Profile picture
Colm MacCárthaigh @colmmacc
, 30 tweets, 5 min read Read on Twitter
O.k., tweet-thread time! We have to to talk about constant-time systems! You might think that's all about cryptography and security, but actually this is about availability! Bonus content: Maxwell's Daemon. It's good stuff! NO REFUNDS.
O.k. so some basics ... constant-time algorithms, code, designs, whatever are often notated as O(1) ... which means that there's no relationship between the time taken and the input. For example a pregnancy is O(1), whether you're pregnant with one kid, or twins or triplets.
O(1) is often also short-hand for constant-work; where we spend the same amount of energy or whatever, no matter the inputs/outputs.
Being O(1) often matters for cryptography and security. For example if you check a password sequentially ...

for (int i = 0; i < pwlen; i++) {
if (input[i] != pw[i]) {
return FAILURE;
}
}
return SUCCESS;

that's not O(1) ... and it's bad.
it's bad because it takes longer to run if the password nearly matches, and attackers can measure that, and this is the classic example of a side-channel, and byte by byte they can totally crack your password like this just by measuring time.
The fix is to make it O(1) with awful bitwise operations. It's ugly and mean and hard to follow, but something like:

difference = 0;
for (int i = 0; i < pwlen; i++) {
difference |= pw[i] ^ input[I];
}
return difference == 0;

don't worry if you don't understand this.
Anyway, so Crypto people have been studying this for a long time. Our Automated Reasoning Group built a tool to analyze code and tell you if it's O(1) ... or how close it is ... github.com/awslabs/s2n/tr…
But it turns out that O(1) patterns matter for distributed systems and availability EVEN MORE! Completely unrelated fields really, it's surprising, so let's dig in ...
O.k. so imagine a very simple control plane. Let's say you have a bunch of servers and they do things for customers and their users. Customer gets some knobs and dials, a configuration they can edit. This is lots and lots of web services.
So customer makes a change. What do we do? Well it goes to an API, and that API produces a diff or a delta or whatever you want to call it and sends it to the servers. The servers then apply the patch, and the new config is in place. SIMPLE, RIGHT?
Well, no, sometimes servers are down and errors happen, so you need a workflow engine to drive retries. Oh and that implies you have some way to tell if the change even made it there, so you need a poller or a pusher or something to monitor config propagation status. YOU GET ME.
But then we build all that, and it works, and changes get integrated and customer configs change in seconds, and WE'RE GOOD, RIGHT?
We're good until one day we're not. Imagine a big event happens, maybe a power outage, or a spike on the internet due to the Super Bowl or something, and for whatever reason a bunch of customers all try to make changes at the same time?
The API gets choked, the workflow gets backed up, the status monitors start to lag. OUCH. Even worse, some customers start undoing their changes because they don't see them happening quickly. Now we have pointless changes stuck in the system that no-one even wants!! OUCH OUCH.
Now, let's try a much better, O(1) control plane. DUMB AS ROCKS. Imagine if instead that the customer API pretty much edits a document directly, like a file on S3 or whatever. And imagine the servers just pull that file every few seconds, WHETHER IT CHANGED OR NOT.
This system is O(1). The whole config can change, or none of it, and the servers don't even care. They are dumb. They just carry on. This is MUCH MUCH more robust.
It never lags, it self-heals very quickly, and it's always ready for a set of events like everyone changing everything at once. The SYSTEM DOES NOT CARE.
This is how we build the most critical control planes at AWS. For example if you use Route 53 health checks, or rely on NLB, or NAT GW, the underlying health statuses are *ALWAYS* being pushed around as a bitset. ALWAYS ALWAYS.
A few statuses can change (which is normal), and the system reacts, or they can ALL change, and it will react just the same (which is abnormal). We could have lots of targets suddenly disappear .... break ...
"I felt a great disturbance in the Force, as if millions of voices suddenly cried out in terror and were suddenly silenced. I fear something terrible has happened."
... end break ... and the system does not care or even know how many changed! It just works. Very very reliable, and unde-rapreciated.
BONUS CONTENT: O.k., what does this have to do with Maxwell's Daemon? WHAT EVEN IS THAT? Well the first kind of constant time problem, for crypto, is an example of minimizing information theoretical entropy. It's about minimizing perceptible disorder and what is computable.
The second is more like traditional thermodynamic entropy. With a constant-time control plane, we're trying to build a system that has a constant temperature, because it's always doing the same amount of work.
Ok now if I lost you with that, here's the simple version: when systems change a lot, they undergo stress, and getting stressed at the worst times, like under attacks or in the middle of outages, is really bad. At a high level these problems are the same.
And it turns out at a low level they are the same too! Information theoretical entropy, which is all about computability and bits, can be related to thermodynamic entropy, which is all about energy and work!
How? Well Maxwell proposed a thought experiment that showed a problem with thermodynamics. He imagined two rooms side by side, at even temperatures. He posited that a daemon, a ghost, could open a door between the two rooms and let faster moving molecules over to one side.
This sort of disproved existing thermodynamics, because the work it takes to open a door like that is less than the energy transferred due to the faster molecules changing sides. This was unresolved for a long time ... UNTIL ...
A bunch of folks showed that you don't just open the door, you have to observe and predict, and therefore COMPUTE, the position of the molecule. THIS TAKES ENERGY ... and they showed that the energy it takes is at least equivalent to the difference.
So in a big old nuts, strange-loop sort of way, these completely unrelated things are totally the same at both a MACRO and MICRO level. This blows my mind .... but may also make no sense ;-)
O.k. that's it, and AMA if you want! Oh and @threadreaderapp please unroll this mess I made.
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Colm MacCárthaigh
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @colmmacc see all

