Colm MacCárthaigh @colmmacc Twitter profile

Pinned Tweet

Colm MacCárthaigh

@colmmacc

8 years

After using wifi in 3 airports and 4 planes this weekend, I've created to make logging on a little bit easier.

64

284

944

Last Seen Profiles

@Chicodotado9

@Kuchiiya

@HelouRasha

@Bgslovelyfan

@techbudsolution

@shitouyuka82722

@EfsaneKomik

@slimerxt

@jordanmiller

@nan2000web

@abyssless2

@Mxntle

@panncafe

@worldnetdaily

@Stray_Kite

@IRIAM_shirayuki

@j_prxo

@Thomas08506227

@pengen_stw

@TheBeatleBR

@Indigomu

@karenkhachanov

@SInvasion2020

@ReddySathpal

@AnhSketch

@maray_vargas

@Procureur_pap

@uclh

@TPachonsillas

@MSilver_MD

@stwmaniax

@Jordan_Patu

@pengen_stw

@BoyOfCells

@superioradkins

@prinny316

Colm MacCárthaigh

@colmmacc

5 years

Does anyone else feel that they basically lucked into a high paying career because their interests randomly aligned with scarcity and a rapidly growing field, and that it's nowhere near as hard, or as societally valuable as what teachers, medical professionals and care-givers do?

685

3K

17K

Colm MacCárthaigh

@colmmacc

10 months

How hilarious would it be if the new iPhones were unveiled and this is the connector?

66

132

4K

Colm MacCárthaigh

@colmmacc

2 years

A quick rage-thread about credentials. When security auditors just say things like "Critical credentials need to be rotated every 90 days" you need to fire them into the sun with urgency. Here's what you actually need ...

43

571

3K

Colm MacCárthaigh

@colmmacc

6 years

Have you ever needed to generate a random number in code? whether it's for rolling a dice, or shuffling a set, this tweet thread is here for you! There's no reason that it should be easy or obvious, very experienced programmers repeat common mistakes. I did, before I learned ...

32

850

3K

Colm MacCárthaigh

@colmmacc

6 years

Yesterday the current Irish president, Michael D. Higgins, signaled that he's going to run for another term. He'll probably be unopposed, with broad support, and no election needed. If you're not Irish, allow me to blow your mind with the state of Irish politics ...

40

838

2K

Colm MacCárthaigh

@colmmacc

5 years

I think right around this minute is just about exactly 5 years since the Heartbleed vulnerability in OpenSSL became public. I remember the day vividly, and if you're interested, allow me to tell you about how the day, and the subsequent months, and years unfolded ...

23

1K

2K

Colm MacCárthaigh

@colmmacc

2 years

The cryptography that is in 'crypto' is merely enough to serve as a foundation myth of mathematical purity and incorruptibility. It is a blinding lustered talisman used as privatized statecraft to support empires of scams. It is not actually good cryptography. A small thread.

43

527

2K

Colm MacCárthaigh

@colmmacc

5 years

Would you use a terminal based editor that's a cross between 'cat' and 'vi'? Keyboard shortcuts and multi-line editing without taking over the screen or mental context. Let me know with likes and replies. If there's interest, I'm going to clean this up and get it on GitHub. Demo:

147

218

2K

Colm MacCárthaigh

@colmmacc

2 years

This table says it all. One of the reasons we're going big on Rust it because it delivers incredible economies, without trading off safety. On Cloud, sustainability is a big motivator, and on devices battery lifetime is the biggest differentiator.

@[email protected] 🐍🦀🐪💎☕️🐧🐘🌲

@_msw_

2 years

Here's a new @AWSOpen blog post from @SkippersWif and @carllerche about the energy efficiency benefits of @rustlang , which can help customers achieve their #sustainability 🌎 goals. Check it out!

10

109

429

59

349

2K

Colm MacCárthaigh

@colmmacc

4 years

Congratulations to @abbyfuller , who is now a Principal Security Engineer at AWS. She was already a Principal, but becoming a security engineer is a very difficult role change and there aren't many Principal SecEngs! Also: now I can never leave my laptop unlocked at home.

45

33

1K

Colm MacCárthaigh

@colmmacc

3 years

This Facebook outage is a prime example of one of the unfathomably stupid design decisions in DNS: if resolvers just served the "stale" cache entries, everything would likely be fine right now. The records rarely change, it's madness to treat TTLs like time-bombs.

