-
An amazing journey through Ruby heap memory optimization, from one of the experts at Shopify, who are heavy users of Rails. Using cleverly-timed fork(2) usage, it’s possible to optimize memory usage in a Rails app and discard a lot of performance/heap overhead caused by lazy loading and poorly-timed in-memory caching.
This very much reminds me of optimising similar issues in Perl-land, back in the day — and really helps me appreciate how easy the modern JVM world has it, in comparison. There’s a lot of complaints to be made about the complexity of optimising JVM garbage collection settings, but this kind of problem is malleable there without a fundamental architectural rewrite like this approach.
Tags: ruby performance optimisation optimization heap memory fork forking http services servers monolith rails gc
Justin's Linklog Posts
The Unbelievable Scale of AI’s Pirated-Books Problem
The Atlantic go digging in LibGen, the insanely huge collection of 7.5 million pirated books used to train Meta’s Llama LLM:
One of the biggest questions of the digital age is how to manage the flow of knowledge and creative work in a way that benefits society the most. LibGen and other such pirated libraries make information more accessible, allowing people to read original work without paying for it. Yet generative-AI companies such as Meta have gone a step further: Their goal is to absorb the work into profitable technology products that compete with the originals. Will these be better for society than the human dialogue they are already starting to replace?
Also, I found this quote from a Meta Director of Engineering in the legal discovery output interesting: “The problem is that people don’t realize that if we license one single book, we won’t be able to lean into fair use strategy”. huh.
Tags: books knowledge papers meta llama llms law piracy ip libgen genai fair-use
-
A static analysis tool for GitHub Actions, to detect several common security risks that can arise
Tags: static-analysis github security infosec github-actions ci cd building
-
EFF just posted this, “California’s A.B. 412: A Bill That Could Crush Startups and Cement A Big Tech AI Monopoly”:
California legislators have begun debating a bill (A.B. 412) that would require AI developers to track and disclose every registered copyrighted work used in AI training. At first glance, this might sound like a reasonable step toward transparency. But it’s an impossible standard that could crush small AI startups and developers while giving big tech firms even more power.
Back in the early 2000s, we wrote SpamAssassin, a machine-learning driven antispam system which was trained on user-submitted data. We tracked the attribution of every item of input used to train that system. We weren’t even a startup, we were an open source project.
If we could do it, why can’t modern AI systems? And don’t say “because the existing large language models didn’t do it” — that’s just accepting past shitty behaviour as a fait accompli.
Extremely disappointed in the current state of the EFF if this is what they think.
The right’s Covid narrative has been turbo-charged into the mainstream
“Before the next outbreak, we need a serious conversation about how to cope – but first, the more strident, misguided voices must pipe down … A different narrative has invaded the conversation: it wasn’t the virus that ruined our lives, but the response. This narrative was always there, but for a long time it stayed on the fringes. Now it’s becoming mainstream, turbo-charged by the recent successes of its political champions who typically gravitate towards the populist right. Public health experts have watched its advance with a gathering sense of doom. They know that how we respond to the next pandemic depends on how we understand the last, and that the next one is probably closer than most people think.”
I’d have to agree, and I’d also add the lab-leak SARS-CoV-2 origin hypothesis to that mix. In general, the right wing has somehow “won” the propaganda war and are able to rewrite COVID-19 history, possibly as a result of how they’ve been allowed to take over social media.
Tags: covid-19 history sars-cov-2 disease social-media media right-wing politics
“A Canticle for Leibowitz” inspired “Fallout”
A Canticle For Leibowitz is one of my favourite post-apocalyptic SF deep cuts. Here’s some top trivia —
Chris Taylor: “In the early 90s, I read all of the Hugo winners at the time. A Canticle for Leibowitz was one of my favorites. A few years later, it was one of the three major influences we used when making the original Fallout (along with [The] Road Warrior and City of Lost Children).”
