Google Hack?

An answer to our previous interview question on Messaging Queues. Plus how google sign in can cause an attacker to get full access to your google account.

Hi Everyone!

If you’re preparing for coding interviews, you should definitely check out Grokking the Coding Interview.

The course has 16 key patterns to coding interviews. Patterns like Sliding Window, Fast and Slow Pointers, Two Heaps, and 13 other patterns.

Being aware of all these 16 patterns will give you a huge advantage in your interviews.

You don’t have to purchase anything to view the patterns!

Check it out here.

Educative is sponsoring Quastor Daily, but that’s because I reached out to them. I’m a big fan of the product.

Tech Dive

Our next tech dive will be on Bitcoin! Stay tuned.

Our last tech dives were on Distributed Systems and Database Sharding!

Tech Snippets

  • How It works Newsletter - This is an awesome newsletter written by Trevor McKendrick (Chief of Staff at Lambda School - one of the fastest growing startups in Silicon Valley with a vision of fixing higher education). Trevor shares an inside look at Silicon Valley. One of his most interesting articles is Why you should Ignore Every Founder’s Company Origin Story. Awesome read!

  • Fantastic Article on how Chess.com is scaling their database - Chess.com is a top 250 website with 4 million unique daily users and over 7 billion queries hitting their MySQL databases.

    • Their main database was getting far too many writes and the replica databases couldn’t keep up with the traffic.

    • Their replica databases were 30-60 seconds behind the main database, and this broke Chess.com’s services as their reads were consuming stale data.

    • The article goes into how they solved this problem while minimizing the amount of downtime.

  • How I stole the data in millions of people’s Google accounts - Many websites allow you to authenticate with Google (Sign In with Google). Ethan writes about how he could exploit this to access all the data in a user’s Google account (google drive, gmail, photos, etc.)

    • Used a WebView pointing to Google’s set up page for a new Android device instead of the typical Google Sign In page.

    • This allows him to take advantage of Google Master Token to gain access

Interview Question

Given the head of a linked list, rotate the list to the right by k places.

We’ll send a detailed solution tomorrow, so make sure you move our emails to primary, so you don’t miss them!

Gmail users—move us to your primary inbox

  • On your phone? Hit the 3 dots at the top right corner, click "Move to" then "Primary"

  • On desktop? Back out of this email then drag and drop this email into the "Primary" tab near the top left of your screen

Apple mail users—tap on our email address at the top of this email (next to "From:" on mobile) and click “Add to VIPs”

Previous Solution

As a refresher, here’s the previous question

What is a Messaging Queue?

Why would one be necessary?

How would you build a Messaging Queue?

What features would you add in and what tradeoffs might you make?

Solution

What is a Messaging Queue

A Queue is a data structure that holds your data in sequential order. It operates on a First In, First Out basis, where the first piece of data that gets enqueued is the first piece of data that will be dequeued.

A Message is just a piece of data that will be enqueued on the Messaging Queue. The message is a byte array. An example might be an HTTP message.

Combine those two terms together to get a Messaging Queue.

Why would one be necessary?

Systems will typically work based on a Request-Response paradigm. The client (or user) will send a request to your server. Your server will then process the user’s request and return a response back to the user. For example, when you go to www.youtube.com, you send a request to YouTube’s servers asking for YouTube’s homepage. YouTube’s servers will then send the HTML code for the homepage back to you as a response.

Now, what happens when you have thousands of users who are simultaneously sending requests to your server? Your server can’t respond to all of them instantaneously so there will be a delay between the server receiving the request and sending back a response. That means your users will send you a response, and then they’ll have to wait around for an indeterminate amount of time until your server can get back to them with a response. Additionally, you’ll want to make sure you keep track of all these requests. What if your server crashes? It would be a pretty terrible user experience to lose all those requests in the backlog.

Messaging Queues solve these problems. With a Messaging Queue, you can have a service that takes in requests and just adds it to the Messaging Queue. Then, the service can send a response back to the client saying “Ok, we got your request and added it to the Queue. We’ll send a response back soon”. Now, the client knows it’s request was received and it can do something else (Asynchronous Processing).

Additionally, if the server crashes randomly, you don’t have to worry about losing all your requests. All of them are stored in the Messaging Queue, which comes with guarantees around durability (depending on which provider you use).

How would you build a Messaging Queue?

This is a pretty complex question. It’s difficult to give a good explanation in an email, but here’s a great video that goes into detail on how to build a distributed Messaging Queue.

What features would you add in?

One feature might be authentication of requests. Before you enqueue a request into your Messaging Queue, you can make sure that the request is legitimate (not spam and required parameters are preset) and handle things like rate limiting.

You might also add in some data collection capabilities. You can analyze each request (location of the client, server resources accessed, time/date, etc.) and write these metrics to a database. Your data science team might later use that to come up interesting insights.

What tradeoffs might you make?

We talked a bit about this before but one tradeoff would be durability. Do you need strong durability guarantees for the messages in your Messaging Queue? If your Messaging Queue goes down, is it okay if you lose all the messages inside?

If not, then this will slow down your enqueue and dequeue operations, as you’ll have to write them to disk.

Best,

Arpan