Profile

Cover photo
Philipp Kern
Works at Google
Attended Karlsruhe Institute of Technology
Lives in München, Germany
264 followers|351,214 views
AboutPostsCollectionsReviews

Stream

Philipp Kern

Shared publicly  - 
 
I can live with the view from my hotel view in Kirkland, I think. Also: awesome weather and this city is incredibly green with all its trees...
8
Add a comment...

Philipp Kern

Shared publicly  - 
 
I'm in Seattle next week and I'll have some time on the weekend I need to remain awake on after a transatlantic flight. Anything to see/visit there? :)
2
Max Seifert's profile photoFlorian “octo” Forster's profile photoMichael Banck's profile photoMichael Stapelberg's profile photo
4 comments
 
Check out the Broadway with all its quirky shops and restaurants :)
Add a comment...

Philipp Kern

Shared publicly  - 
 
 
Google: »Introducing the self-driving bicycle in the Netherlands« "Only available on April, 1st"

Hi, +Matt Feigal! Awesome!
8 comments on original post
1
Add a comment...

Philipp Kern

Shared publicly  - 
 
Feels like it took way too long but the concept of the Maglev (one of the first layers of load balancing in Google's data centers) is finally public.
 
If you’ve ever wondered how our Compute Engine load balancing can serve a million requests a second without pre-warming, the answer is Maglev—our software network load balancer. Dig into the design details in our latest paper: https://goo.gl/qPEq6A
1 comment on original post
1
Add a comment...

Philipp Kern

Shared publicly  - 
 
 
TIL that in addition to enable/disable/start/stop/restart/reload/whatever, systemd's systemctl command also understand systemctl edit name-of-a-unit. Which does everything you would expect it to: respect your $EDITOR setting, make sure the file is replaced atomically, make sure the daemon reloads if the file has changed, make sure you end up creating an override unit in /etc if the original unit was in /lib (instead of editing stuff in /lib), check the syntax before replacing…

Seriously. These people get it.
3 comments on original post
2
Jimmy Kaplowitz's profile photo
 
Not present in Debian 8, RHEL 7, or older versions of each. Great feature in newer versions though!
Add a comment...

Philipp Kern

Shared publicly  - 
 
 
After being asked personally a few times and reading claims by others a few more, I thought I'd set the record straight....

Working at Google does not give you access to the data of users!

It's an easy assumption to make.  After all, most companies don't put internal access controls on data making it easy for every employee to access everything inside the firewall.  Google does not work that way.

Though there are many groups at Google, we'll simplify it into Software Engineering ("SWE") and Site Reliability Engineering ("SRE").  I was the latter for 5 years and I've been the former for 3.

SWE, in general, has access to nothing.  They run their code on their own workstations and sometimes test clusters with test data.  A few get access to anonymized user data for their service -- more on that later.

SRE is the group that owns the keys to the kingdom.  They're the group (actually many small groups) responsible for running Google services "in production".  They almost always have access to anonymized user data for their service and the ability to access "raw" logs if necessary, again for only their service.  The kicker is that, since around 2011, this latter access comes through a specific interface where you must explain with each request why you're doing this.  All those actions are logged and those logs are audited.  Misuse of the access will get you fired.

What is "misuse"?  I can't even look up my own queries.  I could be on-call for my service, have you on the phone fixing a problem with you saying, "go ahead" , and I still couldn't do it.  In five years, I only used raw logs twice, both on myself during training just so we'd know how.

So, for any given service, there may be somewhere between 10 and 100 people worldwide who could potentially access Personally Identifiable Information ("PII") of a user, but doing so without a good reason would be the end of them at the company.  And should that abusive employee somehow cause "material damage" to the company...  I don't even want to speculate.

On top of that, any attempt to track a single user, whether the user can be identified personally or not, will also get you fired.  Every user with any form of logs access has signed a paper (real paper, even) stating that they understand all this and the consequences.

