Experimental Security Analysis of a Modern Automobile

December 2, 2015July 27, 2017 ~ adriancolyer ~ 1 Comment

Experimental Security Analysis of a Modern Automobile - Foster et al . 2010 Today's paper gives us a frightening insight into the (lack of) security of the distributed computing systems controlling modern cars. The results described were obtained from testing a 2009 model year car. Surely today's cars are better than this? In the UK, … Continue reading Experimental Security Analysis of a Modern Automobile

The geometry of innocent flesh on the bone: Return-into-libc without function calls (on x86)

December 1, 2015July 27, 2017 ~ adriancolyer ~ 5 Comments

The geometry of innocent flesh on the bone: Return-into-libc without function calls (on x86) - Shacham 2007 Yesterday we saw that Data Execution Prevention W⊕X is one of the widely deployed defenses against code corruption attacks. Today's paper teaches us why that defense isn't as useful as it first appears! We present new techniques that … Continue reading The geometry of innocent flesh on the bone: Return-into-libc without function calls (on x86)

SoK: Eternal War in Memory

November 30, 2015July 27, 2017 ~ adriancolyer ~ 1 Comment

SoK: Eternal War in Memory - Szekeres et al. 2013 SoK stands for 'Systematization of Knowledge' - and in this case Szekeres et al. provide a wonderful conceptual framework and overview of memory corruption attacks and the defenses against them. As you'll see, defending against these attacks is non-trivial - especially if you are concerned … Continue reading SoK: Eternal War in Memory

Optimizing Hash-Array Mapped Tries for Fast and Lean Immutable JVM Collections

November 27, 2015July 27, 2017 ~ adriancolyer ~ 9 Comments

Optimizing Hash-Array Mapped Tries for Fast and Lean Immutable JVM Collections - Steinforder & Vinju, 2015 You'd think that the collection classes in modern JVM-based languages would be highly efficient at this point in time - and indeed they are. But the wonderful thing is that there always seems to be room for improvement. Today's … Continue reading Optimizing Hash-Array Mapped Tries for Fast and Lean Immutable JVM Collections

Asynchronous Complex Analytics in a Distributed Dataflow Architecture

November 26, 2015July 27, 2017 ~ adriancolyer ~ 7 Comments

Asynchronous Complex Analytics in a Distributed Dataflow Architecture - Gonzalez et al. 2015 Here's a theme we've seen before: the programming model offered by large scale distributed systems doesn't always lend itself to efficient algorithms for solving certain classes of problems. In today's paper, Gonzalez et al. examine the growing gap between efficient machine learning … Continue reading Asynchronous Complex Analytics in a Distributed Dataflow Architecture

FIT: A Distributed Database Performance Trade-off

November 25, 2015July 27, 2017 ~ adriancolyer ~ 1 Comment

FIT: A Distributed Database Performance Trade-off - Faleiro & Abadi, 2015 If the CAP FITs... This paper presents the FIT trade-off for distributed transactions: you can have any two of Fairness, (strong) Isolation, and Throughput, but not all three. Which also implies you can have both strong isolation and high throughput! As a consequence of … Continue reading FIT: A Distributed Database Performance Trade-off

GD-Wheel: A Cost-Aware Replacement Policy for Key-Value Stores

November 24, 2015July 27, 2017 ~ adriancolyer

GD-Wheel: A Cost-Aware Replacement Policy for Key-Value Stores - Li & Cox 2013 One of the wonderful things about reading papers and being exposed to lots of different problems and their solutions is that you never know when an idea might resurface and be useful in a new context or challenge you are facing. Yesterday … Continue reading GD-Wheel: A Cost-Aware Replacement Policy for Key-Value Stores

Hashed and Hierarchical Timing Wheels: Data Structures for the Efficient Implementation of a Timer Facility

November 23, 2015July 27, 2017 ~ adriancolyer ~ 4 Comments

Hashed and Hierarchical Timing Wheels: Data Structures for the Efficient Implementation of a Timer Facility - Varghese & Lauck 1987 Yashiro Matsuda recently wrote a blog post describing Apache Kafka's use of Hierarchical Timing Wheels to keep track of large numbers of outstanding requests. In the Kafka use case, each request lives in a 'purgatory' … Continue reading Hashed and Hierarchical Timing Wheels: Data Structures for the Efficient Implementation of a Timer Facility

Moving Fast with Software Verification

November 20, 2015July 27, 2017 ~ adriancolyer ~ 3 Comments

Moving Fast with Software Verification - Calcagno et al. 2015 This is a story of transporting ideas from recent theoretical research in reasoning about programs into the fast-moving engineering culture of Facebook. The context is that most of the authors landed at Facebook in September of 2013, when we brought the INFER static analyser with … Continue reading Moving Fast with Software Verification

Fail at Scale & Controlling Queue Delay

November 19, 2015July 27, 2017 ~ adriancolyer ~ 4 Comments

Controlling Queue Delay - Nichols & Van Jacobsen, 2012, and Fail at Scale - Maurer, 2015 Fail at Scale (Maurer) Ben Maurer recently wrote a great article for ACM Queue on how Facebook achieves reliability in the face of rapid change: To keep Facebook reliable in the face of rapid change we study common patterns … Continue reading Fail at Scale & Controlling Queue Delay