Bojie Li

March 18th was the student open day of the IEEE 802 plenary session held in Beijing. I was invited by MSRA to attend. The participants in the standard-setting process are all professionals, and I was basically like Granny Liu visiting the Grand View Garden, just there for the amusement. Since photography and recording were prohibited at the venue, and the technical documents discussed at the meeting were not public, there are no pictures or solid evidence to share.

First, let me explain what IEEE 802 is. IEEE 802 is a committee under IEEE (Institute of Electrical and Electronics Engineers), responsible for the establishment of local area network and metropolitan area network standards. The physical layer and link layer protocols of computer networks are basically established by this organization. IEEE 802 holds three plenary sessions each year, most of which are held in North America. Voting rights are granted from the third participation in the plenary session.

IEEE 802 has several working groups, for example, 802.3 is responsible for Ethernet, which is the wired network we use; 802.11 is responsible for Wireless Local Area Network (WLAN), commonly known as wifi. Each working group still has a lot to do. For example, Ethernet has 100M, 1G, 10G, 40G, 100G, and the 400G under research. Not only are the speeds different, but the transmission media used are also different; WLAN has 802.11a/b/g/n/ac/ad standards, not only are the speeds different, but the frequency bands used are also different. Therefore, each working group has Task Forces and Study Groups.

Most of the data on the websites we use is stored on servers in plaintext, and server-side programs authenticate users’ identities and grant user access permissions. However, as business logic becomes more complex, there are always various vulnerabilities, even sensitive applications like Alipay are no exception. In addition, more and more websites are being built on public cloud platforms, a major concern is: Will the owner of the cloud platform steal my confidential data?

Therefore, it is best to encrypt data stored on the server, and the decryption key is in the user’s hands, that is, only the user can see the plaintext, and the website owner, cloud service provider, and possible server intruders can only see the ciphertext. Building web applications on top of encrypted data using Mylar, which will be published at the top conference in the network field NSDI 2014, is such a solution.

A few days ago, I gave an internal technical sharing session, and the opinions of my colleagues were diverse, so I decided to discuss it with everyone. This article will discuss Google’s network infrastructure plans—Google Fiber and Google Loon, as well as Google’s exploration in network protocols—QUIC, with the ambition to turn the Internet into its own data center.

Wired Network Infrastructure—Google Fiber

The goal of Google Fiber is to bring gigabit internet into thousands of households. With gigabit speed, downloading a 7G movie only takes one minute (if you are still using a mechanical hard drive, you probably won’t have time to store it). Currently, this project is only piloted in two cities in the United States, Kansas and Provo. Google Fiber in these two cities offers three packages, taking Kansas as an example: [1]

1. Gigabit network + Google TV: $120/month
2. Gigabit network: $70/month
3. Free monthly network: 5Mbps download, 1Mbps upload, free monthly rent, but a $300 initial installation fee is required.
   The third plan is not as fast as the services provided by most telecom operators in the United States, and most households have already purchased TV services from cable TV operators, so for families that can afford it economically, the comparison of the three packages highlights the “value for money” of the second package ($70/month gigabit network).

There are two points worth arguing here:

1. Can everyone have such a fast gigabit network technically?
2. Can the $70/month fee recover the cost of Google building a gigabit network?

Today, I grabbed a router, which took me an hour to get, and I was always in a “crowded” queue before. I couldn’t help but think of the ticketing system I made for Beautiful Encounter last year. Someone asked, why can’t I get a ticket with the script I wrote? The mystery will be revealed in this article.

The conditions that the ticketing system must meet are:

1. One person, one ticket, a person cannot get two tickets;
2. The tickets to be issued every day must be issued exactly, neither more nor less (assuming there are enough people to grab tickets);
3. The probability of successfully grabbing tickets with a program should not be significantly higher than the probability of manually grabbing tickets.

[Note: This article is outdated because many authoritative DNS servers have multiple IP addresses for both domestic and international users. They resolve based on the user’s public IP, so simply distinguishing between domestic and international websites using authoritative DNS server IPs is no longer practical. It is recommended to read the new solution in “Setting Up a Local Anti-Pollution DNS for Intelligent Domestic and International Website Traffic”.]

DNS service is a crucial foundational service of the internet, but its importance is often underestimated. For example, in August 2013, the .cn root domain servers were attacked by DDoS, causing .cn domains to be inaccessible. On January 21, 2014, the root domain servers were polluted by a famous firewall, causing all international domains to be inaccessible. Many internationally renowned websites are inaccessible in mainland China partly due to DNS pollution, which returns incorrect IP addresses for domain names.

Setting up an anti-pollution DNS is not as simple as using a VPN to resolve all domain names. There are mainly two issues:

I helped a friend with port mapping and encountered two pitfalls since I haven’t touched iptables for a few months. I’d like to share them with you.

Network Virtualization is the creation of a virtual network that differs from the physical network topology. For example, a company has multiple offices around the world, but wants the company’s internal network to be a whole, which requires network virtualization technology.

Starting from NAT

With the improvement of computer processing capabilities and the increasing complexity of software, performance is often not the most important criterion for measuring software. But sometimes we do need to squeeze the performance of the computer. Especially when doing research, in order to make the performance indicators surpass the opponent, not only the algorithm (asymptotic complexity) needs to be optimized, but also the implementation (the constant in the complexity) needs to be optimized. This article tries to summarize some rules and hopes to discuss with everyone:

Do not use open source software

Open source software often considers a general problem, so there are many configuration parameters and conditional judgments that are almost never used; open source software often requires code readability and maintainability higher than performance, so it generally does not use so-called “tricks”.

Bitcoin, after experiencing two drastic rises and falls in April and November last year, has become more than just a toy for IT guys, but a focus of debate among all sectors of society. However, most articles about the technical principles of Bitcoin are superficial. During the New Year’s chat with good friends, we raised these questions, hoping to understand after reading this article:

1. How to verify a Bitcoin transaction to make it undeniable?
2. How to avoid spending a Bitcoin twice?
3. If I alone have 10% of the network’s computing power, is it possible to rewrite history?
4. Why do Bitcoin transactions have to wait for tens of minutes?
5. How does Bitcoin ensure a limited quantity (21 million)?
6. How to ensure exactly one Bitcoin is mined every 10 minutes?
7. What does it mean to mine 0.1 Bitcoin at a time?
8. Does a transaction of 10,000 Bitcoins require generating 10,000 transaction information?
9. With such a large volume of Bitcoin transactions, how are transaction records transmitted and stored?

Many embedded devices such as smartphones and routers have a “factory reset” function. According to the “backup” practice that everyone is used to on PCs, it seems necessary to back up the entire system at the factory in read-only ROM. If this is the case, every time you restore the factory settings, the content in the ROM has to be copied to the Flash storage, wasting a lot of storage space, and restoring the factory settings takes a long time. But in fact, restoring the factory settings is just a restart, and the Flash storage in the newly restored system is basically empty.

(Thanks to BW’s comment, the factory reset of the Android system does not use differential technology, but simply clears the data partition. The modification of the /system partition has not been restored, I got it wrong)