Facebook Goes To 64 Bit User IDs

NewsCloud writes "Facebook has announced to developers that they are moving to a 64 bit user ID in November. At 32 bits, the current ID allows nearly 4.3 billion user accounts. Yet, despite having only 47 million users today, Facebook's move to 64 bits will allow it to have more than 18 quintillion (18,446,744,074,000,000,000) user accounts. Of course, there are currently only about 6.5 billion people in the world. Is Facebook setting their sights beyond Earth or just trying to avoid what happened when Slashdot ran out of space for comment IDs last year. Perhaps they are planning to implement personas."

Facebook?

[Gabest]

Never heard of it, but I already want my own account, or two.

Re:

[Jeff DeMaagd]

Now, you can probably set up a bot net to give you a few million and noone would notice.

Re:

[sherpajohn]

Ironically (or not - your choice), the post advising developers of this change contains a spelling error. No biggy, really...I mean who knows that "to" means one thing and "too" another? Certainly not someone posting advisories to developers on a little site like Facebook...

LOL. Our guys send out typo riddled notices all the time. They need more console love, an AIX terminal is very unforgiving of typos...oh crap I just brought a ton of sites down, I meant status, not stop!

Re:

[__aaclcg7560]

Maybe this this [userfriendly.org] will enlighten you. :P

Reminds me of a Facebook group

[langelgjm]

Reminds me of a Facebook group: "If this group reaches 4,294,967,296 it might cause an integer overflow."

Re:

[Nom du Keyboard]

"If this group reaches 4,294,967,296 it might cause an integer overflow."

Obviously that group number wasn't computed using Excel.

No worries

[CSMatt]

We can all just join "If this group reaches 18,446,744,073,709,551,616, it WILL cause an overflow" [facebook.com]

Re:

[Anoria]

The "We may not reach 4,294,967,296 members but..." discussion thread has been breaking the sad news about 64-bit storage for several months now.

Network ID

[Deltaspectre]

One thing to keep in mind is the userid is network ID + user ID for that network
For my user ID the network ID takes up the first 6 digits

Although I have heard that they stopped this practice and are just assigning IDs

Re:

[Tablizer]

Why did they used to make part of the ID be a network identifier? What if you need to move users to other networks? I can perhaps see how it could make it possible to assign unique id's without central communication by making blocks of numbers to be pre-assigned by different regions, etc. But as a direct network allocator, it seems problematic.

And why we are on the topic of ID's, why are Microsoft product ID's so damned long? They use letters, which gives them 35-base number set (including the digits, exclu

Re:

[Deltaspectre]

When I moved to my colleges network I kept my highschool network ID

Re:

[darthflo]

why are Microsoft product ID's so damned long?

They don't just contain a (known to the setup program) number but lots of data (which Product, what type of License, the actual ID and so on). In the early years of this millenium, several PDF documents on how to calculate your own XP CD key circulated everywhere on the interwebs, find yourself one of these for more detail.

They use letters, which gives them 35-base number set[...]

Nope, they use 0-9 and some letters, excluding O (and a few others, haven't got e

Re:

[ceoyoyo]

The MS serial numbers can be checked for validity like credit card numbers, so they have to follow a particular formula, which greatly decreases the number of allowed combinations. That's why keygenerators can work.

Plus it makes them look more important.

link to slashdot's comment id problem

[endx7]

The "Slashdot ran out of space for comment IDs" link doesn't work.

You can get to the referenced article at:
http://meta.slashdot.org/article.pl?sid=06/11/09/1534204 [slashdot.org]

Re:

[endx7]

Ah, it seems to be working now. Firefox was complaining about bad redirects earlier.

Facebook loners rejoice!

[Bruce McBruce]

You can be your own 5000 best friends.

Re:Facebook loners rejoice!

[Anonymous Coward]

You're assuming I can stand myself...

Population growth

[Mostly a lurker]

Facebook's move to 64 bits will allow it to have more than 18 quintillion (18,446,744,074,000,000,000) user accounts. Of course, there are currently only about 6.5 billion people in the world. Is Facebook setting their sights beyond Earth ...?