39

142

1K

Colm MacCárthaigh

@colmmacc

3 years

Updated LinkedIn for the first time in a while. I've got a lot to live up to, and thanks to everyone I've worked with! I'm still on-call, still getting paged, still writing code, still going to stand-ups, and love that. I'm told there are no executive washrooms or parking.

147

23

1K

Colm MacCárthaigh

@colmmacc

6 years

Last week I spoke about how we build ultra-reliable AWS services. It's my favourite talk that I've given. Everyone I've asked has told me that they learned something new and interesting 😃 Here I'm going to tweet some highlights to tempt you to watch ...

AWS re:Invent 2018: Close Loops & Opening Minds: How to Take Control...

Whether it’s distributing configurations and customer settings, launching instances, or responding to surges in load, having a great control plane is key to ...

www.youtube.com

13

326

1K

Colm MacCárthaigh

@colmmacc

2 years

Today is a very special day because I finally get to share something amazing that @seakoz and I have been working on: Universal certificate rotation. It's an in-browser capability to rotate *any* certificate. I know that sounds impossible or even insecure but stick with me.

37

160

855

Colm MacCárthaigh

@colmmacc

3 years

I'm pretty sure I have the privilege of working with some of the highest performing C programming teams in the world. On security sensitive software. No corners cut on readability, testing, analysis, formal verification, reviews. We'll all tell you that Rust is better.

9

85

815

Colm MacCárthaigh

@colmmacc

4 years

I came to the US on a H-1B visa. At the time there was no lottery or line, and it was faster than getting an L1! I helped build Amazon CloudFront, Amazon Route 53, AWS Shield, ELB, NLB, and NAT Gateway in that time. I'd like to think a net positive for the US too!

Jeremy Liew

@jeremysliew

4 years

I came to the US on an h1b visa. I’d like to think I’ve been a net positive for the country. RT if you or a family member are also an immigrant who has been net positive for the US

111

1K

4K

9

82

790

Colm MacCárthaigh

@colmmacc

6 years

O.k. this is going to be long tweet thread, but I promise it's worth it :) ... as long as you're into distributed systems, and network encryption, but then WHO ISN"T INTO DISTRIBUTED SYSTEMS AND NETWORK ENCRYPTION? Lame people, that's who ...

12

390

733

Colm MacCárthaigh

@colmmacc

2 years

First rule of credential management: Rotation does nothing. It's revocation that matters. You always need a well-tested mechanism to make sure that you can remove or invalidate a credential that has been compromised.

8

53

680

Colm MacCárthaigh

@colmmacc

2 years

It's pretty damning that when you do much research on 'crypto' and its open challenges that many of those problems have long been solved by .... checks notes ... actual cryptography.

15

67

579

Colm MacCárthaigh

@colmmacc

6 years

It's my ten year anniversary at AWS, I got a new badge and everything! To celebrate, I'm going to tweet out the lightning talk I gave at last week's Amazon dev con. It's all about my favorite thing from my ten years: Shuffle Sharding!

12

176

551

Colm MacCárthaigh

@colmmacc

2 years

I now qualify for @TeamUSA Olympics, soccer, basketball, hockey and either of the Ryder cup teams! Just waiting for the call.

61

3

546

Colm MacCárthaigh

@colmmacc

2 years

Instead of telling people that it's more efficient to charge their devices (and now cars) to 80%, we should make that amount of capacity the new "100%". The same batteries could then occasionally be charged to 125%. I bet it'd be more popular and intuitive with better results.

36

33

522

Colm MacCárthaigh

@colmmacc

3 years

What happened to "zero emissions"? Tesla investing in Bitcoin is like Beyond Meat investing in slaughter houses.

16

109

522

Colm MacCárthaigh

@colmmacc

5 years

Code review improves code readability and code quality, but the real value is that it teaches humility, collaboration, and how to change your mind. Usually criticism of it is rooted in insecurity around those three things.

Camille Fournier

@skamille

5 years

Questioning the value of mandatory code review is definitely the most popular underground belief held by senior engineers I know

112

74

604

8

128

514

Colm MacCárthaigh

@colmmacc

3 years

For Friday's twitch stream, I'm thinking of covering Principal Engineering soft skills that come up in 1-1s. "How to get people to do the right thing", "How to not suck at meetings", "How to prioritize". Are these interesting? I have advice, but I haven't perfected any!

