The Backend Engineering Show with Hussein Nasser
Episodes
The Limitations of Today's SSDs | The Backend Engineering Show
10 Apr 2022
Contributed by Lukas
Backend database applications relay on good storage systems for performance, durability and low latency. SSDs have been a great invention that changed...
Google thinks Linux is slow to reboot, so they patch it
30 Mar 2022
Contributed by Lukas
Google linux boxes have over 16 NVMe SSD PCIe Express drives.When a shutdown signal is sent to linux, the OS iterate through each NVMe and send synchr...
The cost of Hash tables | The Backend Engineering Show
29 Mar 2022
Contributed by Lukas
Hash tables are effective for caching, database joins, sets to check if something is in a list and even load balancing, partitioning and sharding and ...
Understanding Aggregate Functions Performance | The Backend Engineering Show
23 Mar 2022
Contributed by Lukas
Aggregate functions like Count, max, min, avg performance really depends on how did you tune your database for that kind of workload. Let us discuss t...
Why checking the URL won’t prevent all phishing attacks
22 Mar 2022
Contributed by Lukas
99% of phishing attacks can be avoided by looking at the URL. However this secuirty researcher proves that not enough. https://mrd0x.com/b...
Its always Microservices - The Spotify Outage Explained (March 8 2022)
18 Mar 2022
Contributed by Lukas
On March 8 2022 Spotify and Discord experienced an outage latest 2-3 hours. The reason was a configuration on the xDS formats on Google Traffic Direct...
The Many Ways of DDoS | Russia-Ukraine Cyberwar
07 Mar 2022
Contributed by Lukas
The Russia-Ukraine Cyberwar has reached a peak this past week. In this video I explain the multiple ways a Denial of Service attacks can happen and ho...
Why the next Chrome version will break websites
24 Feb 2022
Contributed by Lukas
Fundamentals of Database Engineering udemy course (link redirects to udemy with coupon) https://database.husseinnasser.com Chrome, Edge and Fire...
The Slack 2/22/22 Outage
23 Feb 2022
Contributed by Lukas
On 2/22/2022 Slack experienced a 3 hours outage from 6AM to 9AM PST because of a configuration change. That change lead to increase load to their data...
Should NodeJS Support HTTP/3?
22 Feb 2022
Contributed by Lukas
It looks like there is demand for bringing QUIC and HTTP/3 to NodeJS, someone donated $1000 dollar to make it happen. However, what are the use cases ...
Canada's Banks 2022 Outage
17 Feb 2022
Contributed by Lukas
Five major Canadian banks went offline for hours blocking access to online and mobile banking as well as e-transfers for customers. There are no repor...
Accessing SSDs through TCP - NVMe over TCP
16 Feb 2022
Contributed by Lukas
NVMe changed the game of fast SSD storage. The spec is being extended to support networked storage, I have some doubts that would like to discuss in t...
What does it take to break Bitcoin’s encryption? | The Backend Engineering Show
16 Feb 2022
Contributed by Lukas
I stumbled upon a research calculating how big of quantum computer required to break bitcoin public key encryption. It will take them 300 million quan...
NodeJS introduces HTTPS Import from URLs
14 Feb 2022
Contributed by Lukas
NodeJS introduces importing network based modules in their latest release. Importing network based modules using `https:` and `http:` is supported und...
First port your computer connects to browsing the Web | Backend Engineering Show
05 Feb 2022
Contributed by Lukas
I asked a question on my community post What port does your computer connect to when you visit google.com on your browser for the very fir...
Index page splits | The Backend Engineering Show
30 Jan 2022
Contributed by Lukas
In this episode of the backend engineering show I discuss the ramification of index page splits which results in fragmented index yielding slow query ...
Multi-tenancy architecture | The Backend Engineering Show
23 Jan 2022
Contributed by Lukas
Multitenancy refers to placing two or more clients, customers or tenants so they share a single resource. The idea behind Multitenancy is to save on r...
