Forgot your password?
typodupeerror
News IT

Amazon Says Hardware, Not Hackers, Caused Outage 128

Posted by CmdrTaco
from the finger-pointing dept.
ChiefMonkeyGrinder writes "Amazon has denied reports that its European sites were brought down by a DoS attack by a hacker group sympathetic to Wikileaks cause. The retailer was a planned target for the attackers, called Anonymous. But Amazon said it was a hardware failure in its European data centre network that caused the half hour outage in Europe."
This discussion has been archived. No new comments can be posted.

Amazon Says Hardware, Not Hackers, Caused Outage

Comments Filter:
  • by Anonymous Coward

    I doubt a bunch of piddly home connections can take on a backbone anyways. .

  • by zero.kalvin (1231372) on Monday December 13, 2010 @09:56AM (#34533580)
    I believe them on this one.
    • Re:I don't know (Score:4, Informative)

      by Haedrian (1676506) on Monday December 13, 2010 @09:57AM (#34533598)
      I'm sure I do. DDOSing Amazon would require a hell of a lot of clients.

      And Anonymous themselves said they weren't going to attack Amazon.
    • by Anonymous Coward

      So do I, from their Black Friday debacle in the UK which was essentially a lottery rather than a sale because you got an HTTP 503 Service Unavailable response to attempts to purchase the offers 90% of the time as they clearly couldn't handle the load, through to the fact that it's currently taking them around 5 days to deliver orders which they're telling you on ordering are GUARANTEED to be delivered in 1 day via Amazon Prime I'd have to agree that Amazon have become quite excellent at fucking up their own

    • by Weezul (52464)

      Amazon is currently hosting wikileaks [wlcentral.org] for a Danish media group, just not for wikileaks themselves.

      I've a quick question for all the network gurus out there. The JS LOIC [calgarc.com] stops sending packets once the currently open connections without responses reaches a preset limit, which happens to be 1000.

      Is that really how one should approach a DDoS? Would doing otherwise be a SYN flood which kernels now block fairly effectively? Or are they perhaps doing this to make it more like a virtual sit-in, i.e. all the compu

  • by bl8n8r (649187) on Monday December 13, 2010 @10:01AM (#34533626)
    Load from the DDoS traffic fried the switch.  So you see, it's a hardware failure.
    • DDoS attacks were aimed at amazon.com, i.e. US infrastructure so I doubt it.
    • by Anonymous Coward

      Self-esteem meme for hackers?

      My packets were big enough, my packet count was enough, it fried the hardware.

    • Load from the DDoS traffic fried the switch. So you see, it's a hardware failure.

      Is that even possible? +5 Insightful??

  • by digitaldc (879047) * on Monday December 13, 2010 @10:02AM (#34533628)
    ...you can't believe anything you read about outages any more.
    • by mcgrew (92797) *

      Wisdom from my old man: Don't believe anything you hear or read, and only half of what you see.

      • Re: (Score:2, Funny)

        by gstoddart (321705)

        Don't believe anything you hear or read, and only half of what you see.

        I don't believe that. ;-)

        • by Anonymous Coward

          I don't believe that. ;-)

          I don't believe that you don't believe it then.

      • by gmhowell (26755)

        Wisdom from my old man: Don't believe anything you hear or read, and only half of what you see.

        Instead, I heard it through the grapevine.

  • ...sales lost for many people suddenly _hate_ Amazon is directly related to WikiLeaks debacle. Lets take as an example one average customer (me), who used to spend lots of money there...
    • by Anonymous Coward
      No, the average customer (not you) has not stopped shopping there because of WikiLeaks.
    • Re:Yes but... (Score:4, Insightful)

      by Sonny Yatsen (603655) * on Monday December 13, 2010 @10:12AM (#34533696) Journal

      You post on slashdot and you pay attention to the news. I seriously doubt you fit into the category of "average customer".

      I believe you'd find that the "average customer" doesn't share the "hate" that you suddenly gained, but are rather quite apathetic about the whole thing so long as they can get a cheap Playstation 3.

