Bojie Li

Bitcoin, after experiencing two drastic rises and falls in April and November last year, has become more than just a toy for IT guys, but a focus of debate among all sectors of society. However, most articles about the technical principles of Bitcoin are superficial. During the New Year’s chat with good friends, we raised these questions, hoping to understand after reading this article:

1. How to verify a Bitcoin transaction to make it undeniable?
2. How to avoid spending a Bitcoin twice?
3. If I alone have 10% of the network’s computing power, is it possible to rewrite history?
4. Why do Bitcoin transactions have to wait for tens of minutes?
5. How does Bitcoin ensure a limited quantity (21 million)?
6. How to ensure exactly one Bitcoin is mined every 10 minutes?
7. What does it mean to mine 0.1 Bitcoin at a time?
8. Does a transaction of 10,000 Bitcoins require generating 10,000 transaction information?
9. With such a large volume of Bitcoin transactions, how are transaction records transmitted and stored?

Many embedded devices such as smartphones and routers have a “factory reset” function. According to the “backup” practice that everyone is used to on PCs, it seems necessary to back up the entire system at the factory in read-only ROM. If this is the case, every time you restore the factory settings, the content in the ROM has to be copied to the Flash storage, wasting a lot of storage space, and restoring the factory settings takes a long time. But in fact, restoring the factory settings is just a restart, and the Flash storage in the newly restored system is basically empty.

(Thanks to BW’s comment, the factory reset of the Android system does not use differential technology, but simply clears the data partition. The modification of the /system partition has not been restored, I got it wrong)

Sometimes, we need to remotely access websites that can only be accessed from the server’s network, such as the router’s Web control panel. Using links on the server is obviously unreliable. We can establish a tunnel between the local machine and the server using ssh, allowing the local browser to access restricted websites through the tunnel.

First, use ssh -D to establish a socks5 tunnel between the local machine and the server: (60000 is an arbitrary integer greater than 1024 and less than 65536)

1

ssh -C2qTnN -D 60000 user@remote-host

Then, let Chrome access through the socks5 tunnel. The Chrome plugin ProxySwitchy no longer works because Chrome no longer supports NPAPI, and ProxySwitchySharp sometimes doesn’t work. Some articles online say that chrome –proxy-server is enough, but in fact, it doesn’t work when you have another Chrome instance open, because Chrome will automatically find the open instance.

A more reliable method is to open Incognito mode and use a non-existent Chrome user data directory to prevent it from finding open instances. After use, it is best to delete the newly created user data directory (in the following example, it is C:\Temp\Chrome). Note that the following socks5 cannot be replaced with http, as they are different protocols.

1

PS C:\Program Files (x86)\Google\Chrome\Application> .\chrome.exe --proxy-server="socks5://127.0.0.1:60000" -incognito -user-data-dir=C:\Temp\Chrome

Is the blunder far from us? Not really. A while ago, the LUG server malfunctioned and mistakenly sent out 70,000 text messages, depleting the balance of the school’s text message platform. It was not until the teacher from the network center called me that I found out.

The trouble started with the service monitoring script. It retrieves site information from the database, periodically visits the monitored sites, and if a problem is detected, it will send a text message alert to the website owner. When the service monitoring script fails to connect to the database, it will also send me an alert text message. Initially, it would not attempt to reconnect to the database, so it would only send an alert once, but the monitoring service could not automatically resume operation after the database was restored. This bug was discovered during a blog malfunction, so it was changed to automatically reconnect, but the logic for sending alert text messages was not modified, so if the database could not be connected continuously, it would keep sending.

To prevent text message bombing, the messages sent out had to go through my “risk control”, limiting the number of text messages sent to each phone number every 24 hours. Risk control is to query the text message log table in the database to get the number of text messages sent to this number in the last 24 hours. When the database crashes, the value queried is NULL, which is implicitly type converted to 0 in PHP, so it is considered that it has not exceeded the limit and is sent out. The school’s text message gateway also has no “risk control” , resulting in a large number of text messages flooding into the operator’s network.

Those who have used Windows Vista/7/8 may have had this experience: after modifying a file on the C drive with a 32-bit program (such as cygwin), when you look at it from the Windows Explorer, it’s still the version before the modification! Does the file system have different views for different programs? You’re right, since Vista introduced UAC and VirtualStore, don’t trust the changes made by 32-bit programs in the C drive.