Is ULTRARAM a game changer? | Backend Engineering Show
19 Jan 2022
Contributed by Lukas
Scientists at the Physics and Engineering Department of the UK’s Lancaster University published a new paper describing ULTRARAM. A Low-Energy, High-...
My website went down - enom outage analysis
16 Jan 2022
Contributed by Lukas
enom my DNS registrar had an outage which took down my site husseinnasser.com lets discuss 0:00 Intro 5:00 How DNS Works 12:00 Outage report 16:...
Thoughts on Low code | The Backend Engineering Show
05 Jan 2022
Contributed by Lukas
In this episode of the backend engineering show, I’ll discuss the low code movements and their pros and cons. 0:00 Intro 2:00 Evolution of Languages...
Tech I want to explore in 2022
03 Jan 2022
Contributed by Lukas
These are some fundamental technologies that I want to explore in 2022. 0:00 The Way I learn 4:20 Database Engineering 7:00 Network Engine...
How TikTok short content is delivered through HTTP - Devtooling TikTok
29 Dec 2021
Contributed by Lukas
Welcome to another dev tools video, in this video I use dev tools to break down how Tiktok website works to pull short-form content. We will use...
An HTTP request journey to the Backend | Backend Engineering Show
23 Dec 2021
Contributed by Lukas
In this episode of the backend engineering show, I explain the journey of an HTTP request that gets initiated from a click on a link. I discuss DNS, T...
The Journey of an HTTP request to the Backend | Backend Engineering Show
23 Dec 2021
Contributed by Lukas
In this episode of the backend engineering show, I explain the journey of an HTTP request that gets initiated from a click on a link. I discuss DNS, T...
Log4DoS - New Denial of Service discovered in log4j | The Backend Engineering Show
19 Dec 2021
Contributed by Lukas
Right after the latest patch log 4j 2.16, a new denial of service vulnerability surfaced on log4j resulting in a new 2.17 patch. Let us discuss. 0:00...
Detailed analysis on the Amazon US-EAST-1 Outage - Video Podcast
18 Dec 2021
Contributed by Lukas
In this episode of the backend engineering show, we go through a deep dive to uncover the reason behind the outage on December 7th, 2021 Amazon outage...
Detailed analysis on the Amazon US-EAST-1 Outage | The Backend Engineering Show
18 Dec 2021
Contributed by Lukas
In this episode of the backend engineering show, we go through a deep dive to uncover the reason behind the outage on December 7th, 2021 Amazon outage...
The Log4j vulnerability | The Backend Engineering Show
15 Dec 2021
Contributed by Lukas
In this episode of the backend engineering show, I discuss the log4j vulnerability (CVE-2021-44228 also known as log4shell) that took the Internet by ...
Postgres HOT Optimization | The Backend Engineering Show
03 Dec 2021
Contributed by Lukas
In this episode of the backend engineering show taken from my udemy Q&A I discuss the reasons behind Postgres HOT Optimization or heap only tuple....
Postgresql index bloat | The Backend Engineering Show
11 Nov 2021
Contributed by Lukas
Postgresql database implements MVCC by creating a new row version for any update/delete/or insert. While this is a sound implementation to support con...
What is the cost of Indexing too many columns - Udemy Q&A November 2021
05 Nov 2021
Contributed by Lukas
Head to https://database.husseinnasser.com to get a discount coupon for my introduction to database engineering. In this video, I answer some o...
when indexes are useless | The Backend Engineering Show
30 Oct 2021
Contributed by Lukas
head to https://database.husseinnasser.com to get a discount coupon for my Introduction to Database Engineering course In this episode of the backend ...
The cost rolling back transactions (postgres/mysql)
21 Oct 2021
Contributed by Lukas
The cost of a long-running update transaction that eventually failed in Postgres (or any other database for that matter. In Postgres, any DML transact...
TLS and HTTPS Options in Microsoft IIS
13 Oct 2021
Contributed by Lukas
In this episode of the backend engineering show, I’ll discuss all HTTPS/TLS binding options in Microsoft IIS and also explain why every web server a...