This is serious stuff.  My own team would turn me in without a second thought if I did any of this.  And I'd do the same to them.

What are "anonymized" logs?  They're the requests that have had all PII stripped.  No IP address.  No account identifier.  No geo-locating finer than the city, etc.

Disclaimer:  I work for Google (obviously).  These thoughts are mine and mine alone.  Mine, I tell you!  Mine!!!
98 comments on original post
6
Add a comment...
Have him in circles
264 people
roselyn sellens's profile photo
Claudio Omar Biale's profile photo
Katharina Göbel's profile photo
Chris Danie's profile photo
Faidon Liambotis's profile photo
Tianyi Wang (天轶)'s profile photo
ARIN (American Registry for Internet Numbers)'s profile photo
Hideki Yamane's profile photo
christian strenge's profile photo

Philipp Kern

Shared publicly  - 
 
Terrible ideas for 100: require-from-twitter.
require-from-twitter
5
1
Mark A (Crashman4499)'s profile photo
 
That squirrel is a picture perfect example of the OPPOSITE of "bow(ing) down" ... Interestingly, it still works.
Add a comment...

Philipp Kern

Shared publicly  - 
 
Did anyone have success recently in using the pstore module to log kernel panics in some persistent storage like UEFI variables? I tried setting the EFI and ESRT backends but I never got a dump there after forcing a panic using sysrq-trigger. And I also couldn't find much current documentation about this feature either. :(
1
Steve Langasek's profile photoPhilipp Kern's profile photo
2 comments
 
From the module parameters it looks turned on but I'm not sure if the Ubuntu kernel is configured to actually feed it data on panic. (Or anything really, the directory is empty and doesn't seem writable from user space.)
Add a comment...

Philipp Kern

Shared publicly  - 
 
Coincidentally the only data center I have visited myself. In absolute terms almost no Googler gets to see a data center. So having a public video - even if staged - is kinda awesome.
 
Step inside a Google data center with our virtual reality tour. Best viewed in cardboard but it works well on phones too, move your phone to look around. 
6 comments on original post
1
Add a comment...

Philipp Kern

Shared publicly  - 
 
 
Böhmermann singt der AfD ein Ständchen…

… und sticht, sticht, sticht!
 ·  Translate
View original post
1
Add a comment...

Philipp Kern

Shared publicly  - 
 
 
I could have done with this visualisation when learning Go concurrency. Beautifully done.
1 comment on original post
1
Add a comment...
Philipp's Collections
People
Have him in circles
264 people
roselyn sellens's profile photo
Claudio Omar Biale's profile photo
Katharina Göbel's profile photo
Chris Danie's profile photo
Faidon Liambotis's profile photo
Tianyi Wang (天轶)'s profile photo
ARIN (American Registry for Internet Numbers)'s profile photo
Hideki Yamane's profile photo
christian strenge's profile photo
Work
Occupation
Site Reliability Engineer
Employment
  • Google
    Site Reliability Engineer, 2012 - present
    Corporate Engineering
  • Steinbuch Centre for Computing
    Studentische Hilfskraft, 2008 - 2012
    Network administration, IPv6 evangelist
  • Proventa AG
    Junior Consultant, 2010 - 2011
    Linux system administration
  • Karlsruhe Institute of Technology
    Studentische Hilfskraft, 2009 - 2010
    Mainframe administration
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
München, Germany
Previously
Karlsruhe, Germany - Neuried, Germany
Links
Other profiles
Contributor to
Story
Tagline
SRE, Coffee addict, Debian developer
Introduction
Disclaimer: Although I work for Google, my opinions and comments are my own and must not be interpreted as official statements.
Education
  • Karlsruhe Institute of Technology
    Diplom-Informatiker, 2006 - 2013
  • Grimmelshausen-Gymnasium Offenburg
    Abitur, 1997 - 2006
Basic Information
Gender
Male
Public - 8 months ago
reviewed 8 months ago
1 review
Map
Map
Map