My assumption is that Facebook is betting on the success of the Vatican's campaign against birth control. I just cannot imagine extra terrestrials being willing to put up with the multi-year latency required to post and retrieve photos from an earth-based server.

Re:

[foobsr]

I just cannot imagine extra terrestrials being willing to put up with the multi-year latency required to post and retrieve photos from an earth-based server.

They have invented instant messaging.

CC.

Re:

[3vi1]

In 150 years, there will be over 14 billion people in the world and even your watch will have a terabyte of storage. Facebook's just saving themselves some time by preparing to not delete/re-use the old account numbers.

thank god

[friedman101]

finally I can register my bacteria colony!!

staphylococcus aureus #19392133943904 is in a relationship with staphylococcus caprae #93939394839483934

Re:thank god

[Firehed]

What the hell? That's my S. caprae, the dirty slut!

Re:thank god

[Dr. Photo]

Can germs get V.D.?

Re:

[Chrax]

Can they ever!

News?

[JRGhaddar]

This has to one of the dumbest articles to reach the slashdot headlines.

So basically facebook changed there maximum users from a huge number to an even bigger number.

Are we going to post a news story everytime google adds to their storage system?
or microsoft adds another bloated line of code?
or everytime the telco's build a tower?

Re:

[Joe U]

Can I get a frontpage story? I used GUIDs in my database design.

Seriously, user ids?

Hi, 1985 is on the phone, they want their copy of C-Net BBS back.

It's funny. Laugh.

[SanityInAnarchy]

So basically facebook changed there maximum users from a huge number to an even bigger number.

The difference being that the current (huge) number was not quite sufficient to register all human beings on the planet, so we have to wonder why they did this. 32-bit integers are kind of the default, so most people wouldn't worry about it. So why are they doing this?

If you look, this article is filed under "It's funny. Laugh." And it is, really. Either Facebook is doing this for no good reason, or someone actually has some justification for going to the time and expense to change their database in this way. And so... Are they really planning on registering more human beings that exist?

I realize it's not funny to you now, as you've had to have the joke explained to you...

Are we going to post a news story everytime google adds to their storage system?

If they suddenly went from 2 gigs of email to 5 exabytes, then yes.

Also, keep in mind that Slashdot did cover when Gmail was first released with that 2 gigs, which seemed impossibly huge, and was at least one or two orders of magnitude larger than their closest competitor.

Re:

[Joe U]

Are they really planning on registering more human beings that exist?

It's for their new sockpuppet policy. Either that, or they're just getting ready for our new robotic overlords.

If they suddenly went from 2 gigs of email to 5 exabytes, then yes.

Good point.

Can I borrow an exabyte for my MP3's? On second thought, forget MP3's, raw audio is fine.

Re:

[JRGhaddar]

Well while you think it's a joke... it is not funny.

One they obviously aren't doing it to register people....userid's will be going to be used in promotions groups and other random social networking crap.

All it really translates into Facebook site is big and wants/plans to be bigger. Which is why I put the news?

Geeks get lost in the details but don't look at this big picture and that is why most geeks work for suits.

Re:

[msormune]

Geeks get lost in the details, because it's their job to get lost in the details, and find their way out. Suits manage the bigger picture. If a geek starts to worry about the big picture, he/she is in danger of becomng a suit :)

Re:

[Antique Geekmeister]

Why would you possibly want to use 33, or 39 bits, when you can simply set it to "64-bit" that is easily supported by your compilers and 64-bit hardware on your servers? It's not like the numbers will take less computation or less storage because they're less than 64-bits: storing digital numbers doesn't work that way.

Re:

[Bluesman]

It's perfectly possible to store non-powers of 2 using byte-addressable hardware, you just have to mask out the bits you don't want and shift the rest when recovering the data. It's a small tradeoff in extra computation for a significant savings in storage space if you're storing a lot of data.

Consider that with 2560 bits, you can store 64 40-bit integers, or 40 64-bit integers. You can recover all of the 40 bit numbers knowing their bit offset, even if you can address it directly. Many of those 40-bit i

It's not User IDs.

[Mahjub Sa'aden]

If you read the article, it refers to event IDs. Which means, of course, that everything (?) that happens on Facebook is assigned an integer and they were running out of integers or at least foresaw that possibility. This is much, much more reasonable than wanting to register more people than exist on the earth right now. But it makes it a lot less newsworthy, and a whole lot more boring.