On Graph Databases | The Backend Engineering Show
10 Oct 2021
Contributed by Lukas
I get a lot of emails asking me to talk about graph databases, so I want to start researching them, but I wanted to give you guys the framework of how...
Certificates gone bad | The Backend Engineering Show
08 Oct 2021
Contributed by Lukas
Certificates contain useful metadata including the public key, domain name, signature, etc. However, the private key can be leaked which causes the ce...
Detailed analysis on the facebook outage
06 Oct 2021
Contributed by Lukas
In this episode, I go through the Facebook detailed article regarding their October 4th, 2021 outage and discuss it in length. enjoy Facebook blog: h...
Facebook, WhatsApp, Instagram is Down here’s what might’ve caused it (early report)
04 Oct 2021
Contributed by Lukas
Quick summary of the Facebook, Instagram and WhatsApp outage on Oct 4th 2021
How Airline WIFI allows Texting but not Media in WhatsApp/iMessage
27 Sep 2021
Contributed by Lukas
In this episode I discuss my recent flight through Alaskan airlines and how they block certain services but allow only texting.
Spook.js - This will bloat Chrome even more | The Backend Engineering Show
13 Sep 2021
Contributed by Lukas
Spook.js is a new transient execution side channel attack which targets the Chrome web browser. We show that despite Google's attempts to mitigate&nbs...
SSL Striping | The Backend Engineering Show
06 Sep 2021
Contributed by Lukas
In this episode of the backend engineering show, I’ll go through the SSL Stripping attack, what caused it, what were the mitigations enforced to sol...
TCP/IP turns 40 | The Backend Engineering Show
03 Sep 2021
Contributed by Lukas
Let us take a moment to appreciate the TCP/IP design by discussing it.
gRPC over HTTP/3 is finally a thing | Backend Engineering Show
02 Sep 2021
Contributed by Lukas
The gRPC team just submitted a proposal to support HTTP/3. This is big news and we have been waiting for a long time for this. In this show, I’ll di...
KeepAlive | The Backend Engineering Show
29 Aug 2021
Contributed by Lukas
I discuss keepalive in TCP and HTTP and its pros and cons 0:00 Intro 3:28 What is KeepAlive 8:30 TCP KeepAlive 10:30 Middleboxes and Single-Path TCP ...
The Anatomy of a Proxy Server | The Backend Engineering Show
23 Aug 2021
Contributed by Lukas
In this video I’ll illustrate how a proxy server works under the hood. I Will go through how connection establishment works without a proxy, with an...
How Redis efficiently snapshots gigabytes of memory to disk (forking)
21 Aug 2021
Contributed by Lukas
I discuss the concept of process forking, copy on write (COW) aka shadowing, and how Redis the in-memory database take advantage of that for asynchron...
Table Clustering (Clustered Index) - The pros and cons
20 Aug 2021
Contributed by Lukas
In this episode of the backend engineering show, I discuss database clustering. This is also known as table clustering, clustered index or Index organ...
Synchronous and asynchronous workloads are everywhere
12 Aug 2021
Contributed by Lukas
In this video, I’ll explain synchronous vs asynchronous operations and then discuss examples where this shows up. In programming, real-time messagin...
Microsoft IIS as a Backend - CPU Throttling
09 Aug 2021
Contributed by Lukas
In this episode of the Backend Engineering show, I'll discuss the advanced section settings in the Application Pool in Internet Information Services i...
Partial Indexing | Backend Engineering Show
03 Aug 2021
Contributed by Lukas
While the benefits of partial indexes can have a great impact on your database system performance, the implications are also great if misused. Let us ...
MySQL Statement-based Replication might not be a good idea
31 Jul 2021
Contributed by Lukas
Replication is the process of pushing changes from the master node to worker replica nodes in a database system to allow for horizontal scalability. O...
Can Redis be used as a Primary database?
30 Jul 2021
Contributed by Lukas
This episode of the backend engineering show is sponsored by my friends at RedisLabs. I’m going to break this video into three sections, we will fir...