26

16

513

Colm MacCárthaigh

@colmmacc

2 years

NFTs purport to be unmodifiable uncopyable tokens but don't really try. Most NFTs make no effort to authenticate or bind the actual content (like an art-work). A trivial hash would be enough! This is embarrassing.

9

34

498

Colm MacCárthaigh

@colmmacc

3 years

Has anyone done "Tenured/Experienced/Senior/Overpaid Engineers live-stream their fumbling attempts at coding up techbro interview questions on Twitch"? Would this be an interesting format?

36

11

505

Colm MacCárthaigh

@colmmacc

3 years

It blows my mind that there are TCP connections for Amazon EFS that have been active for years and years. I'm sure we've updated and upgraded the underlying NLB and NFS instances many times over and the connections endure thanks to what really is distributed magic.

10

43

503

Colm MacCárthaigh

@colmmacc

4 years

Tuesday Technical Tweet Thread Time! Let's go on the roller coaster of what happens at a low level when a DNS server sends an 4,000 byte EDNS0 response to a client whose MTU is 1200 bytes. Confused already? don't worry, we'll break it down. I promise it's super interesting.

12

148

500

Colm MacCárthaigh

@colmmacc

5 years

Has anyone thought of doing live whiteboard coding sessions at conferences? I'd love to see the most tenured, but also sarcastic and cutting, engineers put through a bullshit technical interview on stage, as performance art and parody of the form.

15

75

494

Colm MacCárthaigh

@colmmacc

3 years

Building highly reliable systems is constant work! The latest Amazon Builders' Library article is my take on an under-appreciated design principle, with examples of services we've made resilient to the challenges of dynamic scaling and load stress.

15

109

479

Colm MacCárthaigh

@colmmacc

6 years

@BetoORourke Taken just after Election Day, in Big Bend Ranch State park. Texas bluffs on the right, Mexican rushes on the left, the shallow Rio Grande in the middle.

1

51

439

Colm MacCárthaigh

@colmmacc

2 years

A new AWS whitepaper covering Nitro - "The Security Design of the AWS Nitro System". Super interesting deep dive into virtualization and the AWS approach to security. HTML: PDF:

16

128

462

Colm MacCárthaigh

@colmmacc

2 years

People often think that distributed systems is about knowing things like PAXOS, fancy commutative operations, clock synchronization and the like but in reality what in your opinion is building and running distributed systems successfully actually about?

180

65

445

Colm MacCárthaigh

@colmmacc

2 years

It's promo day at Amazon and congrats to everyone whose hard work and positive influence have been recognized and promoted! But especially Senior Principal Security Engineer @abbyfuller .

15

5

441

Colm MacCárthaigh

@colmmacc

2 years

Is there a day of recognition for on-call engineers? Or even a patron saint?

50

20

432

Colm MacCárthaigh

@colmmacc

5 years

Mini-Thread: We've just launched TLS/SSL support for AWS Network Load Balancers. You can now use NLB to terminate TLS/SSL directly and still get the great performance, scalability, and insane magic of network transparency! See @jeffbarr 's post at

New – TLS Termination for Network Load Balancers | Amazon Web Services

When you access a web site using the HTTPS protocol, a whole lot of interesting work (formally known as an SSL/TLS handshake) happens to create and maintain a secure communication channel. Your...

aws.amazon.com

17

209

420

Colm MacCárthaigh

@colmmacc

3 years

In the time it'll take you to read this tweet, the AWS IAM system will verify over a billion real-world SIGv4 signatures and then authorize (or disallow!) over a billion requests against the security policies for their accounts, users, roles, organizations, and resources.

9

45

407

Colm MacCárthaigh

@colmmacc

6 years

Thursday tweet thread time! This one is all about what we do in Amazon s2n to prevent security issues similar to this week's libssh problem.

lvh

@lvh

6 years

libssh auth bypass:

1

20

34

4

180

392

Colm MacCárthaigh

@colmmacc

5 years

Tuesday Tweet Thread: Today, AWS CISO @StephenSchmidt unveiled VPC Encryption and our "Lever" link encryption initiative. They work in-concert to make pervasive network encryption the default, and to deliver new protections against traffic analysis and post-quantum risks. 1/n

10

182

398

Colm MacCárthaigh

@colmmacc

3 years

No matter how fast laptops get, software bloat will always slow it down because developers have few incentives to improve upon "just barely good enough". My 2021 MBP feels slower sometimes than my 1995 desktop did! What could disrupt this mad cycle?