Re:

[iphayd]

You also have to remember that the maximum isn't the number of people on the planet, but double that. At some point and time everyone needs two accounts. One to show them drinking and talk about sex, the other to show their parents that they aren't being naughty online.

Re:

[poot_rootbeer]

32-bit integers are kind of the default, so most people wouldn't worry about it. So why are they doing this?

Publicity, mainly.

For the price of under a gigabyte of disk, they have made themselves the talk of Slashdot and every other geek aggregation site, and mainstream tech reporters will then pick up on the trend, and report it in the newspapers and cable news networks. It's cheap advertising -- but it's a strategy that can only be used once, ever.

Re:

[gordo3000]

yes, we finally decided that the slashdot community has seen enough ads for apple gear.

~the people who come up with repetitive slashdot stories

Re:

[jmv]

You don't understand. This is a *major* improvement. After all, they haven't just increased a little bit the number of possible users, they've *multiplied* it by about 4 billions. That's a 40,000,000% increase!

Re:

[wizardforce]

Are we going to post a news story everytime google adds to their storage system?

I seem to remember an article poking fun at the fact google's email space isn't "infinite" like some other services so if they doubled or tripled their limit I guess it would be on the front page.

or microsoft adds another bloated line of code?

Windows Vista articles?

or everytime the telco's build a tower?

articles about the irrational fear of wifi and the "dangers" of cell phone towers, I believe we've seen that too. so yes, t

Re:

[Anonymous Coward]

Are we going to post a news story everytime google adds to their storage system?

• Slashdot: Google Raises Word Limit [slashdot.org]
• Slashdot: How Many Google Machines, Really? [slashdot.org]
• Slashdot: NCSA Compares Google and Yahoo Index Numbers [slashdot.org]

Answer: Why yes, I believe they will.

Re:

[Blakey Rat]

Are we going to post a news story everytime google adds to their storage system?

Have so far.

or microsoft adds another bloated line of code?

God yes. Slashdot has flamebait stories about Microsoft when they don't do anything at all!

or everytime the telco's build a tower?

No, instead we'll get that one about how the US has crappy broadband another 4-6 times this week.

Re:News?

[Joe U]

HTML, not [i][b]BBCode[/b][/i]. OK?

Re:

[larry bagina]

or at least change the name from firehose to high velocity diarrhea.

Two-Faced

[Nom du Keyboard]

Clearly this is meant to accommodate two-faced people, people of multi-faced discrimination, and Hexadecimal.

i for one.

[sh3l1]

I for one will take go with Facebook's initiative to welcome our new alien overlords who will certainly see Facebook's superiority to Myspace.

Not just user IDs

[digital bath]

TFA says nothing specific to 'user ids' - it says object ids in general. I assume this includes things like comment ids, event ids, etc - which makes overflowing the 32 bit limit much more reasonable.

Re:

[Lifyre]

...as if millions of voices suddenly cried out in terror and were suddenly silenced...

Re:

[DarthThor]

It does actually "Up until this point, all of our user IDs have been small enough that 32 bits is sufficient to store them all. In the not-so-distant future, we will begin using 64 bit object IDs in some places. So, the numbers will become to big to handle in some situations" The wording is actually pretty shocking so it could well be that the userid's are being made 64 bit but comments etc. are, or it could be they are making userid's 64 bit also.

Re:

[RedWizzard]

Up until this point, all of our user IDs have been small enough that 32 bits is sufficient to store them all. In the not-so-distant future, we will begin using 64 bit object IDs in some places. So, the numbers will become to big to handle in some situations

Seems pretty clear:
1. User IDs are currently 32 bits.
2. They are changing some object IDs to 64 bits.
It does not say they are changing user IDs to 64 bits. It's implied but not stated. It's not actually clear that "user ID" means the ID of an account - it might just mean a user-visible ID (such as comments have on Slashdot).

Re:Not just user IDs

[jd]

My interpretation (which is just as invalid as everyone else's, Facebook included) would be that they are abolishing UserIDs altogether and switching to a 64-bit universal ID. That kinda makes sense, as it would make defining relationships between any two types of object easy.

