21 years and counting of 'eight fallacies of distributed computing' (2025)

Posted by teleforce 2 days ago

Comments

Comment by mrkeen 2 days ago

A couple more that don't seem to be represented there. No mention of cause and effect, or the order in which different nodes perceive things happening? Anyway here's three which I think might be more relevant to designing and building software:

* Your system is not a distributed system

Multiple users connect, disconnect, and use your system at the same time, some of the code is running on your servers, some of it's in your partners' servers, some of it's in your storage layer, and some of it's running on your users' computers

* Your DB's ACID transactions are sufficient for distributed thinking

An ACID transaction lets you addUser() to your storage, either succeeding completely or failing completely, with no observable intermediate state. It does not let both your frontend and your storage layer addUser(), same with both your storage and your partner's storage.

* Your DB's transactions are ACID

Your DB vendors cannot build databases that are acceptably fast while running ACID. Therefore isolation is relaxed and transactions can commit through each other. Even if the DB itself was ACID, your ORM and/or programming style is likely breaking ACID independently of the DB configuration.

Comment by bayindirh 2 days ago

Another one from my experience:

* Hardware is cheap.

So many services and daemons are running on your system and most of them believe that they have all the hardware for themselves, while the opposite is true. Designing to capitalize whole hardware while they are other processes which are fighting to do the same never ends well.

OTOH, being a good citizen on a crowded system makes life for everyone better. Both maintenance and performance-wise.

Comment by rusk 2 days ago

> No mention of cause and effect, or the order in which different nodes perceive things happening?

8. The network is homogeneous

Often misconstrued as a recapitulation of “there is one administrator”

A homogenous system, such as a single node Java application, for instance usually provides very clear semantics for this.

Comment by anax32 2 days ago

* You will have logs

Always gets me

Comment by jffhn 2 days ago

Also, the four fallacies of local computing:

- The CPU is infinitely fast.

- RAM is infinite.

- CPU caches don't exist.

- Cache lines don't exist.

Comment by mojuba 2 days ago

- The computer is plugged to an infinite source of unlimited power

This was big before the mobile era and is true to this day to an extent. Many mainstream languages created in the 1990s (I call them "the children of the 1990s") were designed with this fallacy plus the ones you listed as a basis: JavaScript, Python, Ruby, Java, etc.

Comment by gf000 2 days ago

Java is basically the "greenest" managed language out there, so not sure putting it into the same list for energy efficiency is warranted. Though of course energy efficiency is fundamentally linked to memory usage, not destructing/collecting dead objects will increase memory usage but increase efficiency.

https://www.sciencedirect.com/science/article/pii/S016764232...

Comment by rusk 2 days ago

Indeed, the Java mobile platform had power consciousness baked in 25 or so years ago.

Comment by kator 2 days ago

Reading your link IMHO in today's world I would set a basic rule, if you're touching >20% of a Java codebase you should refactor to Rust. With AI-Native development practices it's worth the SDE time to refactor, replace the underlying subsytem and reduce your fleet by 50% or more.

Comment by gf000 2 days ago

Unless you are doing something very specific where rust is truly the best choice, I have to disagree.

Rust has overly strict locking (otherwise it couldn't determine safety) that makes certain concurrent algorithms harder to implement, its concurrency model is significantly more complex (for an absolutely good reason, it's a low-level language where the developer should be in control), meanwhile for many applications Java can just have you write ordinary blocking code and they will automagically turn into non-blocking.

For most domains Java has a richer "industry-strength" library ecosystem, and absolutely not even close observability tools. So not really sure what would one win for e.g. a typical backend service doing web and db requests.

Comment by rusk 2 days ago

> not really sure what would one win

Internet pointz

Comment by inigyou 2 days ago

You hate Java so much you think AI code is better? You're not even getting memory safety from the deal, because Java already has it.

Comment by mcculley 2 days ago

I encourage my competitors to refactor a working codebase into a different language.

Comment by necovek 2 days ago

Ideally by adopting a different architecture at the same time so they fix everything that is troublesome in their existing product!

Comment by nine_k 2 days ago

JIT gives you almost native performance. AI rewriting tools give you none of the knowledge of running the thing in production. A couple of noticeable mishaps could cost more than halving your fleet saves.

Comment by vrighter 2 days ago

better than native, sometimes, due to the ability to profile and do profile guided recompilation at runtime

Comment by rusk 2 days ago

Was big before the AMD athlon. First commodity GHz processor was also the first to make obscene power demands.

Comment by adornKey 2 days ago

Today even tiny CPUs are really fast. Locally you have to mess up badly to run into trouble. But of course people will do exactly that...

Most real world problems still can be solved with 32-bit software, so the last ~20 years running out of RAM always counted as "using defective hardware". AI workloads now make things interesting again, but it's not that easy to hit the ceiling with real world workload.

