Amazon Says Hardware, Not Hackers, Caused Outage

ChiefMonkeyGrinder writes "Amazon has denied reports that its European sites were brought down by a DoS attack by a hacker group sympathetic to Wikileaks cause. The retailer was a planned target for the attackers, called Anonymous. But Amazon said it was a hardware failure in its European data centre network that caused the half hour outage in Europe."

Lakes vs an Ocean

I doubt a bunch of piddly home connections can take on a backbone anyways. .

Re:Lakes vs an Ocean

I doubt a bunch of piddly home connections can take on a backbone anyways. .

Of course they can. Back in the day we had Smurf and could take down entire ISPs from a 28.8... Anyone with a good broadcast list and the ability to ping could take down anyone. That's the nature of the first "D" in "DDoS".

I don't know

[zero.kalvin]

I believe them on this one.

Re:I don't know

[Haedrian]

I'm sure I do. DDOSing Amazon would require a hell of a lot of clients.

And Anonymous themselves said they weren't going to attack Amazon.

Re:I don't know

[Errol+backfiring]

In fact, a whole cloud of them.

Re:I don't know

Employee in european data center is anonymous too.

Re:I don't know

So do I, from their Black Friday debacle in the UK which was essentially a lottery rather than a sale because you got an HTTP 503 Service Unavailable response to attempts to purchase the offers 90% of the time as they clearly couldn't handle the load, through to the fact that it's currently taking them around 5 days to deliver orders which they're telling you on ordering are GUARANTEED to be delivered in 1 day via Amazon Prime I'd have to agree that Amazon have become quite excellent at fucking up their own business all by themselves this past few weeks.

Of course, customer services were helpful, suggesting that if I could just wait another 8 days to see if my next day guaranteed delivery arrives before contacting them again. Yeah, thanks idiots, that really helps fix the fact you've advertised GUARANTEED delivery, and hence are legally obliged to meet that, and if you do not, are in breach of trading standards regulation. As the Indian call centre I got through to apparently had no concept of such laws though, I asked if I could be transferred to a UK call centre that did, only to be told they have absolutely no contact with the UK and that if I want to get through to UK call centre staff I should just keep trying to ring them, and hanging up if it's not the UK I get through to, until their telephone system randomly puts me through to the UK- awesome Amazon, didn't you say you were a technology company once? a technology company that doesn't even have any kind of communications link from one call centre to the other, that apparently doesn't even have an e-mail system that allows the Indian staff to e-mail the UK staff and get them to call me? Apparently cancelling the delivery with Shitty Link, the UK's most incompetent courier managing to beat out even Royal Fail with it's inability to cope with the now long melted off snow, and using one that can actually fulfil it's obligations is too difficult for an outsourced call centre supervisor to cope with. Hard-fucking-core, bravo on that technological excellence. I'll be coming straight to you with my cloud hosting requirements, because clearly your level of technological excellence is unparalleled.

Being unable to even run their own web site at all even under normal load would certainly seem to be the next logical step in their decline.

Which all wouldn't be so bad if they weren't chipping in with political statements such as:

"Further it is not credible that the extraordinary volume of 250,000 classified documents that Wikileaks is publishing could have been carefully redacted in such a way as to ensure that they weren't putting innocent people in jeopardy,"

Yeah okay Amazon, it's one thing to shy away from hosting a controversial site to protect your business interests, but it's a whole other to make entirely speculative politically weighted comments like that. Fact is, Amazon has no fucking idea how many volunteers and how much support Wikileaks received, so saying it is not credible, is entirely speculatory, it's entirely politically weighted and motivated.

What happened to you Amazon? You used to be cool.

P.S. If Amazon has pissed you off enough like they have me, then Amazon UK's CEO's e-mail address is bmcbride@amazon.com or you could go straight to the top and contact Jeff Bezos in the US at jeff@amazon.com. Contact them, let them know what you think about their company. Enjoy.

Re:I don't know

Imagine a beowulf cluster of clouds!