      • by Duradin (1261418)

        Apathetic in general or doesn't care that a(n insult to) weasel(s) found out he had to play by the rules. Or they do care and want to reward Amazon for supporting freedom of association.

    • Re: (Score:2, Flamebait)

      by ScentCone (795499)
      sales lost for many people suddenly _hate_ Amazon is directly related to WikiLeaks debacle

      You're not taking into account the customers they retain or attract as people learn more about the actual facts. Amazon is under no obligation to let oily weasles like Assange operate outside of their TOS, and they have a strong incentive to been seen actually enforcing their stated policies. Likewise, people who see that Amazon can easily weather a moderately aggressive DDoS like that juvenile tantrum thrown by Ano
      • Re:Yes but... (Score:5, Informative)

        by Lumpy (12016) on Monday December 13, 2010 @11:02AM (#34534156) Homepage

        I agree, back in 1776 a bunch of evil weasels took over the colonies and look at what happened. a lot of innocent British soldiers sent over to protect the citizens died!

        One man's TERRORIST is another mans Freedom Fighter.

        • Moral relavatism.....

          • Moral relativism exists, like it or not. Morality != (something objectively verifiable)

          • by Lumpy (12016)

            Which is what reality has been for the last 90,000,000,003 years. Before then we had Moral Absolutism... but Cthulhu put a stop to that.

        • Re: (Score:3, Interesting)

          by Anonymous Coward

          I agree, back in 1776 a bunch of evil weasels took over the colonies and look at what happened. a lot of innocent British soldiers sent over to protect the citizens died!

          On their first terrorist attack, they cowardly disguised themselves to put the blame on innocent Native Americans. If they had succeeded, they could have caused an Indian massacre by the British.

          • by Noughmad (1044096)

            If they had succeeded, they could have caused an Indian massacre by the British.

            They didn't fail completely though, the British got their revenge on the other Indians.

        • by Anonymous Coward

          On a similar note, one man's traitor is another man's informant.

        • by ScentCone (795499)
          One man's TERRORIST is another mans Freedom Fighter.

          Sure, but only if you're an irrational moral relativist.
      • by Almahtar (991773)

        Likewise, people who see that Amazon can easily weather a moderately aggressive DDoS like that juvenile tantrum thrown by Anonymous now have that much more of a reason to trust Amazon while buying goods or considering where to host cloud-ish stuff.

        Juvenile tantrum? They took down Paypal, Mastercard, and Visa. That's not a juvenile tantrum, that is "hulk smash".

    • by Pojut (1027544)

      No offense, but that's fucking stupid. Why should Amazon risk compromising their servers just because one of their hosted sites has become a target? I fully support Wikileaks and their efforts, but you can't really put the blame on Amazon for dropping Wikileaks...Amazon is a business, and risking that business because of a single client would be a horrible idea.

      • Why should Amazon risk compromising their servers just because one of their hosted sites has become a target?

        Hmmm, look like they did exactly that :-)

        Amazon is a business, and risking that business because of a single client would be a horrible idea.

        So why did they do it, if it was such a horrible idea?

        • Maybe they reckoned the fallout from dropping WikiLeaks would be less than it would be from keeping them.
          • by Pojut (1027544)

            That's what I was getting at, more or less...between pressure from the government and pressure from all the faceless people targeting wikileaks, it just wasn't a sound business decision.

            I very rarely take the side of big business, but Amazon couldn't afford those kinds of problems. I have no idea why they agreed to host the servers in the first place (maybe they didn't think it would affect their end as much as it did?) but I completely understand why they decided to stop hosting them.

            As I said in my OP, I

            • by arkenian (1560563)

              I have no idea why they agreed to host the servers in the first place (maybe they didn't think it would affect their end as much as it did?) but I completely understand why they decided to stop hosting them.

              My understanding was that they didn't "Agree to host the servers" as a concious act. Wikileaks just set up an account and provisioned them automatically...

              I agree with you, FWIW. While I have issues with the payment services cutting off donations, I have trouble objecting to what amazon did.

    • ... and if I was trying to host an illegal file sharing site on one of their clouds they would shut it down for exactly the same reasons as they did WikiLeaks. It is stuff that is illegal to have. Now if Wikileaks had moved it to China :) or one of them countries that doesn't believe in copyright then they would be fine.