66

21

383

Colm MacCárthaigh

@colmmacc

2 years

For a few years, a big contingent of the Amazon Route 53 team was Ukrainian. My boss and director, Principal and lead engineers. Great crew. They are in safety, but I'm thinking of their extended families tonight. What a profane obscene calamity of corruption and cowardice.

9

31

383

Colm MacCárthaigh

@colmmacc

3 years

Proud to now work at a MAANG

17

378

Colm MacCárthaigh

@colmmacc

1 year

The phrase "end to end encryption" has come to be used in two exactly opposite and contradictory ways! Sometimes people mean "Every hop in this system is encrypted, end to end" and sometimes it's "The hops don't matter, security is between the two outermost endpoints".

29

44

361

Colm MacCárthaigh

@colmmacc

5 years

O.k., this is happening ... now. I'm going to explain what's actually going on when data is encrypted, hopefully without mystifying, oh and some of the weird and inconsistent stuff cryptographers come up with.

Colm MacCárthaigh

@colmmacc

5 years

Prompted by some good questions, in the next few days I'm going to do a longer-than-usual tweet thread explainer on symmetric cryptography. That's the kind we all use for encrypting data. Are there things you've always been curious about? It's mostly baffling, so no shaming.

9

5

84

13

119

357

Colm MacCárthaigh

@colmmacc

2 years

Second rule of credential management: Have closed loops. Deactivated credentials are a common source of outages. When introducing a new credential you see it everywhere it needs to be before using it. When you remove one, you need to see it gone from use before deactivating.

3

14

348

Colm MacCárthaigh

@colmmacc

6 years

Ok. tweet thread time! Too long ago I promised to write a screed explaining how much I hated mutual-auth TLS and why. I got distracted, and I wasn't happy with the writing, so here it is in tweet thread form instead! But basically: Client certs and Mutual-Auth TLS is TERRIBAD.

12

85

348

Colm MacCárthaigh

@colmmacc

2 years

Third rule of credential management: logging and detective controls are key. You need to be able to see when and where a credential is being used. This is important for operational safety and security. How would you even detect a stolen credential without this?

3

18

345

Colm MacCárthaigh

@colmmacc

2 years

Computationally cheap cryptographic currencies with privacy are actually a solved problem. David Chaum pioneered it, but modern zero knowledge systems can do even more. You don't need expensive blockchains for this.

15

27

331

Colm MacCárthaigh

@colmmacc

2 years

Blockchains purport to give us decentralization, but they are rife with front-running because miners can pick and choose transactions to prioritize. Cryptographic sealing and pre-commitment of transactions would solve this, but blockchains don't do it.

16

24

327

Colm MacCárthaigh

@colmmacc

4 years

We've completed the rollout of TLS1.3 across Amazon CloudFront. It's now available and on for all CloudFront customers with no action or settings needed. Enjoy!

Amazon CloudFront announces support for TLSv1.3 for viewer connections

aws.amazon.com

8

76

345

Colm MacCárthaigh

@colmmacc

4 years

Personal announcement 🎺 Starting today, I'm spending most of my time at AWS working on identity and especially IAM. I'm still working on EC2, especially on Nitro Enclaves, security and encryption, but feel free to chat and ask about things identity. It's exciting, lots to learn!

15

3

337

Colm MacCárthaigh

@colmmacc

5 years

From the @AWSSecurityInfo blog: Add defense in depth against open firewalls, reverse proxies, and SSRF vulnerabilities with enhancements to the EC2 Instance Metadata Service

Add defense in depth against open firewalls, reverse proxies, and SSRF vulnerabilities with...

July 27, 2021: We’ve updated the link to the 2019 re:Invent session on this topic. Since it first launched over 10 years ago, the Amazon EC2 Instance Metadata Service (IMDS) has helped customers...

aws.amazon.com

7

146

332

Colm MacCárthaigh

@colmmacc

5 years

O.k. time for a mini-tweet thread which is all about network and TCP optimization! How can we make connections fast and reliable? and what's really going on anyway. It's all way too confusing so let's demystify it a bit.

13

112

335

Colm MacCárthaigh

@colmmacc

6 years

Unpopular opinion: to really make it as a senior/lead engineer, you have to get good at soaking up interruptions, only managing or minimizing them for others not yourself. You just have to adapt to working productively in smaller time slices and handling context switches. Tough!