Cache is indeed very important. Optimisations like that are gone when you go for distributed computing. Sometimes adding a single nop can do wonders. I wonder how many percent of developers have something in their toolbox to profile for that.

Comment by bigiain 1 day ago

I think there's a very different perspective on this between people old enough to have written assembly for 8 bit cpus like 6502 or Z80 often with well under 64kb of total system memory - compared to people who grew up in the age where the "starting coding" choices were something like "Angular or React?" and each browser tab could consume a GB or two of memory.

I'm not trying to say "greybeards are better" or "younger developers don't understand fundamentals" - it's more that the learned/ingrained abstractions those two types of developers start from are very very different. People who were familiar with concepts like the 6502's zero page where you get faster performance because you can use 8 bit addressing to access the first 256 _bytes_ of memory, end up with different mental tools and thinking than, say, people who started out their development learning about asynchronous callbacks and promises. One isn't better or worse than the other - but they are very very different.

(Even today's "tiny" CPUs are commonly 32 bit multi core SOCs. ESP32 kinda took over what used to be done with 8bit atmel Arduino class CPUs)

Comment by rusk 2 days ago

Arguably cache concerns are distributed computing concepts moving closer to the core. Same with concurrency semantics. These were far more exotic concepts when the fallacies were first written.

Very easy to hit the 3GB limit imposed by 32-bit architecture for any non trivial data processing app but luckily 64-bit is firmly established for at least 10 years

Comment by eric__cartman 2 days ago

It's more niche but also underestimating the impact of using SIMD in places where it makes sense. Especially in higher level, interpreted programming languages where the overhead for each iteration is much larger than the few assembly instructions it would take to perform that iteration without vectorization in a low level language.

Comment by necovek 2 days ago

Disk never gets filled up.

Comment by rusk 2 days ago

This article reiterates a lot of the Wikipedia stuff, while contradicting the main extant source which is Deutsch himself (https://se-radio.net/2021/07/episode-470-l-peter-deutsch-on-...). Nobody really knows who wrote the first four fallacies. They were just floating around it is Deutsch who pinned them down and it was Gosling’s endorsement that made them into the shibboleth that they are.

Comment by stonogo 2 days ago

Deutsch speculated it was "either Bill or Dick Lyon" (sic) (https://web.archive.org/web/20040203202935/http://www.aladdi...) but there has been speculation he meant Tom Lyon, who worked there at the time. Gosling had them hosted on his website for a long time (https://web.archive.org/web/20021206065457/http://java.sun.c...)

Comment by rusk 2 days ago

Yes, he didn’t really know. So the original attribution is fuzzy

Gosling still has them on his present day site https://nighthacks.com/jag/blog/401/index.html

Comment by jrpelkonen 2 days ago

In this instance latency must’ve been 10 years, per my memory this paper came out in 1994

Comment by rusk 2 days ago

According to Wikipedia it was first shown to Scott McNeally, but according to Deutsch himself it was more like 92…

Comment by zephen 2 days ago

On the one hand, the list isn't wrong.

On the other hand, more fortunes have been made by assuming that physics will catch up (closely enough, anyway) to computational needs, than by assuming that every byte and every cycle and every nanosecond matters.

Comment by inigyou 2 days ago

In 2026 Moore's law has mostly stopped. My computer from 10 years ago still has acceptable performance today. My computer from 15 years ago would struggle a bit but still get the job done. This is nothing like the 90s where you actually could wait two years for all of that year's conceivable performance problems to be solved.

Comment by gf000 2 days ago

Dennard scaling has stopped (performance/clock speed increasing), Moore's law means mostly transistor count or density. The former is still going strong, the latter is slowing down.

Comment by neonstatic 2 days ago

[dead]

Comment by shermantanktop 2 days ago

Making money and being highly available are different goals.

Comment by rusk 2 days ago

Stock markets and commercial Telecomms beg to differ

Comment by inigyou 2 days ago

Is every business a stock market and commercial Telecomm?

Comment by saltcured 2 days ago

Asymptotically, every billing system is a stock market and telecom. ;-)

My biggest career horror was realizing how much the medical informatics concepts have been structured around billing and insurance rather than scientific, biomedical requirements.

Comment by rusk 2 days ago

> Making money and being highly available are different goals.

These are large, highly profitable vertical markets.

The above remark is demonstrably foolish and ignorant.

Comment by shermantanktop 2 days ago

Can you make money without being highly available?

Can you be highly available without making money?

And btw I've worked in both the industries you cite. It's hard to think of telecomms having amazing uptime when you have to write a restart script for a core security daemon because the sysadmin doesn't know how.

