Amazon Says Hardware, Not Hackers, Caused Outage

ChiefMonkeyGrinder writes "Amazon has denied reports that its European sites were brought down by a DoS attack by a hacker group sympathetic to Wikileaks cause. The retailer was a planned target for the attackers, called Anonymous. But Amazon said it was a hardware failure in its European data centre network that caused the half hour outage in Europe."

Lakes vs an Ocean

[Anonymous Coward]

I doubt a bunch of piddly home connections can take on a backbone anyways. .

I don't know

[zero.kalvin]

I believe them on this one.

Re:I don't know

[Haedrian]

I'm sure I do. DDOSing Amazon would require a hell of a lot of clients.

And Anonymous themselves said they weren't going to attack Amazon.

Re:I don't know

[Errol backfiring]

In fact, a whole cloud of them.

Anonymous themselves said they weren't going to...

[beh]

Is the group really that organized that you if someone says "we're not going to ', that (nearly) everyone will follow?

Re:

[Anonymous Coward]

Try again, this time in something resembling English. ;^) I really can't figure out what you're trying to say.

Re:

[ArsenneLupin]

In order to stay "technically" legal, the group can't openly call for an illegal action, such as DDosing of a target. So they instead say "hopefully nobody will DDos target", and hope that everybody understands what is really meant...

Re:

[Anonymous Coward]

So do I, from their Black Friday debacle in the UK which was essentially a lottery rather than a sale because you got an HTTP 503 Service Unavailable response to attempts to purchase the offers 90% of the time as they clearly couldn't handle the load, through to the fact that it's currently taking them around 5 days to deliver orders which they're telling you on ordering are GUARANTEED to be delivered in 1 day via Amazon Prime I'd have to agree that Amazon have become quite excellent at fucking up their own

Re:

[Anonymous Brave Guy]

I can't comment on the 503s except to say that I didn't see one, but Amazon UK have yet to hit any of their estimated delivery dates for our household's orders over the past month or so, and the delay is now measured in weeks in some cases. They did have a big banner up on their web site during the snow saying that some deliveries might be delayed by a couple of days, but they are way past that with us.

Re:

[Xest]

You wont have seen the 503s because they were being returned in response to the AJAX request issued by clicking the add to basket button on the Black Friday offers. If you tried to by any of the items and found yourself stuck indefinitely in a queue, or at least for a few minutes or more then it was because Amazon's Javascript wasn't setup to handle 503 responses from the server, and so just hung there with the queue animation, even though the reality is your request was never even processed.

I looked into i

Re:

[Dogtanian]

I can't comment on the 503s except to say that I didn't see one, but Amazon UK have yet to hit any of their estimated delivery dates for our household's orders over the past month or so

Not sure what's going on about deliveries, but there's been enough people in the office complaining about having not received deliveries from Amazon, and it's not like we've had any snow here either since the week before last, it was all melted off by last Monday so if they are overdue there doesn't really seem to be an excuse now.

Define "here". Parts of Scotland got a lot more snow in the middle of last week (whereas my part of Scotland- which got a lot the previous week- was unaffected despite being not that far away, so don't assume that your local area reflects the whole of the UK). It's possible that any Amazon operations based in Scotland may be affected. (I don't know if they store the same item at multiple warehouses and choose the most efficient one to dispatch from according to the customer's location- but if so I'd guess t

Re:

[Anonymous Brave Guy]

In my case, "here" means Cambridge, UK. There was a bit of snow here and rather more in places like Essex and Kent, but it was all cleared several days ago, and unlike those of you further north, we really weren't disrupted for that long. I can understand the various retailers and delivery services who are tightening up on what commitments they will give in Scotland, but I don't see any excuse for having a week or more of backlog in delivery services in this region.

Re:

[Dogtanian]

I don't see any excuse for having a week or more of backlog in delivery services in this region.