Profile picture
Another year, another bit closer. I'll never stop being amazed at just how bad Google is at AI and what they'll throw out there!
These lyrics composer and category errors have persisting for 8 years now, that I've been tracking. I give feedback every time I see one.
Previously:

, ,
Read 3 tweets
Profile picture
Last tweet thread of the year is a meta-one! I'm going to round up the most popular tweet threads I've done. Coming in at number 1: the most popular, by far, was all about how to generate and use random numbers safely.
Number 2: all about the quirks and delight of the modern Irish presidency. Éire Abú!
Number 3: All about TLS1.3 and why it's better:
Read 12 tweets
Profile picture
Very serious question: Are there AWS services that you think are missing? What new infrastructure, security, or data service would you most like to see us build? Here's why I'm asking ...
Every 5 years or so I look around and try to pick an area to work on, and then commit and persist. 10 years ago it was to build our edge: CloudFront, Route 53, and anti-DDOS. 5 years ago I moved to ELB and ended up building VPC Networking, HyperPlane, TLS, Cryptograpy and more ..
Time for another look around! I have some ideas myself already, mostly crazy, I'm curious about thoughts and suggestions from folks here.
Read 3 tweets

Related threads

Profile picture
Very Brief Introduction to the Blockchain Technology #Thread
Before I proceed, please note, I do not have formal training on the subject matter. The knowledge is from research and thousands of blockchain articles I have ghostwritten. Hence, feel free to chip in your bit. The world is tending towards disruptive technologies, let's join.
In recent times, particularly between 2009 and now, the blockchain technology has continued to attract attention. Let's go back to 1990 when the internet was made public, the truth is that the technology at the time was faced with a lot of criticisms & skepticism, to the extent
Read 28 tweets
Profile picture
#THREAD
How CBI Special Director Rakesh Asthana compromised the security and lives of millions of Indians under the #SmartCities project by collaborating with shady foreign spy firms who could now exploit our sensitive police data & other realtime info.
gginews.in/picture-intell…
Rakesh Asthana then Police Commissioner was involved in deploying very sensitive Forensic Criminal Investigation Sys requiring real-time intelligence gathering working in sync with police database. Given the nature of work & risks involved it must be handeled carefully. Was it?
“The Face Recognition System & Forensic Criminal Investigation System can offer our police department the much required real-time intelligence to ensure safety of our city and its citizens. We can now proudly say that Surat Safe City is India’s first Safe City.”
- Rakesh Asthana
Read 13 tweets
Profile picture
Starting "Voices without Frontiers" #VoicesIWS
A program by @IWS_Network to promote awareness about the challenges & lessons learned by #Immigrant and #International #WomenInScience

I was born & raised in Chicoral, Colombia. A tiny town in the middle of the Andes Cordillera.
I attended Nuestra Señora del Rosario school, located in Espinal, 15Km away from Chicoral. Due to the high heat by noon, all schools start really early back home. This meant, I had to wake up at 5am to attend school every morning since I was 4 years old. #VoicesIWS
I did well in math and science in elementary and high school, so I chose to study clinical microbiology. Although coming from a low-middle income family, I was able to attend university, thanks to my parents’ effort to prioritize education over other commodities. #VoicesIWS
Read 40 tweets
Profile picture
How To Create (or Find) A Hot Product or Service and Make Millions Selling It

#Thread.
You want to make money with your proposed business?

Before you even think of an idea, there are things you must be mindful of.

1. Choose an industry or sector that you will enjoy, genuinely want to help in or wouldn't mind working in.
In order words, choose an industry that wouldn't make you want to put a gun in your mouth and blow your brains out.

An industry is just a collection of different pockets (markets) of people.
I was privileged to know the late Mr. Isaac Durojaiye, founder of DMT Mobile Toilets.
Read 29 tweets
Profile picture
How To Judge A Book (or Course or Training) You Pay For

#Thread.

In 2009, a friend of mine made =N=1.4 million selling a 5 page ebook he had written.

It showed how one could get a laptop for =N=15,000 . Laptops sold for =N=70/80,000 back then so it was a draw and it was real.
He ran an ad, explaining the specs of said laptop and how you could buy his ebook and learn the strategy (a form of MLM).

Anyways, I was speaking at an event last year and shared the story. A member of the audience who bought that met me and said he didnt use the info because...
the ebook was just 5 pages. In his words, "why would he charge so much for 5 pages"? (it sold for =N=3,000).

It made me laugh because as I said to him, "Who cares how pages it is as long as it achieves for you the real reason why you bought it" it was clear to me this guy...
Read 12 tweets
Profile picture
Minhas senhoras e meus senhores, a transferência do Infarmed para o Porto, um processo político português.

/thread

#infarmed
2/ No dia 20 de Novembro de 2017 é anunciado que Amesterdão ganhou a deslocalização da Agência Europeia do Medicamento a partir de Londres. Ganhou por moeda ao ar na disputa com Milão. Portugal tinha candidatado o Porto após inicialmente ter proposto e trabalhado por Lisboa.
3/ Foi polémico Portugal ter escolhido Lisboa para ser candidata. Foi polémico Portugal ter alterado a cidade candidata para o Porto a pouco tempo do final do prazo da candidatura. Seguiu-se acalorado debate entre centralistas e descentralistas enquanto não saía a decisão.
Read 106 tweets

Trending hashtags

#PrecisionMedicine #ConversationlaMarketing #AfricaCareerChat #Ruleoflaw #perish #MarketingStrategy #InfluencerMarketing #boundaries #Poland #mom #Ecuadorian #email #PhD #Resisters #AltGov #Communication #WomeninSTEM #hispoorteachers #HappyNewYear2019 #ContentMarketing #storytelling #infarmed #human #relationships #tugão

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($3.00/month or $30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!