Why the Internet went dark for two hours - Let's discuss the Akamai outage
22 Jul 2021
Contributed by Lukas
There was a two hours DNS outage on a company called Akamai that broke several services today July 22, 2021, https://appleinsider.com/articles/21/07/2...
Microsoft IIS as a Backend - HTTP/HTTPS Bindings
20 Jul 2021
Contributed by Lukas
IIS (Internet Information Services) is Microsoft's Windows web server. It is feature-rich and very easy to enable. I have been using it for a long tim...
NodeJS July 2021 Security Releases
09 Jul 2021
Contributed by Lukas
In today's show I go through the NodeJS Security Releases for the month of July 2021, lots of interesting vulnerabilities to discuss. 0:00 Intro 1:00 ...
Scaling CPU-intensive Backends - The Backend Engineering Show
05 Jul 2021
Contributed by Lukas
🧑🏫 Courses I Teach https://husseinnasser.com/courses In this episode, I’d like to discuss the methods of scaling CPU-bound or intensive wo...
Should you go with an Optimistic or Pessimistic Concurrency Control Database?
01 Jul 2021
Contributed by Lukas
MongoDB, Postgres, Microsoft SQL Server, or MySQL, or any other database manages concurrency control differently. There are two methods, pessimistic a...
Microsoft Paid them $20k for finding one of a kind XSS bug in Edge
28 Jun 2021
Contributed by Lukas
@MrRajputHacker @Th3Pr0xyB0y found critical universal XSS (an XSS that affects the entire browser, not just one page) on Microsoft Edge. They responsi...
B-tree vs B+ tree in Database Systems
27 Jun 2021
Contributed by Lukas
In this episode of the backend engineering show I'll discuss the difference between b-tree and b+tree why they were invented, what problems do they s...
Let’s discuss the DarkRadiation ☢️ Ransomware
24 Jun 2021
Contributed by Lukas
SSH Wormable, Written in Bash and VERY hard to detect. Let’s discuss the DarkRadiation ☢️ Ransomware. This new ransomware is cut from a differen...
My thoughts on the ALPACA Attack (Detailed analysis)
22 Jun 2021
Contributed by Lukas
The ALPACA attack stands for application layer protocol confusion attack and discovered by a group of German computer scientists. Let us spend some ti...
Facebook Awarded him $30,000 for Finding a Critical Instagram Bug
17 Jun 2021
Contributed by Lukas
This Indian computer scientist uncovered a severe bug that allows anyone to view private content. Let’s see how he did it. https://lin...
Zero-downtime restarts
13 Jun 2021
Contributed by Lukas
It is inevitable that a backend service will need to get restarted to pick up a new code change, configuration change, or get out of an invalid state....
My thoughts on the CAP theorem
12 Jun 2021
Contributed by Lukas
CAP stands for Consistency, Availability, and Partition tolerance. Understanding the CAP theorem can help engineers make better design choices when bu...
Fastly's Outage Took Down Amazon, Reddit, Stack Overflow and many other websites (Early reports)
08 Jun 2021
Contributed by Lukas
Fastly, a very popular CDN went down and took down many services, let’s talk about what could have caused this. Resources https://status.fastly.com/...
The Backend of this Fintech Exposed Users' Personal Information - The Klarna Leak (Full Report)
08 Jun 2021
Contributed by Lukas
On May 27, 2021, Klarna, a popular fintech company has suffered a serious exposure of personal data which caused a planned outage. Resources https://t...
13 TB of Dominos Pizza India customers’ data leaked and put on the Dark Web
04 Jun 2021
Contributed by Lukas
Dominos Pizza India hacked and 13TB of customers' data is now on the dark web. https://www.indiatoday.in/technology/news/story/leaked-data-of-dominos-...
QUIC is FINALLY a Standard. RIP TCP?
03 Jun 2021
Contributed by Lukas
QUIC is officially an IETF standard after a very long time. Is this going to replace the TCP protocol? https://www.theregister.com/2021/05/31/quic_be...
why it is very hard to cancel an HTTP request
02 Jun 2021
Contributed by Lukas
In this episode of the backend engineering show, I go through the lifetime of an HTTP request and why it is extremely difficult to cancel an HTTP requ...
