Architecture Weekly #57
Architecture Weekly Issue #57. Articles, books, and playlists on architecture and related topics. Split by sections, highlighted with complexity: 🤟 means hardcore, 👷♂️ is technically applicable right away, 🍼 - is an introduction to the topic or an overview. Now in telegram as well.
WARNING 🇺🇦
It's already been a year since Russia's crazy, brutal and unjustified war against Ukraine. We condemn this war and want it to stop ASAP. We continue this newsletter so you can advance your skill and help the millions of Ukrainian people in any way possible. If you want to help directly, visit this fund.
Highlights
Bitwarden design flaw 🤟
After LastPass breach, the alternatives left to the public are 1Password and Bitwarden. And looking at the latter, it is not perfect indeed. The problems include issues with low number of PBKDF2 - significantly lower than OWASP recommends - along with the fact that in case of the breach those iterations does not mean anything, as the attackers will try to decrypt the data right away, instead of guessing the master key hash. Are there any products without that problem? How to design that properly? Find in the article!
#security
Architecture Modernization Teams 🍼
The software architecture is not wine by no stretch of the imagination: it only becomes worse with time. Although organization typically recognize it, they still struggle with modernization of solutions architecture. One of the ways to resolve this struggle is a creation of an Enabling team for architecture modernization. The goals of this team includes upskilling the people, keeping the architecture momentum and facilitation of better design. Grab a long read on when to introduce AMET, how it's work looks like when you don't need that team anymore.
#architecture #strategy
Fixing Go's Linker: ARM64, DWARF and linker internals 🤟
I know, not really an architecture topic, but exciting read. So Uber's team discovered they can't debug the Golang binaries for ARM64, while the AMD64 binaries are debuggable perfectly fine. So they decided to figure out what is the issue. They discovered that due to the usage of a smaller type for function references, the linked inserts additional jumps making the functions external; thus breaking the adding of the debug symbols. The fix is a one-liner; but the journey!...
#go #compiler #investigation
Follow-Up
Multitask learning at LinkedIn 👷♂️
When you have several learning tasks that are somehow similar, it makes sense to leverage multitask learning to increase performance and quality of learning. However, with such an approach new difficulties emerge like a different set of features for tasks, different input datasets etc. LinkedIn shared a post explaining how they handle those issues with their multitask learning framework.
#ml
Types of CQRS 👷♂️
When you learn about CQRS, you typically think binary: either you have one, or you don't. Vladimir Khorikov reasons about CQRS in a gradual manner: you can indeed have no CQRS, but then you can have stage 1, 2 and three. Read the article to know the difference and when you need to apply a particular stage.
#cqrs #patterns #architecture
Scalable Annotation Service at Netflix 👷♂️
Netflix wanted to store the annotations - some metadata - for any objects of theirs: from whole movies to particular timeframes. They wanted to do that in a unified, performant and scalable fashion. So they created Marken. Read how they employed Cassandra and ElasticSearch to accomplish the goal.
#netflix #microservices #architecture #casestudy
Consumer IoT Device Cybersecurity Standards and Policies 🍼
As you know, "S" in IoT stands for Security. That's why it is so mandatory to bring some clarity to the field and introduce some standardization. Please find a report on the policies, certifications and standartization procedures in different parts of the Globe in IoT field.
#security #iot
Software Build Systems 🍼
This week I took an interview with Artem Zinnatullin about Software Build Systems. We discussed what you should expect from a good build system - performance, scalability, learning curve - and what you, as an architect of a software architect, should know about them. We also covered the evolution of build systems from Ant to Bazel and speculated about their future.
#interview #video #buildsystem
ChatGPT is a Blurry JPEG of the Web 🍼
Did you know that Xerox copying machines are not doing the direct copy? Instead they scan the document, analyze it, compress and then decompress for printing. ChatGPT is simingly doing the same - analyzing and compressing the data from the web and giving us it's own - and blurry - image of the web. But what we prefer better?
#ai