Welcome to Still Computing #2!

Still Computing is an email newsletter for curious programmers, largely written by members of the Recurse Center community.

The theme of this week’s issue is managing complexity over time. In her feature piece (an excerpt from her upcoming book), Marianne Bellotti shares some insights about the trade offs between coupling and complexity in systems design. We’ll also discuss working with legacy systems in and out of computing, and hear from some Recursers on their feelings about time zones (which are certainly an example of “managing complexity over time”!).

Like most people and organizations, we’ve been adjusting (and scrambling!) to react to the ongoing COVID-19 outbreak. Last week we made the decision to move all our operations online starting this week, and we’re working to get Recursers in our current and upcoming batch set up with new processes for chatting and collaborating.

We were originally planning on publishing a new issue of Still Computing every week. But given the extra work we’re having to do to figure out how to run RC online, we’re changing our newsletter schedule: we’ll now send an issue once every two weeks. Issue #3 will go our on March 31st, and Issue #4 will go out on April 13th.

The one silver lining to all of this is that you can participate in our Spring 2 batch remotely, from wherever you are in the world, as we’re running it online. It will still be a full-time, community driven experience, and we’ll be sticking to our usual schedule of Monday-Friday, 11 am - 5 pm EST. So if you’ve always wanted to come to RC but never been able to make the logistics work for you, now’s your chance! Read more on our blog and apply page.

Enjoy the issue, and we hope you’re all staying safe and healthy!

- James

In 1983, Charles Perrow coined the term normal accidents to describe systems that were so prone to failure, no amount of safety procedures could eliminate accidents entirely. According to Perrow, normal accidents are not the product of bad technology or incompetent staff. Systems that experience normal accidents display two important characteristics.

They are tightly coupled. When two separate components are dependent on each other, they are said to be coupled. In tightly coupled situations, there’s a high probability that changes with one component will affect the other. For example, if a change to one code base requires a corresponding change to another code base, the two repositories are tightly coupled. Loosely coupled components, on the other hand, are ones where changes made to a component don't necessarily affect the other.

Tightly coupled systems produce cascading effects. One change creates a response in another part of the system, which creates a response in another part of the system. Like a domino effect, parts of the system start executing without a human operator telling them to do so. If the system is simple, it is possible to anticipate how failure will happen and prevent it, which leads to the second characteristic of systems that experience normal accidents.

They are complex. Big systems are often complex, but not all complex systems are big. Signs of complexity in software include the number of direct dependencies and the depth of the dependency tree, the number of integrations, the hierarchy of users and ability to delegate, the number of edge cases the system must control for, the amount of input from untrusted sources, the amount of legal variety in that input, and so on. Computer systems naturally grow more complex as they age, because over time, we tend to add more and more features to them, which increases at least a few of the above characteristics. Computer systems also tend to start off tightly coupled and may in fact stay that way if we don’t prioritize refactoring the code occasionally.

Tightly coupled and complex systems are prone to failure because the coupling produces cascading effects, and the complexity makes the direction and course of those cascades impossible to predict.

If your goal is to reduce failures or minimize security risks, your best bet is to start by evaluating your system on those two characteristics: where are things tightly coupled, and where are things complex? Your goal should not be to eliminate all complexity and all coupling; there will be trade-offs in each specific instance.

Suppose you have three services that need to access the same data. If you configure them to talk to the same database, they are tightly coupled.

Such coupling creates a few potential problems. To begin with, any of the three services could make a change to the data that breaks the other two services. Any changes to the database schema have to be coordinated across all three services. By sharing a database, you might lose the scaling benefit of having three separate services, because as load increases on one service, it is passed down to the database, and the other services see a dip in performance.

However, giving each service its own database trades those problems for other potential problems. You now must figure out how to keep the data between the three separate databases consistent.

Loosening up the coupling of two components usually ends with the creation of additional abstraction layers, which raises the complexity of the system. Minimizing the complexity of systems tends to mean more reuse of common components, which tightens couplings. It’s not about transforming your system into something that is completely simple and uncoupled, it’s about being strategic about where you are coupled and where you are complex and to what degree. Places of complexity are areas where the human operators make the most mistakes and have the greatest probability of misunderstanding. Places of tight coupling are areas of acceleration where effects both good and bad will move faster, which means less time for intervention.

Once you have identified the parts of the system where there is tight coupling and where there is complexity, study the role those areas have played in past problems. Will changing the ratio of complexity to coupling make those problems better or worse?

