Slashdot Mirror
Facebook Goes To 64 Bit User IDs
NewsCloud writes "Facebook has announced to developers that they are moving to a 64 bit user ID in November. At 32 bits, the current ID allows nearly 4.3 billion user accounts. Yet, despite having only 47 million users today, Facebook's move to 64 bits will allow it to have more than 18 quintillion (18,446,744,074,000,000,000) user accounts. Of course, there are currently only about 6.5 billion people in the world. Is Facebook setting their sights beyond Earth or just trying to avoid what happened when Slashdot ran out of space for comment IDs last year. Perhaps they are planning to implement personas."
Never heard of it, but I already want my own account, or two.
Reminds me of a Facebook group: "If this group reaches 4,294,967,296 it might cause an integer overflow."
"Anyone who [rips a CD] is probably engaging in copyright infringement." - David O. Carson
One thing to keep in mind is the userid is network ID + user ID for that network
For my user ID the network ID takes up the first 6 digits
Although I have heard that they stopped this practice and are just assigning IDs
My UID is prime... is yours?
The "Slashdot ran out of space for comment IDs" link doesn't work.
You can get to the referenced article at:
http://meta.slashdot.org/article.pl?sid=06/11/09/1534204
You can be your own 5000 best friends.
Sorry, but that was probably more suited towards the Myspace crowd. You fail.
Earn a % of cash back from Newegg, Tiger Direct, Walmart.com, and more: http://www.mrrebates.com?refid=458505
Come back MySpace all is forgiven ...
finally I can register my bacteria colony!!
staphylococcus aureus #19392133943904 is in a relationship with staphylococcus caprae #93939394839483934
The untethered verve and misplaced authority made this one of the better trolls I've read on this site. Very funny.
I had hoped never to read an explaination of 64 bit integers like this on slashdot.. News for nerds? :(
PC World (and similar types of magazines) has more technical articles than slashdot now..
This has to one of the dumbest articles to reach the slashdot headlines.
So basically facebook changed there maximum users from a huge number to an even bigger number.
Are we going to post a news story everytime google adds to their storage system?
or microsoft adds another bloated line of code?
or everytime the telco's build a tower?
Clearly this is meant to accommodate two-faced people, people of multi-faced discrimination, and Hexadecimal.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
If it is worth doing, it is worth overdoing.
I, for one, welcome our facebook-using, alien overlords. They will obviously soon be here, so I would like to remind them that, as a trusted Slashbot, I could be helpful in rounding up other coders to toil in their underground cubicle-farms..
I for one will take go with Facebook's initiative to welcome our new alien overlords who will certainly see Facebook's superiority to Myspace.
Help Me! I'm trapped in the tubes! Oh noes! Here comes a internet!
TFA says nothing specific to 'user ids' - it says object ids in general. I assume this includes things like comment ids, event ids, etc - which makes overflowing the 32 bit limit much more reasonable.
find / -name "*.sig" | xargs rm
Would've been funnier if it had anything at all to do with 64-bit.
Don't thank God, thank a doctor!
If you want news from today, you have to come back tomorrow.
If you think you might ever have more than 2^32 of something, you kind of have to go to 2^64. Yes. It's an obscene ammount of possibilities; but it's the next biggest size. You really don't have much of a choice here. You could implement 5-byte numbers, but it'd be a PiTA. No CPUs have native 5-byte ints. The progression has always been a doubling of int size.
If that doesn't make sense, you shouldn't be on Slashdot. Maybe you should be someplace else... like Facebook maybe?
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
They have to do something, what with all those pretty girls wanting to get to know me and give me private shows...
FlyingPizzas.com, for the tasteful hermit
The difference being that the current (huge) number was not quite sufficient to register all human beings on the planet, so we have to wonder why they did this. 32-bit integers are kind of the default, so most people wouldn't worry about it. So why are they doing this?
If you look, this article is filed under "It's funny. Laugh." And it is, really. Either Facebook is doing this for no good reason, or someone actually has some justification for going to the time and expense to change their database in this way. And so... Are they really planning on registering more human beings that exist?
I realize it's not funny to you now, as you've had to have the joke explained to you...
If they suddenly went from 2 gigs of email to 5 exabytes, then yes.
Also, keep in mind that Slashdot did cover when Gmail was first released with that 2 gigs, which seemed impossibly huge, and was at least one or two orders of magnitude larger than their closest competitor.
Don't thank God, thank a doctor!