Well, I was trying to say that if something is being dispatched from a snowed-in warehouse based in Scotland, your delivery is still going to be delayed, regardless of whether the home counties are swanning around in a heatwave, knocking back Pimms and G&Ts or not :-)

As I said, I don't know where Amazon orders are generally dispatched from- I strongly suspect that popular items will be held at all their UK warehouses, but am less sure about the obscure stuff.

Re:

[Anonymous Brave Guy]

Well, I was trying to say that if something is being dispatched from a snowed-in warehouse based in Scotland, your delivery is still going to be delayed

Sure, I understood what you meant. Given that Amazon UK tend to sell you things like DVDs using their "preferred Jersey merchant" these days (for tax reasons, presumably), I wouldn't expect a warehouse much further north to factor into the equation, but I suppose with business logistics these days you can't assume too much!

Re:

[Dogtanian]

Sure, I understood what you meant. Given that Amazon UK tend to sell you things like DVDs using their "preferred Jersey merchant" these days (for tax reasons, presumably), I wouldn't expect a warehouse much further north to factor into the equation, but I suppose with business logistics these days you can't assume too much!

They definitely do have at least one warehouse in Scotland- Glenrothes in Fife- but as you imply, whether that would be used for your delivery is unclear.

I guess deliveries from the "preferred Jersey merchant" are less likely to be affected by snow. But more likely to be affected by Nazi occupation of the territory... :-/

FWIW, the mysteriously-named "Jersey merchant" is actually Indigo Starfish, which I've heard some not entirely complimentary things about (mainly due to bad packaging on DVDs and the li

Re:

[Xest]

West and North Yorkshire in my office. I asked around this morning where deliveries where the tracking data on tracked parcels people hadn't received were from and a few people said Kettering, Northants. and one said Milton Keynes, others didn't have any tracking details so it doesn't seem in at least some of these cases that there really is much of an excuse. We did have bad snow around here for a few days, but it was maybe 3 days out of a week the week before last.

I can certainly see why people who went f

Re:

[Weezul]

Amazon is currently hosting wikileaks [wlcentral.org] for a Danish media group, just not for wikileaks themselves.

I've a quick question for all the network gurus out there. The JS LOIC [calgarc.com] stops sending packets once the currently open connections without responses reaches a preset limit, which happens to be 1000.

Is that really how one should approach a DDoS? Would doing otherwise be a SYN flood which kernels now block fairly effectively? Or are they perhaps doing this to make it more like a virtual sit-in, i.e. all the compu

possible cause of failure

[bl8n8r]

Load from the DDoS traffic fried the switch.  So you see, it's a hardware failure.

Re:

[gilbert644]

DDoS attacks were aimed at amazon.com, i.e. US infrastructure so I doubt it.

Re:

[Anonymous Coward]

Self-esteem meme for hackers?

My packets were big enough, my packet count was enough, it fried the hardware.

Re:

[MobileTatsu-NJG]

Load from the DDoS traffic fried the switch. So you see, it's a hardware failure.

Is that even possible? +5 Insightful??

Re:

[datapharmer]

Heat.

It is why we air condition data centers.

Re:

[MobileTatsu-NJG]

Heat.

It is why we air condition data centers.

Uh huh. And these digital routers just keep revving up more and more as data comes through until they catch fire?

Re:

[Noughmad]

Heat.

It is why we air condition data centers.

Uh huh. And these digital routers just keep revving up more and more as data comes through until they catch fire?

I was just wondering why my processor never overheats, and now I know it's because it's digital.

Re:

[MobileTatsu-NJG]

I was just wondering why my processor never overheats, and now I know it's because it's digital.

Good. Now go read more about why things like web-servers don't actually catch fire when they are slashdotted.

Re:

[spongman]

nothing's going to catch fire but it only takes one bad transistor to take down a machine during abnormal load. i had a sup720 go belly-up on me a while back as soon as we started load testing. it happens.

Re:

[MobileTatsu-NJG]

Okay, so the cause was a defective bit of hardware and not a DoS attack, right?