No Reuse...

[Frosty Piss]

Facebook's move to 64 bits will allow it to have more than 18 quintillion (18,446,744,074,000,000,000) user accounts. Of course, there are currently only about 6.5 billion people in the world. Is Facebook setting their sights beyond Earth

Probably just means they don't have to worry about needing to reuse IDs of inactive accounts...

32 bit constraint kind of forces a big leap

[istartedi]

If you think you might ever have more than 2^32 of something, you kind of have to go to 2^64. Yes. It's an obscene ammount of possibilities; but it's the next biggest size. You really don't have much of a choice here. You could implement 5-byte numbers, but it'd be a PiTA. No CPUs have native 5-byte ints. The progression has always been a doubling of int size.

If that doesn't make sense, you shouldn't be on Slashdot. Maybe you should be someplace else... like Facebook maybe?

Re:

[Howzer]

>>but it's the next biggest size

Ah, no, it isn't. Just as an example, right off the top of my head, they could go from 32 bits to 34 bits, giving them an extra 12,884,901,888 ids. Or 2 for every person on the planet.

Or they could round it off at a nice 40, for a healthy 1,099,511,627,776 -- roughly a trillion users.

There is absolutely no rule that says "need bigger than 32 bit -- must choose 64 bit".

Re:

[Evanisincontrol]

There is absolutely no rule that says "need bigger than 32 bit -- must choose 64 bit".

Except that it'd be a real son of a bitch to have to shift bits around every time you want to calculate user IDs.

Re:

[Ruie]

If you are concerned about storage space mysql has 48bit storage type.

Re:

[BuGless]

Facebook uses PostgreSQL as a backend, not MySQL, and PostgreSQL doesn't have a 48-bit datatype, so in their case it's either 32-bit or 64-bit.

Re:

[deniable]

You use 'always' in a non-standard way. There were 36 and 60 bit processors available amongst others. 64 doesn't have to be the next number for processing. As someone else said 32->64 is due to postgreSQL. That, and the youngsters don't know any better. DB space is made by elves.

Re:

[istartedi]

Yeah, I tend to be non-precise with language sometimes. "Always" is one of those things that people love to nail me for, because all you need is one counter-example and you get egg on your face. I've gone back and forth with people on this kind of stuff before: if I took the time to phrase everything that carefully, my posts wouldn't be ready until after the article expires. If I qualified every word and turn of phrase with possible exceptions, my posts would read like House Resolutions. Nobody, not ev

Spammers

[kryten250]

They have to do something, what with all those pretty girls wanting to get to know me and give me private shows...

Re:Spammers

[dricci]

I think you're confusing Facebook with MySpace, which doesn't have this problem as they appear to still use a flat-file database updated in notepad.

Re:

[rubycodez]

of course, they're actually 50+ year old Republican congressmen.

Overflow

[Helios1182]

There is a group trying to cause an integer overflow; either from comment or member numbers. This may impede their (hopeless) progress. It is titled, "If this group reaches 4,294,967,296 it might cause an integer overflow."

Number of People

[Bullseye_blam]

The other thing to remember is that there might be a certain number of people in the world at any one time, but that people are born and die within that time [and old ones won't be deleted]. I don't think it's inconceivable that Facebook might reach their current limit in 20-25 years.

Re:

[tompaulco]

The number of people in the world doesn't matter. It's the number of bored 11-15 year olds that we have to consider.

I can see a few reasons

[Jay L]

Even it if it's just user IDs, and not object IDs as another user posted...

* 64-bit user IDs are easier to partition. They could be using the top N bits as a database ID.

* They may want to allocate the IDs randomly instead of sequentially. 64-bit IDs would involve fewer collisions.

* We don't know what their account churn rate is; if people sign up, forget, and create new accounts again frequently, they could have many more than 47 million dormant accounts sitting around.

A 32-bit ID really does get cramped when you have a large user base.

Re:

[c_forq]

The other thing that shocks me that people haven't commented on yet is that maybe Facebook is looking long term. It doesn't seem to be going away anytime soon, and appears to still be growing. Sure there are only 6 billion people now, but in 100 years those 6 billion people will be replaced.