640k sock puppets ought to be enough for anybody.
There is a group trying to cause an integer overflow; either from comment or member numbers. This may impede their (hopeless) progress. It is titled, "If this group reaches 4,294,967,296 it might cause an integer overflow."
The other thing to remember is that there might be a certain number of people in the world at any one time, but that people are born and die within that time [and old ones won't be deleted]. I don't think it's inconceivable that Facebook might reach their current limit in 20-25 years.
Even it if it's just user IDs, and not object IDs as another user posted...
* 64-bit user IDs are easier to partition. They could be using the top N bits as a database ID.
* They may want to allocate the IDs randomly instead of sequentially. 64-bit IDs would involve fewer collisions.
* We don't know what their account churn rate is; if people sign up, forget, and create new accounts again frequently, they could have many more than 47 million dormant accounts sitting around.
A 32-bit ID really does get cramped when you have a large user base.
64 bits are WAY FASTER than 32 bits!
How can I believe you when you tell me what I don't want to hear?
FP trolls are almost never related to the article. And at least it's a change from that overused "shit eating" copypasta we've been seeing the last few weeks.
64 bits ought to be enough for everyone.
I don't know anything about what you can or can't do with a facebook id number, but it could be a way to increase the sparseness so they're harder to guess for some sort of security reason (well founded or not...)?
...is it backwards compatible with web 1.0...?
There is more to science than physics!
www.iomalfunction.blogspot.com
They're getting ready to register all of the robots that we're going to marry in the future.
Not all of the bits of an ID are necessarily there for uniqueness. Wider ID's allow for features such as check digits (being able to tell whether an ID is valid without doing an existence query in a remote database) and other information. Namely, various immutable properties of the object that is denoted by the ID can be stored in the ID itself. This is similar to using spare bits within a machine address for tagging an object with a type or other attribute. It may be very useful to be able to tell something about an object just from the ID alone.
Or maybe it just means they don't want to disable and reclaim/recycle the 20 idle/unused/abandoned IDs each person has... Or did you really think over 1 million people that read Slashdot registered for accounts (just one each)?
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
They actually are increasing the Object ID to 64-bits. The announcement is confusingly written, given, but objects in their system are things like events, groups, and basically everything. It's easy to imagine that they would hit the 32-bit limit on these at some point.
... more then one facebook account. I know I have.
"all you will ever need is 64k of user IDs"
Finally, a little sensitivity for those of us with DID [wikipedia.org]
We can all just join "If this group reaches 18,446,744,073,709,551,616, it WILL cause an overflow"
So they changed the column type of userId from INT32 to INT64. Who gives a fuck? It would be much less expensive for Slashdot to simply post SQL change logs than to have editors on the clock.
We need the ability to mod stories, so that the editors can more clearly see when they aren't doing their job.
Mark Zuckerberg is way past 32 bits in his valuation of Facebook. The guy thinks this thing is worth something like $10B, and the number grows every day. I guess he's getting ready to some seriously insane delusions of grandeur before the bubble bursts and washes away his pile of crap.
I just changed the type of column "content" on my blog from "text" to "mediumtext". I'm ready to give a press conference as to the reason behind my decision to all interested.
What about population growth? Surely current number of users is much less than 2^32, but number of possible users is not number of people in the world at this time. Imagine that the world has exactly 2^32 inhabitants and everyone has a facebook account. What would you do with new-borns? Will you reuse accounts?
There is difference between user accounts and active user accounts. Number of active user accounts can not be larger than actual population of the world, if we consider maximum of one account per user. However, total number of accounts in history can be much much larger.
First they ignore you, then they laugh at you, then they fight you, then you win.
-you can harden your security by populating the user-id space sparsely. Somebody who is guessing for an user id will have an hard time.
-It can make things easier to have your user groups organized according to geographic location, company issuing th id (e.g. local branch), etc.
-Multiple log ins. Who knows. maybe it is easier to associate internally several uids with each uid (could make things more static).
So let's say:
10 bit for segmentation
20 for checksumming
4 for multiple logins
leaves only 29 bit as payload
Or somebody was just dumb and wanted to make sure he is not fired until all applicaitons are switched
mysql> alter table users modify user_id int(20) unsigned not null auto_increment;
not sure how this makes news... sounds like they are just releasing press releases to release press releases...
IPv6 uses 128-bit addresses. Just a reminder, in case you thought 64-bit user ids were ridiculous...
GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
Do you think advertisers will finally catch on once they get 7 billion unique visitors from Facebook ?
Wanna fight ? Bend over, stick your head up your ass, and fight for air.
Also if you allocate IDs sparsely this improves security.
Reduce, reuse, cycle
Perhaps they should save themselves some trouble in a few millennia's time and just switch to UUIDs.
Talk about optimism...
That's how much he was drinking before writing that post.
The Tao of math: The numbers you can count are not the real numbers.
If you read the article, it refers to event IDs. Which means, of course, that everything (?) that happens on Facebook is assigned an integer and they were running out of integers or at least foresaw that possibility. This is much, much more reasonable than wanting to register more people than exist on the earth right now. But it makes it a lot less newsworthy, and a whole lot more boring.
What is is all that is. Isn't that obvious?
I've never heard about Facebook. Until few weeks ago, when Slashdot editors started spamming with Facebook related "news".
How much did you get, to start spamming your own userbase with worthless news about Facebook?
What will be next - "Facebook upgrades hardware"?
Maybe there is some way to spam users by ID or they are afraid there will be one.
With 47 mil subscribers and 32-bit keys. 1% of randomly generated keys would be real ones.
With 64-bit keys, that drops to 2.5x10^-10 %.
# rm -rf /
is shorter, and it does.
you can harden your security by populating the user-id space sparsely. Somebody who is guessing for an user id will have an hard time.
Nah. Any web app that lets you see something you shouldn't see by guessing the ID is broken, period (not to say there aren't a lot of broken web apps). I gotta think Facebook's smarter than that. What if you already knew the ID (because someone used to be your friend) and they delist you? You have to check permissions at the server side.
alter table users alter user_id bigint;
Somebody call Reuters!
Why not just use strings to avoid the issues of fixed-byte integers? True, strings are not as compact, but that is the price of flexibility. (Add letters to increase the base to improve their compactness a bit.)
Table-ized A.I.
It is a big risk to use ID's to store "extra" information such as location. (Although I have no problem with check-sums, but that is not an object attribute but an attribute of the ID itself.) There are rarely truly "immutable" attributes of the entities/objects that the ID references. Typo's etc. require the ability to fix incorrect attributes, and if you stuff these into ID's, then you have more stuff to repair and undo. I challenge you to give me example attributes from something along the lines of Facebook that are truly immutable.
Somebody suggested "date of joining the service". However, what if you find an error with the date assignment, but the ID's are otherwise usable? If you fix the embedded date, then you have to assign them all new ID's. If the date is stored in another attribute/column, then you only have to fix that one column and not touch the ID's. Or, what if management decides to hide the dates after somebody figures out how to decode them and makes a website about it?
They used to do attribute embedding like this in the 60's and 70's to save space, but it created lots of problems down the road with corrections and migrations. Independence of attributes is a good lesson learned the hard way. ID's are best if they are "dumb" identifiers, only serving to identify a particular object/instance/record.
Table-ized A.I.
Well aren't you clever. Since you like numbers, here's a numerical comparison. The number of atoms in the observable universe is around 6e79. The number of deleted Hotmail accounts is expected to exceed that around 2010 or so. They should've gone 1024 bits while they were at it.
Only one out 10,000 credit card numbers is valid, so you kind of have to steal numbers rather than guess them.
Mod Correction: gay == flamerbait
so close
> Any web app that lets you see something you shouldn't see by guessing the ID is broken, period
No doubt about that! However, if somebody tries to attack in that way it is easier to fend of, because you can allow for a checksum. Instead of making a DB query for each hit, you make a DB query only if the ID lies in the codespace. So certain DOS attacks are more difficult.
> (not to say there aren't a lot of broken web apps).
Hell yeah!
> I gotta think Facebook's smarter than that.
Maybe they are smart enough to know that thay are a big company now and that not everybody in a big company is smart or every intern well supervised!
No doubt about that! However, if somebody tries to attack in that way it is easier to fend of, because you can allow for a checksum. Instead of making a DB query for each hit, you make a DB query only if the ID lies in the codespace. So certain DOS attacks are more difficult.
D'oh! Excellent point. Can you tell I'm used to having front-line servers do rate limiting and authentication, and not used to talking straight HTTP to the masses?
So they're planning for the future, when they could possibly run out of IDs, and everyone is crucifying them for it. Are our memories that shortsighted, the "omg Y to K" chaos was only a few years ago, kids.
Enough said in the Subject.
Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?