Re:

[spongman]

i'm not saying it wasn't a DDoS. i'm saying that it could have been defective hardware, and that the fault could have been caused by a DDoS.

Re:

[MobileTatsu-NJG]

i'm not saying it wasn't a DDoS. i'm saying that it could have been defective hardware, and that the fault could have been caused by a DDoS.

Right, I get what you're saying, but you're wrong about what the 'cause' is. If a transistor blows under a high load, then the transistor is defective. The only reason a DDoS would be to blame for it is if part of the process was that it changed how the hardware behaved (i.e. bypassing a safety mechanism) to cause a burn-out.

You said yourself, you caught it during load testing. You didn't break the hardware.

Re:

[spongman]

yeah, we broke the hardware. fried, blue smoke, nasty smell.

Re:

[MobileTatsu-NJG]

I mean that you didn't break it, it was defective.

Re:

[Anonymous Coward]

You quite overestimate the hardware. Switches do fail, overheat, etc, it happens all the "F." time.
There's always some which are less tolerant than the others. Especially when it's really big, complicated hardware.

Welcome to the real world.

Re:

[Anonymous Coward]

You quite overestimate the hardware. Switches do fail, overheat, etc, it happens all the "F." time.

Yes, you are right, but you've lost track of the discussion. Nobody's saying the hardware can't fail (as you say, it happens all the time), but that has nothing to do with a DDoS. If this DDoS came in right after a cooling fan failed (for example), that's nothing more than coincidental timing.

Re:

[Anonymous Coward]

In the late 80s, Bulgaria tried to produce color monitors. Those could be easily destroyed by making the video card cycle through refresh rates. And no, it is not a rumor, I fried two myself - the first one by accident while trying to figure how a game got more than 4 colors on a CGA adapter, and the second to fine tune the attack.

Then I attached a few hundreds bytes to a program I knew would be running on the PCs of a guy who had swindled a bunch of people. Yes, it worked, but my revenge palled compared

Re:possible cause of failure

[Opportunist]

You don't watch many action movies, do you? From them I learned that you can even make computers explode by things like entering the wrong password or just hitting the wrong key. And they also throw you halfway across the room when they blow up in sparkles.

I know one thing...

[digitaldc]

...you can't believe anything you read about outages any more.

Re:

[mcgrew]

Wisdom from my old man: Don't believe anything you hear or read, and only half of what you see.

Re:

[gstoddart]

Don't believe anything you hear or read, and only half of what you see.

I don't believe that. ;-)

Re:

[Anonymous Coward]

I don't believe that. ;-)

I don't believe that you don't believe it then.

Re:

[gmhowell]

Wisdom from my old man: Don't believe anything you hear or read, and only half of what you see.

Instead, I heard it through the grapevine.

Yes but...

[should_be_linear]

...sales lost for many people suddenly _hate_ Amazon is directly related to WikiLeaks debacle. Lets take as an example one average customer (me), who used to spend lots of money there...

Re:

[Anonymous Coward]

No, the average customer (not you) has not stopped shopping there because of WikiLeaks.

Re:Yes but...

[Sonny Yatsen]

You post on slashdot and you pay attention to the news. I seriously doubt you fit into the category of "average customer".

I believe you'd find that the "average customer" doesn't share the "hate" that you suddenly gained, but are rather quite apathetic about the whole thing so long as they can get a cheap Playstation 3.

Re:

[Duradin]

Apathetic in general or doesn't care that a(n insult to) weasel(s) found out he had to play by the rules. Or they do care and want to reward Amazon for supporting freedom of association.

Re:

[ScentCone]

sales lost for many people suddenly _hate_ Amazon is directly related to WikiLeaks debacle

You're not taking into account the customers they retain or attract as people learn more about the actual facts. Amazon is under no obligation to let oily weasles like Assange operate outside of their TOS, and they have a strong incentive to been seen actually enforcing their stated policies. Likewise, people who see that Amazon can easily weather a moderately aggressive DDoS like that juvenile tantrum thrown by Ano

Re:Yes but...