The Flavors of Database Replication - The Backend Engineering Show with Hussein Nasser
31 May 2021
Contributed by Lukas
In this episode, I will discuss the different types of database replication and the pros and cons of each, streaming, binary, logical, synchronous, as...
Tor’s Connection Establishment - The Backend Engineering Show with Hussein Nasser
29 May 2021
Contributed by Lukas
In this episode, I will discuss Tor’s circuit Establishment which is the core of the Tor protocol. https://svn-archive.torproject.org/svn/projects/d...
I almost Burnt out creating software engineering content on YouTube, here is what I learned
27 May 2021
Contributed by Lukas
This is an honest video about burnout and what a content creator can do to avoid it creating content on YouTube. Support my work on PayPal https://bi...
Long Polling and how it differs from Push, Poll and SSE - The Backend Engineering Show
26 May 2021
Contributed by Lukas
In this episode of the backend engineering show, I'll discuss long polling technique of backend communication. I will also touch upon Polling and Push...
The New Postgres 14 Looks Promising - The Backend Engineering Show with Hussein Nasser
23 May 2021
Contributed by Lukas
In this episode of the Backend Engineering show, we will go through the new features in Postgres 14. Here is a rundown of improvements made to the dat...
The OSI Model by Example - The Backend Engineering Show with Hussein Nasser
20 May 2021
Contributed by Lukas
In this episode of the Backend Engineering Show, I’ll explain the OSI Model with an example. I start with the physical layer which is often ignored ...
Optimizing Communication and Networking in Database Systems
18 May 2021
Contributed by Lukas
In today's show, I discuss the nature of communications in database systems and how the pattern completely changed with 3-tier web architecture. I als...
If you are using Let’s Encrypt Watch out for this
17 May 2021
Contributed by Lukas
DST Root CA X3 Expires on September 2021, a ROOT certificate that signs Let's Encrypt Certificate authority, a very popular CA. In this video, I will ...
This is why Salesforce services went down on May 11 2021
13 May 2021
Contributed by Lukas
Salesforce services went down as a result of a DNS update, let us discuss how can tiny DNS unavailability cause a severe outage of 5 hours. From sales...
How HAProxy forwards 2 Million Requests Per Second? - The Backend Engineering Show
10 May 2021
Contributed by Lukas
In this show, I go into detail on how HAProxy achieved 2 million HTTP requests per second. This is a very well-written article that discusses how the ...
The Tale of OLTP, OLAP, and HTAP in Data Warehousing - The Backend Engineering Show with Hussein Nasser
09 May 2021
Contributed by Lukas
In this show, I discuss why we have 3 data models in database systems, OLTP (Online Transactional Processing) OLAP (Online Analytical Processing), and...
This Python And NodeJS IP Address Validation Vulnerability is Severe, Watch out
04 May 2021
Contributed by Lukas
Watch this if you are using IP Address validation in both NodeJS and Python, these two libraries strip leading zeros which can lead to server side req...
These Hackers Snuck their Trojan through PING
04 May 2021
Contributed by Lukas
In this video, I’ll discuss the Pingback attack, a new clever attack that uses both DLL files through Oracle Component Interface (OCI.dll) and ICMP ...
Publish-Subscribe Pattern vs Message Queues vs Request Response (Detailed Discussions with Examples)
02 May 2021
Contributed by Lukas
In this podcast I’ll explain the message queues, the request response pattern and the publish subscribe pattern. I will also illustrate the main dif...
HTTP Code 502 Bad Gateway Explained (All its Possible Causes on the Backend)
30 Apr 2021
Contributed by Lukas
502 Bad Gateway is one of the most infamous errors on the backend, it usually means “hey something wrong with your backend server” but it doesn’...
