Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Stripe CTF 3.0 - Follow Up

Bogdan Gaza
July 01, 2014
Programming
1
120

Stripe CTF 3.0 - Follow Up

From BigData Meetup #4 - Timisoara, June 2014

Bogdan Gaza

July 01, 2014
Tweet

More Decks by Bogdan Gaza

See All by Bogdan Gaza
Continuous delivery pipelines using Python and Docker
hurrycane
1
490
RailsGirls Timisoara - Web Applications
hurrycane
2
62
Real time webapps using python
hurrycane
3
170

Other Decks in Programming

See All in Programming
ある日突然あなたが管理しているサーバーにDDoSが来たらどうなるでしょう?知ってるようで何も知らなかったDDoS攻撃と対策 #phpcon.2024
akase244
2
6.9k
短期間での新規プロダクト開発における「コスパの良い」Goのテスト戦略」 / kamakura.go
n3xem
2
180
今年一番支援させていただいたのは認証系サービスでした
satoshi256kbyte
1
260
AppRouterを用いた大規模サービス開発におけるディレクトリ構成の変遷と問題点

eiganken
1
190
ゆるやかにgolangci-lintのルールを強くする / Kyoto.go #56
utgwkk
2
470
歴史と現在から考えるスケーラブルなソフトウェア開発のプラクティス
i10416
0
150
useSyncExternalStoreを使いまくる
ssssota
6
1.5k
17年周年のWebアプリケーションにTanStack Queryを導入する / Implementing TanStack Query in a 17th Anniversary Web Application
saitolume
0
250
PHPで作るWebSocketサーバー ~リアクティブなアプリケーションを知るために~ / WebSocket Server in PHP - To know reactive applications
seike460
PRO
2
670
PSR-15 はあなたのための ものではない? - phpcon2024
myamagishi
0
190
Итераторы в Go 1.23: зачем они нужны, как использовать, и насколько они быстрые?
lamodatech
0
1k
KMP와 kotlinx.rpc로 서버와 클라이언트 동기화
kwakeuijin
0
200

Featured

See All Featured
Rails Girls Zürich Keynote
gr2m
94
13k
Adopting Sorbet at Scale
ufuk
73
9.1k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
29
920
Building Better People: How to give real-time feedback that sticks.
wjessup
366
19k
Become a Pro
speakerdeck
PRO
26
5k
Designing on Purpose - Digital PM Summit 2013
jponch
116
7k
For a Future-Friendly Web
brad_frost
175
9.4k
Thoughts on Productivity
jonyablonski
68
4.4k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
356
29k
Why Our Code Smells
bkeepers
PRO
335
57k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Practical Orchestrator
shlominoach
186
10k

Transcript

  1. A distributed systems challenge: Stripe CTF Bogdan Gâza Big Data

    #5 Bogdan Gâza

  2. Big Data #5 Bogdan Gâza $whoami

  3. Big Data #5 Bogdan Gâza

  4. Big Data #5 Bogdan Gâza Level 0 The mysterious program

  5. Big Data #5 Bogdan Gâza

  6. Big Data #5 Bogdan Gâza Different hash: open addressing v

    hash(V) hash(X) x

  7. Big Data #5 Bogdan Gâza Bloom filters N hash functions

    k1 k2 k3 kn probabilistic fals positives / no fals negatives

  8. Big Data #5 Bogdan Gâza Level 1 Gitcoins

  9. Big Data #5 Bogdan Gâza Level 1 Gitcoins

  10. Big Data #5 Bogdan Gâza

  11. Big Data #5 Bogdan Gâza SHA1 - ridiculous parallel bash:

    400 Hash/s stripe go miners: 1.9 MHash/s gpu: 1-2 GHash/s

  12. Big Data #5 Bogdan Gâza Level 2 DDos Defense

  13. Big Data #5 Bogdan Gâza Proxy Node Node Node

  14. Big Data #5 Bogdan Gâza Load balancing algorithm 4 req

    / ip request requests < 25 ms apart Solution

  15. Big Data #5 Bogdan Gâza Level 3 Instant code search

  16. Big Data #5 Bogdan Gâza LB Indexer Indexer Indexer 4

    minutes to index 4 nodes with 500MB of RAM Scala Latency based scoring To pass the level < 0.15s / query Around 100M words Arbitrary substring

  17. Big Data #5 Bogdan Gâza Twitter Stack: finagle / twitter

    server Problem

  18. Big Data #5 Bogdan Gâza

  19. Big Data #5 Bogdan Gâza 1st approach: inverted index vs

    substring search Solution Trie vs substring search marisa / patricia Trie / radix tree / suffix tree vs substring search DAWG vs substring search Sharding

  20. Big Data #5 Bogdan Gâza Level 4 SQLCluster

  21. Big Data #5 Bogdan Gâza SQLite SQLite SQLite SQLite SQLite

    SQLite Unreliable network ! octopus octopus simulates: netsplit / lagsplit / SPOF

  22. Big Data #5 Bogdan Gâza Consensus Reliability in the presence

    of faulty processes examples: who can commit to the DB who is the leader state machine replication

  23. Big Data #5 Bogdan Gâza ZAB - High performance broadcast

    in primary backup systems - 2011 RAFT - Understandable consensus algorithm - 2013 Paxos - Part-time parliament - Laslie Lamport ‘90 Consensus

  24. Big Data #5 Bogdan Gâza ZAB - High performance broadcast

    in primary backup systems - 2011 RAFT - Understandable consensus algorithm - 2013 Paxos - Part-time parliament - Laslie Lamport ‘90 Consensus

  25. Big Data #5 Bogdan Gâza

  26. Big Data #5 Bogdan Gâza

  27. Big Data #5 Bogdan Gâza

  28. Big Data #5 Bogdan Gâza Thanks!