Tags: leibowitz scifi sf books fallout games gaming hugo-awards
GitHub Action supply chain attack
Yikes…. Both the “tj-actions/changed-files” and “reviewdog/actions-setup”, along with many other Actions in the reviewdog scope, were compromised “with a malicious payload that caused affected repositories to leak their secrets in logs”.
the compromised reviewdog action injected malicious code into any CI workflows using it, dumping the CI runner memory containing the workflow secrets. While this is the same outcome as in the tj-actions case, the payload was distinct and did not use curl to retrieve the payload. Instead, the payload was base64 encoded and directly inserted into the install.sh file used by the workflow.
On public repositories, the secrets would then be visible to everyone as part of the workflow logs, though obfuscated as a double-encoded base64 payload. As of now, no external exfiltration of secrets to an attacker-controlled server were observed; secrets were only observable within the affected repositories themselves.
Two things:
-
The design of Github Actions, where a user is expected to depend on a random third party Github repo to not be compromised, is fundamentally dodgy.
-
Even worse, if you find a “trustworthy” version of a Github Action and use it in your CI pipeline, it now seems that the release tags on these actions are not immutable. In this attack older stable tags were redirected to point at exploited versions.
Major design flaws IMO!
Tags: ci github security builds supply-chain attacks exploits infosec
-
My Solar PV Output For 2024
A couple of years ago, I had 5.8kW of solar panels and a 5kW battery installed on my (fairly typical) Dublin house.
The tricky part with solar PV is that, while you may have a set of solar panels, these may not be generating electricity at the time you want to use it. Even with a battery, your available stored power may wind up fully discharged by 7pm, leaving you running from expensive, non-renewable grid power for the rest of the evening. And up here in the high latitudes of northern Europe, you just don’t get a whole lot of solar energy in December and January.
2024 was the first year in which (a) my panels and battery were fully up and running, (b) we were using a day/peak/night rate for grid electricity, and (c) for much of the year I had load-shifting in place; in other words, charging the battery from cheap night-rate electricity, then discharging it gradually over the course of the day, topping up with solar power once the sun gets high enough. As such, it’s worth doing the sums for the entire year to see how effective it’s been in real-world usage terms.
The total solar power generated across the year was reported from my Solis inverter as 4119 kWh.
Over the course of 2024, the entire household consumption comes to 8628 kWh. This was comprised of a fairly constant 800ish kWh per month, across the year; we still have gas-fired heating, so the winter months generally use gas energy instead of scaling up our electricity consumption.
Of that, the power consumed from solar PV was 2653 kWh (reported from the Solis web app as “annual PV to consumption”), and that from the grid was 5975 kWh (reported by the ESB Networks data feed).
So the correct figure is that 30% of our household consumption was driven from solar. This is a big difference from the naive figure of 4119/8628 = 47%; you can see that a big chunk of that power is being “lost”, due to happening at the wrong time to provide household power.
Of course, that power isn’t really “lost” — it was exported to the grid instead. This export comprised 1403 kWh; this occurred when the battery was full, the household power usage was low, but there was still plenty of solar power being generated. (Arguably a bigger battery would be worthwhile to capture this, but at least we get paid for this export.)
There was a 2%-4% discrepancy between the Solis data and that from ESB Networks; Solis reported higher consumption (6102 kWh vs 5975) and higher export (1465 kWh vs 1403). I’m liable to believe ESB Networks more though.
In monetary terms:
The household consumption was 8628 kWh. Had we consumed this with the normal 24-hour rate tariff, we’d have paid (€236.62 standing charge per year) + (8628 at 23.61 cents per kWh) = (236.62 + 8628 * 0.2361) = €2273.69.
Checking the bills received over the year, taking into account load-shifting to take advantage of day/night variable rates and the power generated by the panels, and discounting the one-off government bill credits — we spent €1325.97 — 58.2% of the non-solar price.
