  But a chain is as weak as the weakest link and phone companies are very weak links indeed:

Read More