A helpful way to think about this is to classify the types of failures you’ve seen so far. Problems that are caused by human beings failing to read something, understand something, or check something are usually improved by minimizing complexity. Problems that are caused by failures in monitoring or testing are usually improved by loosening the coupling (and thereby creating places for automated testing). Remember also that an incident can include both elements, so be thoughtful in your analysis. A human operator may have made a mistake to trigger the incident, but if that mistake was impossible to discover because the logs aren’t granular enough, minimizing complexity will not pay off as much as changing the coupling.

This is an excerpt from Marianne’s upcoming book about running complex legacy system modernizations, “Kill it with Fire,” which will be available from No Starch Press later this year.

Dear Zu is an advice column where anyone can pose a question to our community and get a taste of what it’s like to participate in RC. You submit questions (about code, tools, systems, jobs, or anything related to life as a programmer), we put them on Zulip, and then we publish some of the most interesting responses from our community of over 1700 really nice programmers in these letters!

This week, Lucas asks via Twitter:

How do you feel about time zones?

The conversation covered the cultural and social dimensions of time, leap seconds, and the foibles of the global timezone database. Also, Antarctica came up twice. Enjoy!

Grey: I think time zones are fascinating. It's easy to find loads of articles or videos full of people complaining about the arbitrariness of time zones, the odd exceptions to "whole number offsets of UTC", the times when countries changed their time zone or their approach to Daylight Savings Time, the concept of DST itself, etc. But I personally think that all this betrays the nature of time zones: Time zones are a mechanical reflection of a fully human, culturally-agreed practice.

The reason I say that time zones reflect culture is because of the little exceptions that other people tend to rag on. Yes, Samoa switched from UTC-11 to UTC+13 and skipped the entire day of 2011-12-30. This was because they were less culturally attached to America than they were when the original time zone was decided, and they wanted to reflect the fact that they were now culturally (and financially) much closer to Australia and New Zealand. Yes, China is all set to UTC+8, even though mainland China stretches across three or four time-zone-widths of land. This is because of the cultural impetus of the One China policy, and the Communist Party's attempts to create cultural unity within the vast country. (Also, if I remember right, people in western China tend to keep separate clocks on a time zone that's closer to their actual location, so that sunrise/sunset are closer to "natural" times that the rest of the world experiences them in.)

Perhaps my favorite example of time zones reflecting culture is the unofficial time zone of Australian Central Western Standard Time. A handful of small towns on the southern highway in Australia collectively decided to split the difference between Australian Western Standard Time (UTC+8) and Australian Central Standard Time (UTC+9:30) to create a sort of rogue time zone of UTC+8:45! The reason I call this a "rogue time zone" is because it's completely unofficial in terms of being recognized by Australian law (though there are official road signs that declare the time zone), but it still managed to sneak its way into time zone databases! You can set your computer to Australia/Eucla, and you'll join this rogue time zone yourself! (This is all the more remarkable when you consider that AWCST itself is only home to about 200 people. I think it's cool that it's accommodated in the global time zone databases.)

This is all to say that time zones are messy (and time in general is messy) because the world is messy. Even if you try to abolish time zones and get everyone on UTC, people are still going to set their clocks so that business hours are 8-5, and also occur when the sun is actually up (at least as best as you can do, latitude depending). Even if you try to abolish time zones and get everyone on UTC, you still have to deal with leap seconds, because the earth is as wibbly-wobbly as time is, and a year is not the same number of seconds long every time. The best you can do is to have enough warning when things change to update your systems, and try to accommodate people when they want to deviate from a tidy, sterile standard that doesn't fit their lived experience.

(But as long as we're getting rid of time zones, we might as well convert to Swatch Internet Time 😉.)

Ryan: I always enjoy quine atom! I want to offer a defense of time zone abolition 😈

I think that piece is overthinking the relationship between time and how people plan. It's convenient now that solar noon is around 12:00 each day, but if I want to phone a friend in Helsinki, it would be easy to search "when is solar noon in helsinki" or "when is sunrise in helsinki" and get an answer back in UTC, which I would then easily understand from my current context with no translation. I don't need to look at a work schedule or webcam to get that info, every search engine does that already. eg https://duckduckgo.com/?q=sunrise+in+helsinki

The stated conflicts regarding norms around typical work, school, and sleep schedules already exist with current timekeeping practices. The piece makes a convincing argument that getting rid of time zones doesn't simplify everything about scheduling, which remains a tricky topic. But it does make specifying a specific interval of time simple, which is what clock time ought to do in my opinion. Now uncoupled from messy geography, we can build other more appropriate ways of talking about local schedules like work, prayer, school, and eating. Each of those can be respectively simple as well. The current system of overloading time with a ton of concepts is the source of much of the complexity presented in that piece.