Here! Have some graphs:
-
I’ve started mirroring my Pinboard bookmarks to a backup Linkding instance at https://bookmarks.taint.org/ . This is partly to have a backup, and also to offer the “view by tag” view of my bookmarks and blog for public view; it seems a while back, this feature was switched to be only available for logged-in users at Pinboard, which is probably suboptimal for most users of https://jmason.ie/ .
The Linkding version at bookmarks.taint.org is running the fork at https://github.com/jmason/linkding/pull/1 , which is a couple of minor changes to make it more suitable for my purposes and closer to the Pinboard UX.
Why The Metaverse Was A Turkey
New World Notes: What Went Wrong With [Meta’s] Horizon Worlds [previously the Metaverse]? Former Meta Devs Share Surprising Insights. Sounds like it was doomed from the start:
Horizon Worlds / Workrooms, etc. is a pretty awful codebase with hundreds of people working on it. They grabbed a bunch of people from the Facebook/Instagram half of the company because they knew React. […] Horizon Worlds uses a VR version of that called “ReactVR”.
What this effectively means is that most of the people developing Horizon Worlds (HW) are 2D app developers driven by engagement metrics and retention numbers. So… HW became flooded with a ton of 2D developers who never put on the headset even test their menus, all competing to try to create the most “engaging” menu that would sell microtransactions, or drive social engagement, or make some other number look good – because that’s WHAT THEY DO at Facebook/Instagram. […]
The guy that was put in charge of Horizon Worlds needed help learning how to don the headset and launch the game after being in charge of it for 3 months.
I think that programming in HW will never work because it lacks so many of the everyday necessary features programmers need, and the spatial element gives it almost no advantage. I cannot easily work with someone on a script… it’s all scratch-style building blocks. […]
They were actively denying pull requests (code changes) that were awesome features; features that VRChat eventually put in, or Second Life already had to begin with 15 years ago.
It was dead as soon as they released it. Not a single developer thought it was ready, then when it dropped no one played it. Then, Facebook just tried to keep pumping it with “features” like little microtransaction stuff so they could say it made money.
Plus devs “automating” their dogfood testing because it was so annoying, and the CTO shouting at people not to mention kids using their app. Ouch.
Tags: vr meta funny fail horizon-worlds metaverse ouch facebook
-
Very handy jwz hack:
“Rewrite the links in an HTML file to point to the Wayback Machine instead of the original site. Attempts to use a contemporaneous version from the archive based on the file date (or earliest git date) of the HTML file. “
Goes nicely with https://www.jwz.org/hacks/#waybackify-wp , which “Runs waybackify.pl on every post and comment on your WordPress blog that is older than N years.”
I’m running this on https://jmason.ie/ now, for all posts over 10 years old.
Tags: waybackify archive.org wayback-machine urls linkrot web history via:jwz scripts wordpress
-
“Spot Optimizer is a Python library that helps users select the best AWS spot instances based on their resource requirements, including cores, RAM, storage type (SSD), instance architecture (x86 or ARM), AWS region, EMR version compatibility, and instance family preferences.
It replaces complex, in-house logic for finding the best spot instances with a simple and powerful abstraction. No more manual guesswork — just the right instances at the right time.”
Implemented as a Python lib and CLI tool.
Netgear R7800 “hnyman” firmware
OpenWRT-derived firmware for the (venerable but now classic) Netgear R7800 router/AP, which supports high bandwidth rates via hardware offload, with the addition of bufferbloat-defeating SQM traffic shaping (which the stock firmware can’t handle).
Also includes Adblock, wireguard, 6in4/6to4/6rd IPv6 NAT, and the LuCi GUI.
Might have to give this a go if I’m feeling brave…
More on SQM: https://openwrt.org/docs/guide-user/network/traffic-shaping/sqm
Tags: hnyman openwrt netgear r7800 firmware open-source hardware routers home
AI Search Has A Citation Problem
LOL, these are terrible results.
