[devnexus 2022] meta-modern software architecture

Speaker: Neal Ford from thoughtworks

@neal4d

Link to table of contents

———————

Were architectures come from

  • Architecture is reactive
  • Someone starts doing something, then others do
  • Once a bunch doing, named (after the fact)
  • Reflection on how doing software development at the time
  • Once in an architecture, can watch how it grows and changes

Eras

  • Victorian – 1801-1900 – science, cassifying natural world
  • Modernism – 1890-1945 – industriial revolution, explosive growth of cities, abstract art, radio.
  • Post-modernism – 1946-1990 – push back about modernism, irony, questioning everything, television, Seinfield’s ”never hug, never learn”
  • Post-post modernism or metamodernism – 1990-present – internet
  • Naming things is hard. Not just in software. Modernism is bad choice of name because what would come next

Metamodern

  • In 1989, to find out Chicago weather would need to watch Weather Channel and wait for it to cycle around or go to library. Now pull it up onlie.
  • In 1989, could read a few books and know pretty much everything about wine. Now too much info and keep generating more.
  • Holism – view various systems as whole
  • Parks and recreating is first meta-modern show
  • Breaking bad – colo driven – yellow is safe and purple is bad
  • Return to sentimentaliitiy. Can’t live on ironism alone

Software architecture

  • microservices – one of most popular pages on Martin Fowler’s website. Say what it is and more importantly, what it isn’t.
  • First law of software architecture: ”Everything in software architecture is a tradeoff”. If you haven’t encountered yet, will be in the future
  • Reuse reduces complexity but comes with high coupling
  • Metamodern software architect needs to do tradeoff analysis. Ex: things that change slowly are good for reuse such as frameworks and OS
  • service mesh and sidecar pattern – orthogonal coupling

Books

  • ”Fundamentals of Software Architecture”
  • ”Software Architecture: the Hard Parts”
  • ”Data Mesh”

Forces

  • Consistency – atoic, eventual
  • Communication – sync, asych
  • Coordination – orchestrated, choreography
  • 8 possiblities by choosing one of each. ex: one is a monolith. All 8 can exist as pattern or antipattern.
  • Named them transactional sagas. epic, fantasy fiction, fairy tale, parallel, phone tag, horror story time travel, anthology

Richard Feinman

  • Computers used to be a room full of people (usually women) calculating things
  • Feyman added specialization and paralleliation. Some people are better at some tasks than others. And recovering from problems
  • 1945 – atomic bomb blast is what shifted eras
  • reonsider why continuing to do thing. revisit when reasons change

Internet

  • Pushed us to net era
  • Volkswagon used software to cheat on emissions test. Some people knew actively working to break the law
  • Facebook keeps getting busted for doing bad thigs – data breaches, illegally tracking users, Cambridge Analytica, using two factor for marketing.
  • Last week, Facebook made up a meme that TikTok that students slapping teachers. Then it became a self fulling prophacy

Finance and ethics

  • Modernism – double enry accounting
  • Post-modern – quants
  • Metamodern humane corporation, ethics. Recognize all connected to each other
  • Don’t want to create something cool and spening rest of career on appology tour
  • Apple, Google employees pushed back

My take

Fun start to the day. I hadn’t heard of the ”saga” approach before. Googling, at least some of them see to be a real thing. (and all are from ”the hard parts” book I also increased my book reading list. The end felt rushed. Maybe because started late?

QCon 2018 – Privacy Ethics – A Big Data Problem

Title: Privacy Ethics – A Big Data Problem
Speaker: Raghu Gollamudi

See the table of contents for more blog posts from the conference.


GPDR (General Data Protection Regulation) – took effect May 25, 2018

Data is exploding

  • Cost of storing data so low that it is essentially free
  • 250 petabytes of data a month. What comes ater petabytes?
  • Getting more data when acquire other companies
  • IOT data is ending up in massive data lakes

Sensitive information – varies by domain

  • Usernames
  • user base – customers could be sensitive for a law firm
  • location – the issue with a fitness tracker identifing location of a military base
  • purchases – disclosing someone is pregnant before they tell people
  • employee data

changes over time – collecting more data after decision made to log

Privacy vs security

  • privacy – individual right, focus on how data used, depends on context
  • security – protect information, focus on confidentiality/accessibility, explicit controls
  • privacy is an under invested market. Security is more mature [but still an issue]

Solutions

  • culture
  • invest more – GDPR fines orders of magniude higher than privacy budget
  • include in perormance reviews
  • barrier to entry – must do at least what Facebook does if in that space
  • security – encrypt, Anonymization/pseudonyization, audit logs, store credentials in vault
  • reuse – use solutions available to you
  • design for data integrity, authorization, conservative approach to privacy settings
  • include privacy related tasks in sprint
  • design in data retention – how long do you need it for
  • automation – label data (tag/classify/confidence score)   So can automate compliance. Score helps reduce false positives

EU currently strictest privacy policy  Germany and Brazil working on. There was a debate on whether it applies to EU citizens or residents. Mostly agreement that physical location matters

My take

I was expectng this to be more technical. There was a little about the implications of big data like automation. But it felt glossed over. I would have liked to see an example of some technique that involves big data. The session was fine. It covered a lot of areas in passing which is a good opening session – lets you know where to plan. I think not having the “what you will learn” session on the abstract made it harder to know what to expect. Maybe QCon should make this mandatory?