Fun indeed 😄

Laura:For my work (not at all user-facing), we convert to UTC as soon as possible, ideally at time of acquisition, so my main annoyances are when time libraries aren't as easy to use as I'd like. When we have bugs, they're easily caught in QC, since they're usually hours off. However, we also have to worry about GPS time, which drifts away from UTC very slowly -- there have been ~18 leap seconds, which are applied to UTC but not GPS. This shows up as subtly odd (or totally bogus) data products when you've applied the wrong offset. Because of course that offset is just a constant in various bash scripts, and it increments unpredictably (by definition). And it's not wrong enough to catch instantly when looking at plots.

Totally unrelated to programming, but the one time I loved time zones was when I was sleeping in a tent at the WAIS Divide field camp. For administrative efficiency, we were on the same time zone as McMurdo, despite being ~45 degrees to the east. This meant that when my working hours started at 0900 it was actually solar noon, so I was getting out of my sleeping bag at the absolute warmest part of the day =)

Chris: Timezones are tricky things.

I think there are two really important distinctions to make when thinking about them:

• Time vs. time/place
• Absolute vs. wall time

time vs. time/place: It's important to know for recording purposes if we care about the distance between two things in time and nothing else (which UTC is great at), or if we secretly also kinda care about where it occurred (timezones!). If we ever think that we might care about the timezone/where something occurred, that data has to be captured explicitly instead of just UTC plus an offset. At a previous gig where we cared about time a lot (medical startup), we had sites with static physical locations so we could infer that information, but if it's ever relevant later (especially since political boundaries change, people change what timezones they're in, etc.) it's best to have the location information in addition to the temporal data.

Absolute vs. wall time: The other major issue we deal with is whether the time we care about is absolute (x seconds from Unix epoch, whatever) versus wall time (0900 tomorrow). This matters a lot to end users, because usually people think in terms of what the clock on the wall says, and that can give a different interpretation than if you abide by strictly "5 hours from now" sort of mindset. This gets even more important when people talk about dates instead of datetimes...reporting on two days of activity is a great example of this: many people would expect "show me the last two days of activity" to include the previous two solar days instead of literally the last 48 hours from time of query. Basically, I'd argue that future dates should be stored in wall time, and historical dates in absolute time, unless your problem domain is specifically about intervals of time (say, timing rocket flight or something where you already have your own timeline).

Nat: Heavy +1 to Grey. Time zones are fascinating. Time is an incredibly complex concept that humans are constantly trying to build systems to explain. Reading through the history of tzdb shows how we are still learning all of the ways people used to deal with time, let alone how they deal with it now. Random countries change their minds because a new dictator comes into place, a small group decides it will interpret time differently. The great thing about all of these changes though is it doesn't change how everyone else understands it. Our global consensus on what time it is exists as long as you want to talk to someone not standing right next to you, which hopefully we will never stop doing.

Dylan: Though it's not a full answer to the question, in terms of fun stuff that happens with time zones, but check out how many tzdb entries there are for Indiana!

Timezones definitely shouldn't be abolished; local time is an extremely useful concept for dozens of reasons. It lets you map the same general notion of time onto anywhere you travel without having to Google for what time solar noon is and doing a bunch of math in your head and looking up what nearby regions a place syncs up their clocks with (solar noon in eastern China, for instance, is _not_ the same as "midday" from a business perspective)

Wesley: One fun activity is reading through the tzdb database. There are lots of fun comments, such as:

# From Susan Smith # http://www.cybertours.com/whs/pole10.html # (1995-11-13 16:24:56 +1300, no longer available): # We use the same time as McMurdo does. # And they use the same time as Christchurch, NZ does.... # One last quirk about South Pole time. # All the electric clocks are usually wrong. # Something about the generators running at 60.1hertz or something # makes all of the clocks run fast. So every couple of days, # we have to go around and set them back 5 minutes or so. # Maybe if we let them run fast all of the time, we'd get to leave here sooner!!

Suggested links from the thread:

• So You Want to Abolish Time Zones
• ICANN's time zone mailing list
• The Problem with Time & Timezones (video)
• UTC is enough for everyone, right?

Want to put a question to Zu? Send it to us at stillcomputing@recurse.com