[Lumpy]

I agree, back in 1776 a bunch of evil weasels took over the colonies and look at what happened. a lot of innocent British soldiers sent over to protect the citizens died!

One man's TERRORIST is another mans Freedom Fighter.

Re:

[Saint Stephen]

Moral relavatism.....

Re:

[gestalt_n_pepper]

Moral relativism exists, like it or not. Morality != (something objectively verifiable)

Re:

[Lumpy]

Which is what reality has been for the last 90,000,000,003 years. Before then we had Moral Absolutism... but Cthulhu put a stop to that.

Re:

[Anonymous Coward]

I agree, back in 1776 a bunch of evil weasels took over the colonies and look at what happened. a lot of innocent British soldiers sent over to protect the citizens died!

On their first terrorist attack, they cowardly disguised themselves to put the blame on innocent Native Americans. If they had succeeded, they could have caused an Indian massacre by the British.

Re:

[Noughmad]

If they had succeeded, they could have caused an Indian massacre by the British.

They didn't fail completely though, the British got their revenge on the other Indians.

Re:

[Anonymous Coward]

On a similar note, one man's traitor is another man's informant.

Re:

[ScentCone]

One man's TERRORIST is another mans Freedom Fighter.

Sure, but only if you're an irrational moral relativist.

Re:

[Almahtar]

Likewise, people who see that Amazon can easily weather a moderately aggressive DDoS like that juvenile tantrum thrown by Anonymous now have that much more of a reason to trust Amazon while buying goods or considering where to host cloud-ish stuff.

Juvenile tantrum? They took down Paypal, Mastercard, and Visa. That's not a juvenile tantrum, that is "hulk smash".

Re:

[Pojut]

No offense, but that's fucking stupid. Why should Amazon risk compromising their servers just because one of their hosted sites has become a target? I fully support Wikileaks and their efforts, but you can't really put the blame on Amazon for dropping Wikileaks...Amazon is a business, and risking that business because of a single client would be a horrible idea.

Re:

[ArsenneLupin]

Why should Amazon risk compromising their servers just because one of their hosted sites has become a target?

Hmmm, look like they did exactly that :-)

Amazon is a business, and risking that business because of a single client would be a horrible idea.

So why did they do it, if it was such a horrible idea?

Re:

[Sechr Nibw]

Maybe they reckoned the fallout from dropping WikiLeaks would be less than it would be from keeping them.

Re:

[Pojut]

That's what I was getting at, more or less...between pressure from the government and pressure from all the faceless people targeting wikileaks, it just wasn't a sound business decision.

I very rarely take the side of big business, but Amazon couldn't afford those kinds of problems. I have no idea why they agreed to host the servers in the first place (maybe they didn't think it would affect their end as much as it did?) but I completely understand why they decided to stop hosting them.

As I said in my OP, I

Re:

[arkenian]

I have no idea why they agreed to host the servers in the first place (maybe they didn't think it would affect their end as much as it did?) but I completely understand why they decided to stop hosting them.

My understanding was that they didn't "Agree to host the servers" as a concious act. Wikileaks just set up an account and provisioned them automatically...

I agree with you, FWIW. While I have issues with the payment services cutting off donations, I have trouble objecting to what amazon did.

Re:

[ThirdPrize]

... and if I was trying to host an illegal file sharing site on one of their clouds they would shut it down for exactly the same reasons as they did WikiLeaks. It is stuff that is illegal to have. Now if Wikileaks had moved it to China :) or one of them countries that doesn't believe in copyright then they would be fine.

Re:

[turbidostato]

"... and if I was trying to host an illegal file sharing site on one of their clouds they would shut it down for exactly the same reasons as they did WikiLeaks."

Except for the "illegal" part.

"It is stuff that is illegal to have."

Don't think so. And provided that no USA fiscal office has started procedures against Wikileaks for the published contents, so do think USA legal body. It is stuff that it may be illegal to share if you are managing it. Perfectly legal to have and publish if you have managed to g

Re:

[Lumpy]

You and those like you amount to 0.01% of amazons customers.