Technical Discussion on VPNs - How VPNs Work, their benefits, and What happens when VPNs are Hacked
26 Apr 2021
Contributed by Lukas
In this episode I’ll talk about how VPN works, networking, IPSec and will also discuss the benefits of VPN and what happens when a VPN is hacked? &n...
Let us discuss the Linux Kernel community and University of Minnesota situation
22 Apr 2021
Contributed by Lukas
There is an ongoing situation with the Linux kernel community and the University of Minnesota Department of Computer Science & Engineering. We dis...
Auth0 Outage (Early report)
20 Apr 2021
Contributed by Lukas
Auth0 went down on April/20/2021 and this is the early report. Let us discuss. This incident affects: Auth0 US (PROD) (User Authentication, Machine to...
North Korean Hackers Hide Malicious Code within BMP image, Goes Undetected by AntiVirus software
20 Apr 2021
Contributed by Lukas
Let us discuss the complexity behind this trojan hack, the multi-layer approach of hiding the RAT (remote access trojan) is absolutely genius. https:...
These New WhatsApp Vulnerabilities Can Leak Images, Voice Notes, and Chat by Opening an HTML message
18 Apr 2021
Contributed by Lukas
Few vulnerabilities in WhatsApp for Andriod discovered that allow an attacker to send an HTML file attachment full access to the user's media, voice n...
A Look into Modern Leaky Abstractions - Postgres, MySQL, HTTP/2, TCP, ORMs GraphQL, N+1, Axios, git
17 Apr 2021
Contributed by Lukas
Leaky abstractions occur when the consumer of the abstraction started asking questions about certain behavior which ends up with the need to understan...
Here is what caused the Hack to PHP Source Code git Server
15 Apr 2021
Contributed by Lukas
Two weeks ago the PHP source code git server got hacked and two malicious commits were made to the source code. Since then the PHP maintainers identif...
If I wasn’t a Backend Engineer, I would pick this as my career - Q&A April 2021
12 Apr 2021
Contributed by Lukas
Light episode today let's have some fun with Q&A, I collected some questions on Twitter and YouTube community and I'm going to attempt to answer t...
Can NULLs Improve your Database Queries Performance? - The Backend Engineering Show
11 Apr 2021
Contributed by Lukas
In this episode, we will discuss NULLs in database systems. I’ll go through the following: What is Null? NULLs persistence Whether you store a 0 o...
10 Vulnerabilities to watch for When building secure backend application (OWASP recommendations)
07 Apr 2021
Contributed by Lukas
The open web application security project is a recognized entity that helps developers identify critical security vulnerabilities to build secure web ...
Browser Caching best practices, when to use no-cache vs max-age without breaking your site
07 Apr 2021
Contributed by Lukas
Caching is the hardest problem in building software, and having the browser cache is not any different. In this video, I'll discuss Jake Archibald's a...
Write Amplification Explained in Backend Apps, Database Systems and SSDs
05 Apr 2021
Contributed by Lukas
Write Amplification Is a phenomenon where the actual writes that physically happen are multiples of the actual writes desired. In this episode, I'll d...
DNS issue impacting multiple Microsoft services on April’s fool day (with Bonus content)
04 Apr 2021
Contributed by Lukas
Microsoft Had an Outage on April 1st that is caused by DNS surge, let us discuss this. Bonus I’ll also discuss the outage that happened on March 18t...
My Python CRUD App hits 2 million rows, Should I Shard my Database?
03 Apr 2021
Contributed by Lukas
Hey Hussein I have a 2 million row table used in my CRUD python app, I’m worried that as the table grow my inserts will slow down, should I consider...
cURL TLS 1.3 session ticket proxy host mixup Vulnerability
31 Mar 2021
Contributed by Lukas
Enabled by default, libcurl supports the use of TLS 1.3 session tickets to resume previous TLS sessions to speed up subsequent TLS handshakes. When us...
PHP’s Source Code hacked - Two Remote Code execution added to the Git server, let us discuss
31 Mar 2021
Contributed by Lukas
Two malicious commits were pushed to the php-src Git repository maintained by the PHP team on their git.php.net server. The c...