      • "... and if I was trying to host an illegal file sharing site on one of their clouds they would shut it down for exactly the same reasons as they did WikiLeaks."

        Except for the "illegal" part.

        "It is stuff that is illegal to have."

        Don't think so. And provided that no USA fiscal office has started procedures against Wikileaks for the published contents, so do think USA legal body. It is stuff that it may be illegal to share if you are managing it. Perfectly legal to have and publish if you have managed to g

    • by Lumpy (12016)

      You and those like you amount to 0.01% of amazons customers.

      Most people watch dancing with the stars+Glee and buy every shiney they see.

      "Ohh this is pretty and made with the hearts of baby seals that were clubbed to death and assembled in china by slave children that get whipped! I'll buy 2!"

      And yes, that is accurate. Otherwise Nike would be out of business as everyone knows their factories are horrible crimes against humanity.

    • The Teabaggers would have probably boycotted Amazon for supporting "terrorists" if they did host Wikileaks. Either way they lose customers.

  • by theshowmecanuck (703852) on Monday December 13, 2010 @10:05AM (#34533652) Journal
    Whether true or not, Amazon pretty much has to say it was something other than a DDoS that impacted their site(s). It would be bad for business to say that an attack from a bunch of hackers can impact them negatively in any serious way. They have to maintain this "strong" outward face to their clients to maintain their level of trust. Given that Amazon did suffer some sort of outage or reduced service during the time period, I'm not sure of anything other than a trusted third party investigation to understand what level of effect the DDoS 'attack' had (if any) on Amazon. I'm not saying there isn't a way, I just don't know of one. Maybe someone can suggest one.
    • by Rysc (136391) * <sorpigal@gmail.com> on Monday December 13, 2010 @10:08AM (#34533664) Homepage Journal

      It would also be bad for business to say "We weren't attacked, we just suck at doing our jobs." This is precisely what hardware-related outages mean for an outfit like Amazon. Why would you trust your business to Amazon hosted services when they are incompetent?

      • Yeah, I wouldn't have expected Amazon to have a single point of failure anywhere, it's pretty strange.

        • by Tanktalus (794810)

          Yeah, I'd expect them to have MANY points of failure, all in serial. So that's multiple, um, single-points-of-failure. Er, nevermind. Carry on.

      • by Anonymous Coward

        Most would prefer a "Oh someone just forgot to do their job" over "an internet mob took down our site, and it could happen again at any moment"

      • One of them would be the result of a very small chance of failure at any given time. The other would imply a high chance of failure at the whim of whoever wants to attack them.

        A rare screw-up looks bad, but folding whenever someone attacks you is worse.

      • by kiwimate (458274)

        How many outages for Amazon over the past 12 months, and what aggregate duration?

        How many outages for Google (GMail, News, etc.) over the past 12 months, and what aggregate duration?

        If you want to take it further, figure out what the % uptime comes out to. Seriously, this is a technical web site. I'd expect people here to understand the difference between 100% uptime and reality.

    • I wonder how much an hour of downtime would cost Amazon in lost sales?

      • I would estimate at least one shitload of sales. Offtopic: we had a big dump of snow last night... I am enjoying the sound of gunning engines and spinning tires identifying the idiots (sort of) driving by my window who were too lazy to get their snow tires on yet... and it isn't much of a hill.
    • by matt4077 (581118)
      More importantly, admitting it was a DDoS creates an incentive for more attacks, where otherwise people would just give up. Anyway, I'm hoping they're right and the script kiddies failed. The wikileaks debate should be about the better arguments, not the larger number of nodes.
  • by Notquitecajun (1073646) on Monday December 13, 2010 @10:10AM (#34533684)
    I wonder if the recent WL issues signal the end of DDoS for at least large companies - Visa, Mastercard, Amazon, etc. I can foresee them putting enough money into their servers and infrastructure that, at some point, they really couldn't be overwhelmed. Is this going to wind up being a hardware or software issue in the future in preventing DDoS attacks?
    • by nicholas22 (1945330) on Monday December 13, 2010 @10:19AM (#34533742)
      It all depends on the actual DDoS load. There's no such thing as infinite bandwidth, you see. Amazon was down for 30 minutes in 4 countries on Sunday. And this by some quasi-organized group of script kiddies. So no, I don't see that being the case yet at all...
      • by N1AK (864906)
        Load sharing between groups of large companies could be one potential counter-tactic. I'm not a network expert, so I'm not even going to try and elaborate on the concept, however I doubt it's beyond the wit of man to implement.
      • That's near-future, though. I suspect we'll eventually see something for the large corps that prevents those type of attacks.
        • by gknoy (899301)