Most people watch dancing with the stars+Glee and buy every shiney they see.

"Ohh this is pretty and made with the hearts of baby seals that were clubbed to death and assembled in china by slave children that get whipped! I'll buy 2!"

And yes, that is accurate. Otherwise Nike would be out of business as everyone knows their factories are horrible crimes against humanity.

Re:

[im_thatoneguy]

The Teabaggers would have probably boycotted Amazon for supporting "terrorists" if they did host Wikileaks. Either way they lose customers.

Managing Perceptions

[theshowmecanuck]

Whether true or not, Amazon pretty much has to say it was something other than a DDoS that impacted their site(s). It would be bad for business to say that an attack from a bunch of hackers can impact them negatively in any serious way. They have to maintain this "strong" outward face to their clients to maintain their level of trust. Given that Amazon did suffer some sort of outage or reduced service during the time period, I'm not sure of anything other than a trusted third party investigation to understand what level of effect the DDoS 'attack' had (if any) on Amazon. I'm not saying there isn't a way, I just don't know of one. Maybe someone can suggest one.

Re:Managing Perceptions

[Rysc]

It would also be bad for business to say "We weren't attacked, we just suck at doing our jobs." This is precisely what hardware-related outages mean for an outfit like Amazon. Why would you trust your business to Amazon hosted services when they are incompetent?

Re:

[somersault]

Yeah, I wouldn't have expected Amazon to have a single point of failure anywhere, it's pretty strange.

Re:

[Tanktalus]

Yeah, I'd expect them to have MANY points of failure, all in serial. So that's multiple, um, single-points-of-failure. Er, nevermind. Carry on.

Re:

[Anonymous Coward]

Most would prefer a "Oh someone just forgot to do their job" over "an internet mob took down our site, and it could happen again at any moment"

Re:

[clone52431]

One of them would be the result of a very small chance of failure at any given time. The other would imply a high chance of failure at the whim of whoever wants to attack them.

A rare screw-up looks bad, but folding whenever someone attacks you is worse.

Re:

[kiwimate]

How many outages for Amazon over the past 12 months, and what aggregate duration?

How many outages for Google (GMail, News, etc.) over the past 12 months, and what aggregate duration?

If you want to take it further, figure out what the % uptime comes out to. Seriously, this is a technical web site. I'd expect people here to understand the difference between 100% uptime and reality.

Re:

[ThirdPrize]

I wonder how much an hour of downtime would cost Amazon in lost sales?

Re:

[theshowmecanuck]

I would estimate at least one shitload of sales. Offtopic: we had a big dump of snow last night... I am enjoying the sound of gunning engines and spinning tires identifying the idiots (sort of) driving by my window who were too lazy to get their snow tires on yet... and it isn't much of a hill.

Re:

[matt4077]

More importantly, admitting it was a DDoS creates an incentive for more attacks, where otherwise people would just give up. Anyway, I'm hoping they're right and the script kiddies failed. The wikileaks debate should be about the better arguments, not the larger number of nodes.

Beginning of the End of DDoS?

[Notquitecajun]

I wonder if the recent WL issues signal the end of DDoS for at least large companies - Visa, Mastercard, Amazon, etc. I can foresee them putting enough money into their servers and infrastructure that, at some point, they really couldn't be overwhelmed. Is this going to wind up being a hardware or software issue in the future in preventing DDoS attacks?

Re:Beginning of the End of DDoS?

[nicholas22]

It all depends on the actual DDoS load. There's no such thing as infinite bandwidth, you see. Amazon was down for 30 minutes in 4 countries on Sunday. And this by some quasi-organized group of script kiddies. So no, I don't see that being the case yet at all...

Re:

[N1AK]

Load sharing between groups of large companies could be one potential counter-tactic. I'm not a network expert, so I'm not even going to try and elaborate on the concept, however I doubt it's beyond the wit of man to implement.