19

60

329

Colm MacCárthaigh

@colmmacc

5 years

There’s something good and strange about seeing my tiny native language, correctly spelled, on a sign across the street from my office. Thousands of miles from where it’s spoken! Seattle’s newest park is a @popupgael

17

23

318

Colm MacCárthaigh

@colmmacc

4 years

I'm a broken record on this, felons should be able to vote and so should *prisoners* *still* *in* *prison*. This is a far more important and practical check on tyranny than the second amendment, and is an international norm.

The Law Enforcement Action Partnership (LEAP)

@PoliceForReform

4 years

BREAKING: 5.2 million adults are barred from voting in this year's election due to previous felony convictions — including 1 in 16 Black Americans and over 560,000 Latinx Americans. @SentencingProj #LockedOut2020 #FreetheVote

2

67

95

6

106

309

Colm MacCárthaigh

@colmmacc

3 years

Last week, as part of Amazon S3 Multi-Region Access Points, we also launched a new authentication scheme for AWS. With the new SIGv4A, every request is signed using asymmetric public-private cryptography. Here's some how and why ...

AWS SIGv4 and SIGv4A — shufflesharding.com

In the time it takes to read this sentence, the AWS Identity and Access Management (IAM) service will handle several billion requests. Pretty close to every one of those requests is authenticated...

shufflesharding.com

7

91

315

Colm MacCárthaigh

@colmmacc

3 years

It's beyond time for a 101% tax on bitcoin. This really is horrifying.

koush

@koush

3 years

Difficult to quantify what an ecological disaster Bitcoin is, but this comes close.

614

27K

86K

24

54

308

Colm MacCárthaigh

@colmmacc

5 years

All of this trouble for a feature that to this day I can't even think of a good use case for. This is one reason why "Don't do less well. Do less, well." resonates with me as a motto.

2

47

305

Colm MacCárthaigh

@colmmacc

2 years

+1 to this. I have several times thrown well-meaning but nevertheless interrupting high-ranking executives off of incident calls. Got positive credit for this in promotions! At AWS, we give executives their own call focused on customer communication and I love the separation.

Yvonne Lam

@yvonnezlam

2 years

CEOs, hell. I have neither forgiven nor forgotten some of the non-contributing managers/ICs in the room during incidents.

2

9

83

7

23

304

Colm MacCárthaigh

@colmmacc

5 years

Design with as few moving parts as possible, write as little code as necessary. Raise the bar for code readability and testing. Measure and instrument everything. Own the full product. Know your customer, your ops, and your financials. Cross boundaries and do whatever it takes.

3

87

297

Colm MacCárthaigh

@colmmacc

3 years

Sometimes the hardest part of working on encryption at AWS is just trying to figure out if "key" means the encryption key, the cache identity, or the S3 filename.

19

8

295

Colm MacCárthaigh

@colmmacc

2 years

Fourth rule of credential management: be INCREDIBLY wary of time-based expiry. Use only when there is no other option (e.g. public SSL certificates). There's really no way to win with time-based expiry.

4

21

286

Colm MacCárthaigh

@colmmacc

4 years

Happy birthday @Amazon_Route_53 ! We launched ten years ago today and brought self-service affordability and programmability to 100% availability DNS. Massive thank you to every customer who has trusted us with your domains. Here's to the next ten years! 🎂

9

22

287

Colm MacCárthaigh

@colmmacc

2 years

After two rotations:

25

3

274

Colm MacCárthaigh

@colmmacc

5 years

My talk from @qconnewyork is up and online! It's about control theory and how we build stable systems at @awscloud . I can finally reveal that this talk was also the beginning of an elaborate plot, teeing up the following pun ... feedback is welcome.

PID Loops and the Art of Keeping Systems Stable

Colm MacCárthaigh shows what PID loops look like in the context of modern systems, and how exponential backoff, flow-control, and other techniques can be wielded to build self-healing systems.

www.infoq.com

8

67

268

Colm MacCárthaigh

@colmmacc

6 years

back in 2006, 40 Afghani's occupied St. Patrick's Cathedral in Dublin demanding answers for their asylum claims. Michael D. Higgins showed up and spent hours with the occupiers and offered to represent them personally. I was there and saw him get a lot of stick for it.

2

14

257

Colm MacCárthaigh

@colmmacc

3 years

Today is the "official" promotion day, when it goes live in our internal systems, for most people here at Amazon. Huge congratulations to every one! I am giddy for the promos I know about, great to see the recognition.