          I imagine they'd like to see if a herd of ED-209s would help prevent/discourage it.

  • wait (Score:5, Insightful)

    by marcello_dl (667940) on Monday December 13, 2010 @10:12AM (#34533704) Homepage Journal

    A hardware failure bringing down the site of a corporation who also is a cloud provider it's pretty bad PR, there should be no single point of failure in a proper cloudy system :)

    • I think it's better to have a system that might suffer from hardware failures than a system that can be taken down by a group of loosely-organized script kiddies.

      Take a small PR hit to mitigate a larger one? Sounds like a plan to me.

      • by drinkypoo (153816)

        Take a small PR hit to mitigate a larger one? Sounds like a plan to me.

        On one hand you have incompetence. On the other hand you have incompetence. But on one hand you have someone to blame, and on the other you have only yourself. If a big piece of cloud can be taken down because one switch failed, then it's not a cloud, is it? It's just another centrally-managed cluster designed by idiots.

        • One hand, incompetence that might cause a fault in service once in a blue moon that can be repaired in less than half an hour. On the other, you've got incompetence that allows a system to be dropped by, again, a group of loosely organized script kiddies.

          I'm not arguing for or against Amazon's service- I'm just stating that if I was in charge of damage control at Amazon, this is how I'd do it.

          • It's one reason why threats of vandalism can be a bad idea. No matter what happens, there's now a group who has volunteered to be the whipping boys. As if it wasn't already too easy to blame it all on hackers to cover up incompetence.

    • by Haedrian (1676506)
      What about the load balancer?
    • If there is no demand/traffic, wouldn't that be the single point of failure that every cloudy system is designed to take advantage of?

  • What's to say a disgruntled Amazon employee who is also an anonymous follower didn't "accidentally" unplug the A/C. Presto, hardware failure!

  • by a hacker group sympathetic to Wikileaks cause.

    Thank you.

  • So is this why none of my shit has arrived yet, even with the most expensive possible shipping?
  • Amazon.com was screwed yesterday afternoon too. Or was that just all the Christmas shopping?

  • That's what they told us. [amazon.com]

    Quoting from their site: "Reliable and redundant – Our datacenter is built using large amounts of commodity hardware. When one node fails, millions of other nodes pick up the slack. As a result, you gain all the benefits of an always-on and self-healing infrastructure, without ever having to configure or replace hardware."

    So how did "a" hardware failure brought their cloud down? Anyway, a hardware failure still sounds better than a DDoS though.
    • by Ash-Fox (726320)

      So how did "a" hardware failure brought their cloud down?

      If you were using Amazon's cloudfront service, it would have automatically redirected traffic through a non-European data center instead, so it was only really down for those who chose to do S3 only without cloudfront.

      • by jonbryce (703250)

        So the likes of amazon.co.uk and amazon.fr are not showcases for their flagship technology then?

        • by Ash-Fox (726320)

          So the likes of amazon.co.uk and amazon.fr are not showcases for their flagship technology then?

          The main sites run on ec2, which doesn't benefit from cloud capabilities across multiple data centers, but their static data is placed on cloudfront.

  • This word has been thoroughly hijacked as euphemisms by the propaganda machine. "Communist sympathizers". "Al Qaeda sympathizers". "Terrorist sympathizers". It seems that anyone that doesn't pledge to fight whatever the government wags a finger at is a "sympathizer".
  • It was a hardware problem.

    the hardware wasn't enough to keep up with all the requests coming in.

The one day you'd sell your soul for something, souls are a glut.

Working...