Kudos to parent

[giafly]

Also if you allocate IDs sparsely this improves security.

Re:

[vidarh]

Only if you allow people to access anything non-public by userid only, which is kind of stupid.

Reminds me of a company I worked for that did that, and where they were surprised when I showed them how to "hack" the system by sequentially trying every possible user id...

Re:

[wfberg]

As another site usually puts it "the real WTF is..." that they don't use 128 bit identifiers.

If only if there was some sort of, I don't know, scheme for identifiers that has approximately 2^122 possible values, fits in 128 bits, has a standard notation and is supported by major databases as an 'auto increment' field.. With that many values, you could almost assume that using some sort of randomized value is bound to be unique - perhaps even universally unique. You could call it Globally Unique IDentifier (G

I guess they believed the hype

[pushing-robot]

64 bits are WAY FASTER [pcworld.com] than 32 bits!

Re:

[Suicyco]

Hmm, maybe because 64 bit systems ARE faster. Very much so.

I don't know why this was rated funny, when its true.

I don't know about you, but running through 24gb of tables in RAM as opposed to paged data is, in my book, an order of magnitude faster. 64 bit systems are massively faster than 32 bit systems.

I'm not talking about windows boxes, but database servers (which I'm sure Facebook have) DO see a major impact.

I know you thought you were being clever, and perhaps you were, to other not so bright and infor

Re:

[pushing-robot]

My post, like the article, was not about hardware or software but the size of a database field. Regardless of what a 64 bit architecture could do for the underlying hardware, operating system, or database engine, increasing a 32 bit database field to 64 bits will NOT improve the speed of transactions. My joke was meant to poke fun at the time when "64-bit" was a fad; anything "64-bit" was assumed to be better and the mere phrase caused a strange sense of euphoria like "dot com" had five years earlier. De

security?

[vanyel]

I don't know anything about what you can or can't do with a facebook id number, but it could be a way to increase the sparseness so they're harder to guess for some sort of security reason (well founded or not...)?

but...

[RockoTDF]

...is it backwards compatible with web 1.0...?

Ha ha, but seriously.

[Kaz Kylheku]

Not all of the bits of an ID are necessarily there for uniqueness. Wider ID's allow for features such as check digits (being able to tell whether an ID is valid without doing an existence query in a remote database) and other information. Namely, various immutable properties of the object that is denoted by the ID can be stored in the ID itself. This is similar to using spare bits within a machine address for tagging an object with a type or other attribute. It may be very useful to be able to tell something about an object just from the ID alone.

Don't Stuff ID's with Attributes

[Tablizer]

It is a big risk to use ID's to store "extra" information such as location. (Although I have no problem with check-sums, but that is not an object attribute but an attribute of the ID itself.) There are rarely truly "immutable" attributes of the entities/objects that the ID references. Typo's etc. require the ability to fix incorrect attributes, and if you stuff these into ID's, then you have more stuff to repair and undo. I challenge you to give me example attributes from something along the lines of Faceb

Duplicate Users

[evilviper]

Or maybe it just means they don't want to disable and reclaim/recycle the 20 idle/unused/abandoned IDs each person has... Or did you really think over 1 million people that read Slashdot registered for accounts (just one each)?

Not actually what they said

[a_sdh]

They actually are increasing the Object ID to 64-bits. The announcement is confusingly written, given, but objects in their system are things like events, groups, and basically everything. It's easy to imagine that they would hit the 32-bit limit on these at some point.

People make...

[blahplusplus]

... more then one facebook account. I know I have.

Finally

[Romicron]

Finally, a little sensitivity for those of us with DID [wikipedia.org] [wikipedia.org]

This is the dumbest article...

[ChronosWS]

So they changed the column type of userId from INT32 to INT64. Who gives a fuck? It would be much less expensive for Slashdot to simply post SQL change logs than to have editors on the clock.

We need the ability to mod stories, so that the editors can more clearly see when they aren't doing their job.

Mark Zuckerberg is way past 32bit in his valuation

[melted]

Mark Zuckerberg is way past 32 bits in his valuation of Facebook. The guy thinks this thing is worth something like $10B, and the number grows every day. I guess he's getting ready to some seriously insane delusions of grandeur before the bubble bursts and washes away his pile of crap.