4

7

266

Colm MacCárthaigh

@colmmacc

2 years

The few NFTs that do use on-chain storage or content-addressing make no real effort at preventing copying. Cryptographically signed back-references would solve the "duplicate pointers" problem, and while perceptual hashing isn't perfect but it could really help here.

6

15

257

Colm MacCárthaigh

@colmmacc

2 years

After:

14

2

266

Colm MacCárthaigh

@colmmacc

6 years

It's ten years since we launched Amazon CloudFront! Building it was super fun, my first day at Amazon was spent getting stuck into the CloudFront routing software and making it actually work. A few weeks later, but before we launched, we hit my favorite bug ever ...

6

80

263

Colm MacCárthaigh

@colmmacc

6 years

President Higgins comes from the left of Irish politics. In US terms he'd be to the left of Bernie Sanders. There's really no equivalent place on the US political spectrum. He's pro-labour, pro-social-justice, pro-immigrant, to give one example ...

2

14

250

Colm MacCárthaigh

@colmmacc

2 years

Ukraine needs help right now, and the whole world needs violence driven by mad corruption to backfire. If you're donating any money today to further those ends, reply with a receipt and I'll match it, up to $10k. Reply too with links to causes!

27

51

258

Colm MacCárthaigh

@colmmacc

6 years

Big take-away: 30 years of Irish Presidents have been progressive in significant ways, supporters of the little guy, compassionate, and extremely popular in office.

2

15

255

Colm MacCárthaigh

@colmmacc

3 years

I was reminded of a simple lesson today: senior software engineers should be writing tests, of course, but really they should also be doing something every so often that makes writing better tests easier, for the less experienced engineers. That's where the gold is.

8

27

263

Colm MacCárthaigh

@colmmacc

5 years

Within about an hour, deployments with the hot patch were in progress, and it went out quicker than I've seen anything. Within a matter of hours, AWS was 100% patched. Even 5 years ago, this was millions of deployments. Amazingly, there were no reports of customer impact either.

5

26

255

Colm MacCárthaigh

@colmmacc

4 years

Friday morning tweet thread: some more depth and detail on AWS Nitro Enclaves, the trusted execution environment / confidential computing platform which we launched last week. . Let's dive in!

Nitro Enclaves

aws.amazon.com

8

72

256

Colm MacCárthaigh

@colmmacc

2 years

Fifth rule about credentials: Store credentials only where they are needed. This seems obvious but is rarely done. In particular it's common to see "treasure trove" secret-distribution control-planes that know all of the credentials.

6

15

254

Colm MacCárthaigh

@colmmacc

5 years

Tuesday Tweet Thread time! Today's is special. 5 pieces of programming advice: write tests, think in data structures, learn functional programming, check everything and bail on bad, and use "why" not "what" comments. Plus a small totally open $1,000 programming contest. O.k. ...

3

84

256

Colm MacCárthaigh

@colmmacc

3 years

iCloud Private Relay is one of the coolest things to happen in privacy and network encryption in a while. I'm going to update this thread as I learn more about it. Early impression: Overall it looks great, but I can see a few gotchas too.

6

69

256

Colm MacCárthaigh

@colmmacc

3 years

@QuinnyPig AWS Web Services

4

3

253

Colm MacCárthaigh

@colmmacc

3 years

Someone put this on my desk!

5

3

250

Colm MacCárthaigh

@colmmacc

4 years

Since we're building up a team to work on Rust I now get to do more Rust-based phone screens and coding interviews. It's noticeable that rust developers code is very consistent and idiomatic. Much more so than either C, C++, or Java. More like Python or Go in that way.

12

16

246

Colm MacCárthaigh

@colmmacc

3 years

We have two new leadership principles at Amazon today. "Strive to be Earth’s Best Employer" (which includes leading with empathy) and "Success and Scale Bring Broad Responsibility". We use our LPs every day. Excited for how they translate into practice.

Who We Are - Amazon's Leadership Principles | About Amazon

Explore Amazon's Leadership Principles and delve into our core values that drive innovation and success. Discover our unique approach to leadership.

www.aboutamazon.com

21

44

247

Colm MacCárthaigh

@colmmacc

2 years

Just before every AWS re:Invent I get this feeling of awe deep in my stomach at the sheer number of customers and partners that take the time to come along. It's a humbling glimpse at how many people are impacted by the decisions and designs we make.