We randomly selected ten articles from each publisher, then manually selected direct excerpts from those articles for use in our queries. After providing each chatbot with the selected excerpts, we asked it to identify the corresponding article’s headline, original publisher, publication date, and URL […] We deliberately chose excerpts that, if pasted into a traditional Google search, returned the original source within the first three results. We ran sixteen hundred queries (twenty publishers times ten articles times eight chatbots) in total.
Results:
Overall, the chatbots often failed to retrieve the correct articles. Collectively, they provided incorrect answers to more than 60 percent of queries. Across different platforms, the level of inaccuracy varied, with Perplexity answering 37 percent of the queries incorrectly, while Grok 3 had a much higher error rate, answering 94 percent of the queries incorrectly.
Most of the tools we tested presented inaccurate answers with alarming confidence, rarely using qualifying phrases […] With the exception of Copilot — which declined more questions than it answered — all of the tools were consistently more likely to provide an incorrect answer than to acknowledge limitations.
Comically, the premium for-pay models “answered more prompts correctly than their corresponding free equivalents, [but] paradoxically also demonstrated higher error rates. This contradiction stems primarily from their tendency to provide definitive, but wrong, answers rather than declining to answer the question directly.”
Bottom line — don’t let an LLM attribute citations…
Tags: llm llms media journalism news research search ai chatgpt grok perplexity tests citations
llms and humans unite, you have nothing to lose but your chores
Danny O’Brien posts a nice little automation script co-written with Claude.AI which has a couple of noteworthy angles; (1) instead of scraping the Uber site directly, it co-drives a browser using the Chrome DevTool Protocol and the
playwrightPython package; and (2) it has inline requirements.txt specifications usinguvcomments at the top of the script, which I hadn’t seen before.I like the co-driving idea; it’s a nice way to automate clicky-clicky boring tasks without using a standalone browser or a scraper client, while being easy to keep an eye on and possibly debug when it breaks. Also good to keep an eye on what LLM-authored code is up to.
In the past I’ve used Browserflow as a no-code app builder for one-off automations of clicky-clicky web flows like this, but next time I might give the vibe-coding+CDP approach a go.
Tags: vibe-coding tools automation one-offs scripting web cdp google-chrome playwright claude hacks llms ai browsers
Arguments about AI summarisation
This is from an W3C discussion thread, where AI summarisation and minuting of meetings was proposed, and it lays out some interesting issues with LLM summarisation:
Sure I’m excited about new tech as the next person, but I want to express my concerns (sorry to point out some elephants in the room):
-
Ethics – major large language models rely on stolen training data, and they use low wage workers to ‘train’ at the expense of the well being of those workers.
-
Environment – Apart from raw material usage that comes with increase in processing power, LLMs uses a lot more energy and water than human scribes and summarisers do (both during training and at point of use). Magnitudes more, not negligible, such that major tech cos are building/buying nuclear power plants and areas near data centres suffer from water shortages and price hikes. Can we improve disability rights while disregarding environmental effects?
-
Quality – we’ve got a lot of experts in our group: who are sometimes wrong, sure, but it seems like a disservice to their input, knowledge and expertise to pipe their speech through LLMs. From the couple of groups I’ve been in that used AI summaries, I’ve seen them:
- a. miss the point a lot of the time; it looks reasonable but doesn’t match up with what people said/meant;
- b. ‘normalise’ what was said to what most people would say, so it biases towards what’s more common in training data, rather than towards the smart things individuals in this group often bring up. Normalising seems orthogonal to innovation?
- c. create summaries that are either very long and wooly, with many unnecessary words, or short but incorrect.
If we’re considering if it’s technically possible, I’d urge us to consider the problems with these systems too, including in ethics, environmental impact and quality.
The “normalising” risk is one that hadn’t occurred to me, but it makes perfect sense given how LLMs operate.
