A copy (for posterity) of Steve Yegge's internal memo in Google about what platforms are and how Amazon learnt to build them

I was at Amazon for about six and a half years, and now I've been at Google for that long. One thing that struck me immediately about the two companies -- an impression that has been reinforced almost daily -- is that Amazon does everything wrong, and Google does everything right. Sure, it's a sweeping generalization, but a surprisingly accurate one. It's pretty crazy. There are probably a hundred or even two hundred different ways you can compare the two companies, and Google is superior in all but three of them, if I recall correctly. I actually did a spreadsheet at one point but Legal wouldn't let me show it to anyone, even though recruiting loved it.

I mean, just to give you a very brief taste: Amazon's recruiting process is fundamentally flawed by having teams hire for themselves, so their hiring bar is incredibly inconsistent across teams, despite various efforts they've made to level it out. And their operations are a mess; they don't really have SREs and they make engineers pretty much do everything,

Links to YouTube videos of AWS re:Invent 2018 sessions

The current list contains 438 sessions. The list will be updated regularly, at least once a day during reinvent. Last update: 2018-12-02 06:58 +00:00

Title Description Video
[NEW LANUCH!] Building modern apps using Amazon DynamoDB transactions (DAT374) DynamoDB transactions enables developers to maintain correctness of their data at scale by adding atomicity and isolation guarantees for multi-item conditional ... IMAGE ALT TEXT{:target="_blank"}
[NEW LAUNCH!] AWS License Manager Deep Dive (CMP393) AWS License Manager is a new service that makes it easy to bring your existing licenses to the AWS cloud and reduce licensing costs. This service offers a ... [IMAGE ALT TEXT]( "AWS re:Invent 2018: [NEW LA
javascript:!function(){var e,t,n;try{var o=document.querySelectorAll("div[data-name='Active Items'] div[data-asin]"),r=[["ProductID","Price","Quantity","Description","Link"].join(",")];o.forEach(function(e){var t=e.getAttribute("data-price"),n=e.getAttribute("data-quantity"),o=e.getAttribute("data-asin"),c=e.querySelector(".sc-product-link").href,a='"'+e.querySelector(".sc-product-title").textContent.replace(/"/g,'""').trim()+'"';r.push([o,t,n,a,c].join(","))}),e=r.join("\n"),t=document.createElement("textarea"),n=document.getSelection(),t.textContent=e,document.body.appendChild(t),n.removeAllRanges(),,document.execCommand("copy"),n.removeAllRanges(),document.body.removeChild(t)}catch(e){return void alert("Copy failed: "+e)}alert("Copy Successful, csv in in your clipboard")}();
List all Firefox tabs with title and URL
#! /usr/bin/env python3
List all Firefox tabs with title and URL
Supported input: json or jsonlz4 recovery files
Default output: title (URL)
Output format can be specified as argument
Spam domains that plague my email
List of AWS Service Principals
gRPC and Load Balancing

Just documenting docs, articles, and discussion related to gRPC and load balancing.

Seems gRPC prefers thin client-side load balancing where a client gets a list of connected clients and a load balancing policy from a "load balancer" and then performs client-side load balancing based on the information. However, this could be useful for traditional load banaling approaches in clound deployments.!topic/grpc-io/8s7UHY_Q1po

gRPC "works" in AWS. That is, you can run gRPC services on EC2 nodes and have them connect to other nodes, and everything is fine. If you are using AWS for easy access to hardware then all is fine. What doesn't work is ELB (aka CLB), and ALBs. Neither of these support HTTP/2 (h2c) in a way that gRPC needs.

My tips for finding security issues in GitHub projects.

GitHub for Bug Bounty Hunters

GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.

Mass Cloning

You can just do your research on, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.

$ python --org organization -o /tmp/output
Make RESTful API with Google Apps Script and SpreadSheet

Google Script CRUD

By Ryan Aunur Rassyid

Simply create RESTful API with Google Script and store it to Google SpreadSheet like a Pro.

Visa requirements for UK conferences.

First you'll want to check if you need a visa to enter the UK.

  • Nationals of the EU, Switzerland, and EEA countries will not need a visa, and are free to work and conduct business in the UK.
  • Nationals from some designated countries such as USA may travel for tourist or business purposes under a visa exemption. The link above will detail what documents you need to provide in order to travel under a visa exemption.
  • Other nationals will need a visa.

The rules for allowable business travel under a visa exemption are covered by the same rules as those travelling under a vistor visa. If you will be travelling under a visa-exemption and the conference is covering your costs in any way you should make sure to read the relevant section below.