In other news...

[suv4x4]

I just changed the type of column "content" on my blog from "text" to "mediumtext". I'm ready to give a press conference as to the reason behind my decision to all interested.

Re:

[account_deleted]

Comment removed based on user account deletion

Population growth

[stivi]

What about population growth? Surely current number of users is much less than 2^32, but number of possible users is not number of people in the world at this time. Imagine that the world has exactly 2^32 inhabitants and everyone has a facebook account. What would you do with new-borns? Will you reuse accounts?

There is difference between user accounts and active user accounts. Number of active user accounts can not be larger than actual population of the world, if we consider maximum of one account per use

My guess: Security, segementation, multiple log in

[drolli]

-you can harden your security by populating the user-id space sparsely. Somebody who is guessing for an user id will have an hard time.

-It can make things easier to have your user groups organized according to geographic location, company issuing th id (e.g. local branch), etc.

-Multiple log ins. Who knows. maybe it is easier to associate internally several uids with each uid (could make things more static).

So let's say:

10 bit for segmentation
20 for checksumming
4 for multiple logins

leaves only 29 bit as payload

Or somebody was just dumb and wanted to make sure he is not fired until all applicaitons are switched

Re:My guess: Security, segementation, multiple log

[Jay L]

you can harden your security by populating the user-id space sparsely. Somebody who is guessing for an user id will have an hard time.

Nah. Any web app that lets you see something you shouldn't see by guessing the ID is broken, period (not to say there aren't a lot of broken web apps). I gotta think Facebook's smarter than that. What if you already knew the ID (because someone used to be your friend) and they delist you? You have to check permissions at the server side.

Re:

[drolli]

> Any web app that lets you see something you shouldn't see by guessing the ID is broken, period

No doubt about that! However, if somebody tries to attack in that way it is easier to fend of, because you can allow for a checksum. Instead of making a DB query for each hit, you make a DB query only if the ID lies in the codespace. So certain DOS attacks are more difficult.

> (not to say there aren't a lot of broken web apps).

Hell yeah!

> I gotta think Facebook's smarter than that.

Maybe they are smart en

Re:

[Jay L]

No doubt about that! However, if somebody tries to attack in that way it is easier to fend of, because you can allow for a checksum. Instead of making a DB query for each hit, you make a DB query only if the ID lies in the codespace. So certain DOS attacks are more difficult.

D'oh! Excellent point. Can you tell I'm used to having front-line servers do rate limiting and authentication, and not used to talking straight HTTP to the masses?

IP goes to 128 bit addresses!

[VGPowerlord]

IPv6 uses 128-bit addresses. Just a reminder, in case you thought 64-bit user ids were ridiculous...

Re:

[Glowing Fish]

Every nanobot in the greygoo will need its own IP!

Magic

[Joebert]

Do you think advertisers will finally catch on once they get 7 billion unique visitors from Facebook ?

UUIDs

[nevali]

Perhaps they should save themselves some trouble in a few millennia's time and just switch to UUIDs.
 

Wtf?

[X.25]

I've never heard about Facebook. Until few weeks ago, when Slashdot editors started spamming with Facebook related "news".

How much did you get, to start spamming your own userbase with worthless news about Facebook?

What will be next - "Facebook upgrades hardware"?

like credit card security?

[peter303]

Only one out 10,000 credit card numbers is valid, so you kind of have to steal numbers rather than guess them.

Reasonable Limits Aren't

[HTH NE1]

Enough said in the Subject.

Re:

[Donniedarkness]

Sorry, but that was probably more suited towards the Myspace crowd. You fail.

Re:

[SanityInAnarchy]

Would've been funnier if it had anything at all to do with 64-bit.

Re:

[Anonymous Coward]

FP trolls are almost never related to the article. And at least it's a change from that overused "shit eating" copypasta we've been seeing the last few weeks.

Re:

[e9th]

It's only a temporary dumb-down. They're trying to rake in some of the overflow from the Limbaugh letter [ebay.com].

Re:

[WilliamSChips]

I'm pretty sure it's almost impossible to make Limbaugh's views look worse than they really are.