Tags: llms ai summarisation w3c discussion meetings automation transcription
-
AWS WAF adds JA4 fingerprinting
TIL:
A JA4 TLS client fingerprint contains a 36-character long fingerprint of the TLS Client Hello which is used to initiate a secure connection from clients. The fingerprint can be used to build a database of known good and bad actors to apply when inspecting HTTP[S] requests. These new features enhance your ability to identify and mitigate sophisticated attacks by creating more precise rules based on client behavior patterns. By leveraging both JA4 and JA3 fingerprinting capabilities, you can implement robust protection against automated threats while maintaining legitimate traffic flow to your applications.
Tags: fingerprinting http https tls ja3 ja4 inspection networking firewalls waf web
-
I could have done with knowing about this before implementing mock APNs, Huawei, Microsoft and FCM push APIs over the last few years!
An open-source tool for API mock testing, with over 5 million downloads per month. It can help you to create stable test and development environments, isolate yourself from flakey 3rd parties and simulate APIs that don’t exist yet.
Nice features include running in-process in a JVM, standalone, or in a Docker container; GraphQL and gRPC support; and fault and latency injection. https://library.wiremock.org/ is a library of pre-built API mocks other people have previously made.
Tags: mocking testing mocks integration-testing wiremock tools coding apis
-
KIP-932 adds a long awaited capability to the Apache Kafka project: queue-like semantics, including the ability to acknowledge messages on a one-by-one basis. This positions Kafka for use cases such as job queuing, for which it hasn’t been a good fit historically. As multiple members of a share group can process the messages from a single topic partition, the partition count does not limit the degree of consumer parallelism any longer. The number of consumers in a group can quickly be increased and decreased as needed, without requiring to repartition the topic.
[….] Available as an early access feature as of the [unreleased] Kafka 4.0 release, Kafka queues are not recommended for production usage yet, and there are several limitations worth calling out: most importantly, the lack of DLQ support. More control over retry timing would be desirable, too. As such, I don’t think Kafka queues in their current form will make users of established queue solutions such as Artemis or RabbitMQ migrate to Kafka. It is a very useful addition to the Kafka feature set nevertheless, coming in handy for instance for teams already running Kafka and who look for a solution for simple queuing use cases, avoiding to stand up and operate a separate solution just for these. This story will become even more compelling if the feature gets built out and improved in future Kafka releases.
Tags: kafka queueing queues architecture
-
“Hardware Acceleration for JSON Parsing, Querying and Schema Validation” —
State-of-the-art analytics pipelines can now process data at a rate that exceeds 50 Gbps owing to recent advances in RDMA, NVM, and network technology (notably Infiniband). The peak throughput of the best-performing software solutions for parsing, querying, and validating JSON data is 20 Gbps, which is far lower than the current requirement.
We propose a novel [hardware-]based accelerator that ingests 16-bytes of JSON data at a time and processes all the 16 bytes in parallel as opposed to competing approaches that process such data byte by byte. Our novel solution comprises lookup tables, parallel sliding windows, and recursive computation. Together, they ensure that our online pipeline does not encounter any stalls while performing all the operations on JSON data. We ran experiments on several widely used JSON benchmarks/datasets and demonstrated that we can parse and query JSON data at 106 Gbps (@28 nm).
(Via Rob)
Tags: accelerators papers asics json parsing throughput performance via:rsynnott
The history behind “Assassin’s Creed: Valhalla”
History Hit, the UK historical podcast company, are recording a podcast where they dig into the extensive historical background used in the various “Assassin’s Creed” videogames. This episode digs into the history which animates “Assassin’s Creed: Valhalla”, set in Britain and Ireland around 800-900CE during the time of the Great Heathen Army’s invasion, and it’s fascinating stuff.
Tags: history podcasts ireland britain vikings assassins-creed videogames games
-
Two excellent tools in one blog post.