6

30

246

Colm MacCárthaigh

@colmmacc

3 years

I'm sorry, but this is just physically impossible. 1TB of 160MB/sec storage that's smaller than my pinky fingernail? some kind of elaborate hoax, right?

SanDisk 1TB Extreme microSDXC UHS-I Memory Card with Adapter - Up to 160MB/s, C10, U3, V30, 4K, A2,...

SanDisk 1TB Extreme microSDXC UHS-I Memory Card with Adapter - Up to 160MB/s, C10, U3, V30, 4K, A2, Micro SD - SDSQXA1-1T00-GN6MA

www.amazon.com

36

13

243

Colm MacCárthaigh

@colmmacc

7 years

Today is my 9 year anniversary of working at AWS. Here's 9 personal takes on what it's like ...

9

76

238

Colm MacCárthaigh

@colmmacc

2 years

DAOs and Smart Contracts purport to give us decentralized point in time consensus but they go significantly backwards on privacy. Why not incorporate what threshold cryptography or zero-knowledge systems could already do?

7

10

230

Colm MacCárthaigh

@colmmacc

3 years

It's been a while since I've posted a tweet thread, but what better time than right now! This time is all about one of my favorite ways that an AWS customer used an ELB ... as a scheduler, or maybe even a queue.

4

27

240

Colm MacCárthaigh

@colmmacc

4 years

PSA: December 31st will be the 366th day of the year. Look out for bugs in code that assume there are only 365 days in a year, especially code shipped in the last 4 years. A bug like this bricked Zunes globally in 2008! it happens.

Jaana Dogan ヤナドガン

@rakyll

4 years

2020 is a leap year. One more thing to worry about 😑😑😑

4

1

61

7

59

237

Colm MacCárthaigh

@colmmacc

2 years

Ninth rule of credentials: If you can't write down a common password comparison side-channel from memory, do not implement your own authentication. Yes this is gatekeeping. Sorry, but no.

8

13

237

Colm MacCárthaigh

@colmmacc

2 years

If your expiry time is something like a year, you don't get much security. Are you ok with an attacker using that cred for a year? So you still need revocation. If your expiry time is very short, like hours, are you *always* going to beat that renewal deadline? got good clocks?

2

12

237

Colm MacCárthaigh

@colmmacc

4 years

I just replaced by a1.medium with an m6g.medium. These machines scream (33 seconds to 17 seconds for my s2n build). The AES-NI and SHA acceleration is the fastest I've seen. Gigantic CPU caches too! And all of the memory is encrypted all of the time.

New – EC2 M6g Instances, powered by AWS Graviton2 | Amazon Web Services

Starting today, you can use our first 6th generation Amazon Elastic Compute Cloud (Amazon EC2) General Purpose instance: the M6g. The “g” stands for “Graviton2“, our next generation Arm-based chip...

aws.amazon.com

5

46

233

Colm MacCárthaigh

@colmmacc

4 years

We towed this from Seattle to Eastern Maine in four and a half days, 18 gas stops, and 4 tolls. We've isolated the whole time, and have precautionary COVID tests. It seemed daunting, but it was doable! WA, ID, MO, WY, SD, MN, WI, IL, IN, OH, PA, NY, MA, NH, ME.

Abby Fuller

@abbyfuller

4 years

20

2

350

17

3

232

Colm MacCárthaigh

@colmmacc

4 years

Monday morning mini-thread. I rarely re-read books, but there are essays, letters, and speeches I re-read every year or two. Here I'm going to share 11 that have an enduring impact on me. Each is great writing, but also brilliant thinking.

4

34

228

Colm MacCárthaigh

@colmmacc

2 years

I love this work from Google, and as someone who worked a lot on AWS VPC Encryption, it's really interesting to see how the differences in environment result in quite different designs. Just a few thoughts ...

4

49

229

Colm MacCárthaigh

@colmmacc

4 years

I really miss playing out with people. Back to working on electric guitar with only myself to accompany. This is a Scottish tune called "The Hut on Staffin Island". Left in the style of Arty McGlynn, right in the style of Prince.

18

8

230

Colm MacCárthaigh

@colmmacc

2 years

Sixth rule of credentials: if there is no reason to suspect credential disclosure or mis-use, leave it alone. Replacing credentials usually exposes them to more systems, at least temporarily. How do you know that's not more risky?

2

16

228