Re:

[Notquitecajun]

That's near-future, though. I suspect we'll eventually see something for the large corps that prevents those type of attacks.

Re:

[gknoy]

I imagine they'd like to see if a herd of ED-209s would help prevent/discourage it.

wait

[marcello_dl]

A hardware failure bringing down the site of a corporation who also is a cloud provider it's pretty bad PR, there should be no single point of failure in a proper cloudy system :)

Re:

[dragonhunter21]

I think it's better to have a system that might suffer from hardware failures than a system that can be taken down by a group of loosely-organized script kiddies.

Take a small PR hit to mitigate a larger one? Sounds like a plan to me.

Re:

[drinkypoo]

Take a small PR hit to mitigate a larger one? Sounds like a plan to me.

On one hand you have incompetence. On the other hand you have incompetence. But on one hand you have someone to blame, and on the other you have only yourself. If a big piece of cloud can be taken down because one switch failed, then it's not a cloud, is it? It's just another centrally-managed cluster designed by idiots.

Re:

[dragonhunter21]

One hand, incompetence that might cause a fault in service once in a blue moon that can be repaired in less than half an hour. On the other, you've got incompetence that allows a system to be dropped by, again, a group of loosely organized script kiddies.

I'm not arguing for or against Amazon's service- I'm just stating that if I was in charge of damage control at Amazon, this is how I'd do it.

blame the hackers

[bzipitidoo]

It's one reason why threats of vandalism can be a bad idea. No matter what happens, there's now a group who has volunteered to be the whipping boys. As if it wasn't already too easy to blame it all on hackers to cover up incompetence.

Re:

[Haedrian]

What about the load balancer?

Re:

[marcosdumay]

Should be redundant, like switches, external connections, power, and everything else.

Opportunistic Single Point of Failure

[javalizard]

If there is no demand/traffic, wouldn't that be the single point of failure that every cloudy system is designed to take advantage of?

Could still be related

[markov_chain]

What's to say a disgruntled Amazon employee who is also an anonymous follower didn't "accidentally" unplug the A/C. Presto, hardware failure!

Thanks

[dragonhunter21]

by a hacker group sympathetic to Wikileaks cause.

Thank you.

Damn you Amazon.

[orphiuchus]

So is this why none of my shit has arrived yet, even with the most expensive possible shipping?

Re:

[Haedrian]

That's probably because with everyone and their dog shipping things for the Capitalistmas season - the postage system gets overwhelmed.

Re:

[Dan Dankleton]

You mean it's a DDoS of the postal service?

Re:

[game kid]

The posties say "If it fits, it ships." [prioritymail.com] Apparently it just doesn't fit.

Just Amazon Europe?

[0123456]

Amazon.com was screwed yesterday afternoon too. Or was that just all the Christmas shopping?

"The cloud you can depend on"

[holamundo]

That's what they told us. [amazon.com]

Quoting from their site: "Reliable and redundant – Our datacenter is built using large amounts of commodity hardware. When one node fails, millions of other nodes pick up the slack. As a result, you gain all the benefits of an always-on and self-healing infrastructure, without ever having to configure or replace hardware."

So how did "a" hardware failure brought their cloud down? Anyway, a hardware failure still sounds better than a DDoS though.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[jonbryce]

So the likes of amazon.co.uk and amazon.fr are not showcases for their flagship technology then?

Re:

[account_deleted]

Comment removed based on user account deletion

Harry Crumb would say

[future assassin]

Sure Sure ....

There it is again..."sympathetic"

[mykos]

This word has been thoroughly hijacked as euphemisms by the propaganda machine. "Communist sympathizers". "Al Qaeda sympathizers". "Terrorist sympathizers". It seems that anyone that doesn't pledge to fight whatever the government wags a finger at is a "sympathizer".

Amazon is correct

[Nyder]

It was a hardware problem.

the hardware wasn't enough to keep up with all the requests coming in.