Visidata “is a commandline tool to work with data in all sorts of formats, including from stdin”; in this example it’s taking lines of JSONL and producing an instant histogram of values from the stream:
Once visidata is open, use the arrow keys to move to the column on which you want to build a histogram and press Shift-F. Since it works with pipes if you leave the -e off the kafkacat argument you get a live stream of messages from the Kafka topic and the visidata will continue to update as messages arrive (although I think you need to replot the histogram if you want it to refresh).
On top of that, there’s kcat, “netcat for Kafka”, “a swiss-army knife of tools for inspecting and creating data in Kafka”, even supporting on-the-fly decode of Avro messages. https://github.com/edenhill/kcat
Answers for AWS Survey for 2025
The most-used AWS services; mainly SNS, SQS, and everyone hates Jenkins
Tags: aws sqs sns architecture cloud-computing surveys
-
An extremely fast Python linter and code formatter, written in Rust.
Ruff aims to be orders of magnitude faster than alternative tools while integrating more functionality behind a single, common interface.
Ruff can be used to replace Flake8 (plus dozens of plugins), Black, isort, pydocstyle, pyupgrade, autoflake, and more, all while executing tens or hundreds of times faster than any individual tool.
-
This is a decent write-up of what Amazon’s “Correction of Error” documents look like. CoEs are the standard format for writing up post-mortems of significant outages or customer-impacting incidents in Amazon and AWS; I’ve had the unpleasant duty of writing a couple myself — thankfully for nothing too major.
This is fairly similar to what’s being used elsewhere, but it’s good to have an authoritative bookmark to refer to. (via LWIA)
Tags: via:lwia aws amazon post-mortems coe incidents ops process
-
“We are dedicated to the American public and we’re not done yet”. legends!
For over 11 years, 18F has been proudly serving you to make government technology work better. We are non-partisan civil servants. 18F has worked on hundreds of projects, all designed to make government technology not just efficient but effective, and to save money for American taxpayers.
However, all employees at 18F – a group that the Trump Administration GSA Technology Transformation Services Director called “the gold standard” of civic tech – were terminated today at midnight ET.
Tags: policy government programming tech software politics 18f maga doge
-
Some interesting notes about smallpond, a new high-performance DuckDB-based distributed data lake query system from DeepSeek:
DeepSeek is introducing smallpond, a lightweight open-source framework, leveraging DuckDB to process terabyte-scale datasets in a distributed manner. Their benchmark states: “Sorted 110.5TiB of data in 30 minutes and 14 seconds, achieving an average throughput of 3.66TiB/min.”
The benchmark on 100TB mentioned is actually using the custom DeepSeek 3FS framework: Fire-Flyer File System is a high-performance distributed file system designed to address the challenges of AI training and inference workloads. […] compared to AWS S3, 3FS is built for speed, not just storage. While S3 is a reliable and scalable object store, it comes with higher latency and eventual consistency […] 3FS, on the other hand, is a high-performance distributed file system that leverages SSDs and RDMA networks to deliver low-latency, high-throughput storage. It supports random access to training data, efficient checkpointing, and strong consistency.
So — this is very impressive. However!
-
RDMA (remote direct memory access) networking for a large-scale storage system! That is absolutely bananas. I wonder how much that benchmark cluster cost to run… still, this is a very interesting technology for massive-scale super-low-latency storage. https://www.definite.app/blog/smallpond also notes “3FS achieves a remarkable read throughput of 6.6 TiB/s on a 180-node cluster, which is significantly higher than many traditional distributed file systems.”
-
it seems smallpond operates strictly with partition-level parallelism, so if your data isn’t partitioned in exactly the right way, you may still find your query bottlenecked:
Smallpond’s distribution leverages Ray Core at the Python level, using partitions for scalability. Partitioning can be done manually, and Smallpond supports:
- Hash partitioning (based on column values);
- Even partitioning (by files or row counts);
- Random shuffle partitioning
As I understand it, Trino has a better idea of how to scale out queries across worker nodes even without careful pre-partitioning, which is handy.