After Windows Vista introduced stronger security mechanisms, some important system directories are not modifiable by everyone. These directories include the C drive root directory, Program Files, Program Files (x86), Windows, and the registry’s HKEY_LOCAL_MACHINE, etc. But some old applications still assume these directories are writable, and if the system API simply returns access denied, these programs can’t run.

Therefore, Vista provides VirtualStore. For 32-bit programs running without administrator privileges, as long as there are write operations to these directories, the modified or added files will be copied to this user’s VirtualStore. The file at this path seen by the 32-bit program running under this user’s identity is the corresponding file in VirtualStore, and it knows nothing about any modifications to the file at the original path.

Some users of the LUG VPN hope to use the VPN only for certain specific IPs, while OpenVPN defaults to using the VPN for all. Perhaps my search skills are too poor, I didn’t Google a reliable answer. Readers without patience can directly look at my solution:

1
2
3
4
5
6
7
8
9
10
11

$ echo "script-security 2" >>/etc/openvpn/client.conf
$ echo "up /usr/local/bin/remove-ovpn-defroute" >>/etc/openvpn/client.conf

$ cat /usr/local/bin/remove-ovpn-defroute
#!/bin/sh
(
    sleep 2 # wait for routing table to be flushed
    ip route del 0.0.0.0/1 dev tun0
    ip route del 128.0.0.0/1 dev tun0
) &
exit 0

A few days ago at a student gathering, someone raised a question: Why is it that many people can watch TV without lag, but watching live video on the internet lags? Television is broadcast (essentially the same as radio), while internet video is delivered via point-to-point IP networks. For each additional viewer, the server has to send an additional set of data.

So how exactly is internet video delivered to every household? I’ve stolen some popular science knowledge from the top academic conference in the communications field, SIGCOMM 2013, to share with everyone.

Many companies have started their interview process recently. A few days ago, a good friend of mine applied for a job at an internet company known as “Engineer’s Paradise”, but unfortunately failed in the first round of interviews. The reason might be that he spent an hour on a tree algorithm problem. I think it’s too rigid to judge a person’s ability based on a single algorithm problem. Of course, such companies may have too many applicants and don’t have time to carefully evaluate each one.

Tonight, a classmate took me to visit Tsinghua University and we took a detour to Tsinghua Science Park. I guess I can say I’ve been to the door of this company that countless programmers aspire to. On the way back, I was thinking about the possible drawbacks of pure algorithm problem interviews. On coolshell, I saw articles with similar views to mine, “Why I Oppose Pure Algorithm Interview Questions“, “How I Hire Programmers“, and “Further Discussion on ‘How I Hire Programmers’“. So I plucked up the courage to share my simple & naive views with you all. All kinds of brickbats are welcome.

I just finished the make-up exam for the database course. I am sharing my reading report here (also hoping to pass~).

“Seven Databases in Seven Weeks” was published in 2012, introducing the seven most popular open-source databases, including relational databases (PostgreSQL), key-value databases (Riak, Redis), column-oriented databases (HBase), document-oriented databases (MongoDB, CouchDB), and graph databases (Neo4j). Except for PostgreSQL, the other six databases can be collectively referred to as NoSQL, meaning they do not use the relational model and do not use SQL as the query language.

This book imitates the style of “Seven Languages in Seven Weeks”, with one chapter for each database, divided into three sections, named Day One, Day Two, and Day Three. Unlike the official documentation of the databases, this book does not simply introduce each technology, but discusses the core basic concepts of each technology, enabling readers to understand the advantages and disadvantages of each database and which database should be used under what requirements.

Note: For those who are not familiar with mirrors, please read “How USTC Open Source Software Mirror is Made“ first.

Trouble Starts with iSCSI

The story begins on June 26, 2013. Mirrors has a disk array directly connected by a network cable, using the iSCSI protocol, with an XFS file system on it. Around 14:00 on June 26, stephen reported in the mailing list that mirrors was down. According to syslog, at 13:58 on June 26, the iSCSI connection timed out, causing sdg access failure, a large number of I/O operations were stuck, causing nginx to be stuck, mirrors HTTP could not connect. A few minutes later, I/O timed out, nginx returned to normal, but the sources on the disk array could not be used.