Comment by rusk 2 days ago

Can you type without committing the most basic logical fallacies?

This is what they’re teaching kids in school now. Dawww conputerz

Comment by IAmBroom 2 days ago

OK, fine:

Making money and being highly available often different goals.

Comment by rusk 1 day ago

Not if being highly available is central to your business model which is about half the industry

Comment by RetroTechie 2 days ago

That's like saying money is only spent on sw/hw systems which rely on ever-growing compute capacity.

Reality: embedded systems are a thing. And there's (lots of!) money in that business too. There's maaaany applications where some (fixed) amount of compute does the job, and the simplest/cheapest device that does it wins out.

Comment by zephen 1 day ago

> Reality: embedded systems are a thing.

I've worked in embedded, and chips, and embedded chips for most of my career.

> There's maaaany applications where some (fixed) amount of compute does the job, and the simplest/cheapest device that does it wins out.

There's usually quite a bit factored in for slop in these days, because time-to-market is a thing. There's also sometimes a cost-reduction stage (yeah, I've been involved in cost reductions where a penny a unit was awesome), but you don't bother doing the cost-reduction phase unless you have the volume to support it.

Warren Buffet famously said that "Concentration builds wealth, diversification preserves it."

In much of computing, even embedded, demos and prototypes build a product, and the right-sizing of everything to make it even more profitable happens later, if it is worth it.

Comment by aussieguy1234 2 days ago

This is highly relevant to the recent craze over microservices, which has settled down now (after un-neccasarily complicating systems at multiple companies).

Comment by rusk 2 days ago

Micoserices or Monolith. It’s like being caught between the devil and the deep blue see. It’s a pity domain sockets never took off but I guess TCP/IP is the only truly cross platform IPC mechanism …

Comment by inigyou 2 days ago

Aren't Windows's named pipes very similar?

Comment by rusk 2 days ago

I believe so.

I don’t think either that or domain sockets are quite as ubiquitous as TCP sockets though.

The issue I see with domain sockets is that although they may be supported for example by spring, you can’t rely on a consistent cross platform experience which is perhaps (anachronistically?) a core ethic of the Java community.

I would favour domain sockets as to make a component go from being embedded to networked would require a small but significant implementation step.

But established best practice unfortunately disagrees with me.

Comment by inigyou 2 days ago

The more interesting thing on Windows would actually be COM, which is something like Java interfaces but for native code, that are optionally cross-process.

Comment by rusk 2 days ago

In my recollection COM became ActiveX which fell down the distributed objects hole along with CORBA because it embodied many of these fallacies.

Comment by inigyou 1 day ago

COM still exists. That is like saying Java fell down the Spring framework rabbit hole. It did, but you can still use Java without using Spring.

Comment by rusk 1 day ago

It still exists? Like Java still exists

Comment by inigyou 6 hours ago

It still exists and it's used by windows APIs, even recently designed ones

Comment by master_crab 2 days ago

There needs to be a distinction - because people are making an honest conflation - between distributed computing and cloud computing. The list in the article applies to both, but the limits and performance variability can apply quicker - and with more effect - in the cloud.

Comment by duxup 1 day ago

When I worked with high end networking equipment latency, bandwidth, jitter and bursty traffic was just a never ending conversation…

Comment by randfur 2 days ago

Do people actually believe these dot points or are they just out of scope for most applications to tackle beyond letting the user try again?

Comment by rusk 2 days ago

Perfect demonstration of the fallacies in action! If you were used to developing applications on a self contained platform you would think something like “sure, if it fails the user can try again”

On a distributed system the user can only try again if the platform has remained stable, the failure is transient (*) and they have (crucially) have been given the information to retry.

The platform that provides a stable environment for the user to just try again has been built on these principles.

(*) there is one administrator assumes it is within the user’s power to resolve the issue

Comment by Nicook 2 days ago

>we'll just add this feature on as some async verification since it takes a while, then make the original update wait in some weird state for it to finish.

Later, when users are confused at failures and weird states. >ok now lets build a new system that tries to gather all this information on updates in "weird states" and let users fix them!

simplified example, but nightmare.

Comment by rusk 2 days ago

If you’re exposing system concerns mixed in with application code you’re either doing it wrong or using some outdated architecture.

Either way, it’s no excuses for shipping slop, which is what you’ve done it your software only works under limited idealised circumstances

TFA is for you

Comment by chasil 2 days ago

I have had a developer with anger issues expect 100% success with FTP file transfers, and anything that failed was 100% my fault as a Linux/Oracle administrator.

These FTP sessions were running over WANs connecting Pennsylvania, Iowa, and Tennessee.

I ended up writing him an "until curl ftp://...; do echo it failed again; done" loop which calmed that particular issue down.

I don't miss that guy, not even 1%. Good riddance.