Tags: data-lakes deepseek duckdb rdma networking 3fs smallpond trino ray
-
Buying a good laptop. Not a new laptop, a good one.
Love this. Advice on how to pick a really solid, basic, but good second-hand laptop — tl;dr: “Buy a used business laptop. Apple or PC. Try typing on it first.”
Tags: laptops shopping secondhand hardware tips
Using dtrace on MacOS with SIP enabled
“On all current MacOS versions (Catalina 10.15.x, Big Sur 11.x) System Integrity Protection (SIP) is enabled by default and prevents most uses of dtrace and other tools and scripts based on it (i.e. dtruss).”
Wow this is really complicated. Nice work, Apple (via Tony Finch)
The Anti-Capitalist Software License
Here it is in full:
ANTI-CAPITALIST SOFTWARE LICENSE (v 1.4)
Copyright © [year] [copyright holders]
This is anti-capitalist software, released for free use by individuals and organizations that do not operate by capitalist principles.
Permission is hereby granted, free of charge, to any person or organization (the "User") obtaining a copy of this software and associated documentation files (the "Software"), to use, copy, modify, merge, distribute, and/or sell copies of the Software, subject to the following conditions:
-
The above copyright notice and this permission notice shall be included in all copies or modified versions of the Software.
-
The User is one of the following: a. An individual person, laboring for themselves b. A non-profit organization c. An educational institution d. An organization that seeks shared profit for all of its members, and allows non-members to set the cost of their labor
-
If the User is an organization with owners, then all owners are workers and all workers are owners with equal equity and/or equal vote.
-
If the User is an organization, then the User is not law enforcement or military, or working for or under either.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT EXPRESS OR IMPLIED WARRANTY OF ANY KIND, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
This is fun because it would make esr’s head explode.
Tags: licenses capitalism ethics licensing software politics anti-capitalist open-source
-
Mark Butcher on AWS sustainability claims
Sustainable IT expert lays into AWS:
3 years after shouting about Amazons total lack of transparency with sustainability reporting, here’s a list of what I think they’ve achieved:
1) They let you export a CSV for 3 lines of numbers showing your last months made up numbers that are up to 99% too low
2) Urmmm…. that’s about it
[….] I know of several very large enterprise orgs starting to proactively marginalise them (i.e. not move away 100%, but massively reducing consumption). The one’s I know about will cost them around $1 billion of spend. Is that enough to make them pay attention?
This article from Canalys in the Register says “Amazon doesn’t provide AWS-specific, location-based data, meaning: “We don’t really know how big AWS’s footprint truly is, which I think is a bit worrying.”
They follow up with “Amazon has chosen not break out data on environmental stats such as greenhouse gas emissions for AWS from the rest of the company in its sustainability reports, making it almost impossible to determine whether these emissions are growing as they have been for its cloud rivals.”
Interesting isn’t it… if they were actually as sustainable as they pretend, you’d expect them to share open and honest numbers, instead what we get are marketing puff pieces making what seem like invented PUE claims backed by zero evidence.
Elsewhere he notes “AWS customers are still unable to natively measure actual power consumption, report on actual carbon emissions, report on water usage. This’ll make life interesting for all those AI companies subject to legislation like the EU AI Act or needing to report to the EED and similar.”
(Via ClimateAction.tech)
Tags: climate-change aws sustainability pue reporting amazon cloud datacenters emissions
Europe begins to worry about US-controlled clouds
Interview with Bert Hubert about this major supply chain issue for EU governments:
The Register: In the US, the argument against China supplying network hardware [was] based on the concern that the Chinese government can just order China-based vendors to insert a backdoor. It sounds like you’re saying that, essentially, an analogous situation exists in the US now.
Hubert: Yeah, exactly. And that has been the case for a while. I mean, this is not an entirely new realization. The thing that is making it so interesting right now is that we are on the brink of [going all-in on Microsoft’s cloud].
The Dutch government is sort of just typical, so I mention it because I am Dutch, but they’re very representative of European governments right now. And they were heading to a situation where there was no email except Microsoft, which means that if one ministry wants to email the other ministry, they have to pass it by US servers.
Which leads to the odd situation that if the Dutch Ministry of Finance wants to send a secret to the Dutch National Bank, they’d have to send someone over with a typewriter to make it happen because [the communications channel has been outsourced].
There’s nothing left that we do not share with the US.
Tags: supply-chains clouds eu us politics geopolitics backdoors infosec security europe
-
Subtrace is “Wireshark for your Docker containers. It lets developers see all incoming and outgoing requests in their backend server so that they can resolve production issues faster.”
- Works out-of-the-box
- No code changes needed
- Supports all languages (Python + Node + Go + everything else)
- See full payload, headers, status code, and latency
- Less than 100µs performance overhead
- Built on Clickhouse
- Open source
Looks like it outputs to the Chrome Dev Console’s Network tab, or a facsimile of it; “Open the subt.link URL in your browser to watch a live stream of your backend server’s network logs”.
It may be interesting to try this out. (via LWIA)
Tags: subtrace tracing wireshark debugging docker containers ops clickhouse open-source tools tcpdump
-
Hollow is a java library and toolset for disseminating in-memory datasets from a single producer to many consumers for high performance read-only access.
Hollow focuses narrowly on its prescribed problem set: keeping an entire, read-only dataset in-memory on consumers. It circumvents the consequences of updating and evicting data from a partial cache.
Due to its performance characteristics, Hollow shifts the scale in terms of appropriate dataset sizes for an in-memory solution. Datasets for which such liberation may never previously have been considered can be candidates for Hollow. For example, Hollow may be entirely appropriate for datasets which, if represented with json or XML, might require in excess of 100GB.
Interesting approach, though possibly a bit scary in terms of circumventing the “keep things simple and boring” rule… still, a useful tool to have.
Tags: cache caching netflix java jvm memory hollow read-only architecture systems
Yahoo Mail hallucinates subject lines
OMG, this is hilarious. What a disaster from Yahoo Mail:
A quick Google search revealed that a few months ago Yahoo jumped on the AI craze with the launch of ”AI-generated, one-line email summaries”. At this point, the penny dropped. Just like Apple AI generating fake news summaries, Yahoo AI was hallucinating the fake winner messages, presumably as a result of training their model on our old emails. Worse, they were putting an untrustworthy AI summary in the exact place that users expect to see an email subject, with no mention of it being AI-generated ?
write hedging in Amazon DynamoDB
“Write hedging” is a nice technique to address p99 tail latencies, by increasing the volume of writes (or in the case of read hedging, reads):
Imagine you want a very low p99 read latency. One way to lower tail latencies is to hedge requests. You make a read request and then, if the response doesn’t come back quickly enough, make a second equivalent hedging request and let the two race. First response wins. If the first request suffered a dropped network packet, the second request will probably win. If things are just temporarily slow somewhere, the first request will probably win. Either way, hedging helps improve the p99 metrics, at the cost of some extra read requests.
Write hedging has a little more complexity involved, since you want to avoid accidental overwrites during races; this blog post goes into some detail on a technique to do this in DynamoDB, using timestamps. Good stuff.
(via Last Week In AWS)
Tags: via:lwia aws dynamodb write-hedging read-hedging p99 latencies tail-latencies optimization performance algorithms
-
I’m pretty happy with my current setup for the home network, but this is one I’ll keep in the back pocket for future possible use:
[Tailscale Docker Proxy] simplifies the process of securely exposing services and Docker containers to your Tailscale network by automatically creating Tailscale machines for each tagged container. This allows services to be accessible via unique, secure URLs without the need for complex configurations or additional Tailscale containers.
Tags: docker tailscale containers home networking