Re:I don't know

So do I, from their Black Friday debacle in the UK which was essentially a lottery rather than a sale because you got an HTTP 503 Service Unavailable response to attempts to purchase the offers 90% of the time as they clearly couldn't handle the load, through to the fact that it's currently taking them around 5 days to deliver orders which they're telling you on ordering are GUARANTEED to be delivered in 1 day via Amazon Prime I'd have to agree that Amazon have become quite excellent at fucking up their own business all by themselves this past few weeks.

You're full of shit.

Re:I don't know

[Anonymous+Brave+Guy]

I can't comment on the 503s except to say that I didn't see one, but Amazon UK have yet to hit any of their estimated delivery dates for our household's orders over the past month or so, and the delay is now measured in weeks in some cases. They did have a big banner up on their web site during the snow saying that some deliveries might be delayed by a couple of days, but they are way past that with us.

Re:I don't know

[Weezul]

Amazon is currently hosting wikileaks for a Danish media group, just not for wikileaks themselves.

I've a quick question for all the network gurus out there. The JS LOIC stops sending packets once the currently open connections without responses reaches a preset limit, which happens to be 1000.

Is that really how one should approach a DDoS? Would doing otherwise be a SYN flood which kernels now block fairly effectively? Or are they perhaps doing this to make it more like a virtual sit-in, i.e. all the computers play nice but still suck up time?

You'll notice for example that verified.visa.com:80 hangs around 1001 for several seconds.

Sorry if the question is stupid. I've never cared too much about networking details, especially related to silly DDoS attacks, but all the media talk about wikileaks made me curious just what people were doing.

Re:I don't know

[Xest]

You wont have seen the 503s because they were being returned in response to the AJAX request issued by clicking the add to basket button on the Black Friday offers. If you tried to by any of the items and found yourself stuck indefinitely in a queue, or at least for a few minutes or more then it was because Amazon's Javascript wasn't setup to handle 503 responses from the server, and so just hung there with the queue animation, even though the reality is your request was never even processed.

I looked into it myself after my suspicions were aroused due to me and a colleague click spamming where the button was to click it as soon as the offer came up, and us getting stuck in queues, whilst our colleague being a bit dormant didn't click it until about 30 seconds after it appeared and got the item straight in her basket whilst we were supposedly queueing. That's when I cracked open Firebug and had a look under the hood at what was going on.

I've never really thought about it as a lottery until reading the GGPs post, but I guess he has a point, there may be a case for trading standards in this respect I guess because Amazon did say it was a first come first served sale, where it clearly was not- if for example there were 500 units of a product, and of the first 500 that click only 300 have their requests serviced, and 200 do not but get told they're in a queue when they're not, then that means others who click afterwards may get the items those should've got.

The system seemed a bit too easy to game for my liking too, if it weren't for the fact I'm one of the worlds greatest procrastinators, I'd have written a quick plugin to simply keep resubmitting the AJAX request until a proper response was received rather than a 503 error. I imagine that's in fact how some people did hoarde some of the top items so quickly, because it's fairly trivial to do.

Not sure what's going on about deliveries, but there's been enough people in the office complaining about having not received deliveries from Amazon, and it's not like we've had any snow here either since the week before last, it was all melted off by last Monday so if they are overdue there doesn't really seem to be an excuse now.

Re:I don't know

Me too. Amazon doesn't pay shit.

Their Linux Sysadmins get an Indian salary in D.C., the most expensive hole on the east coast. "Oh Noooss... We can't pay 70K! Most people here get 65K, and 75K if they are here for awhile. Apparently nobody is there for awhile because they're always hiring for shitty wages. I would assume something similar for Cisco admin's.

Re:I don't know

[AoT]

This is exactly what I was thinking. It's only a matter of time before more IT employees start realizing this.

Re:I don't know

[Dogtanian]

I can't comment on the 503s except to say that I didn't see one, but Amazon UK have yet to hit any of their estimated delivery dates for our household's orders over the past month or so

Not sure what's going on about deliveries, but there's been enough people in the office complaining about having not received deliveries from Amazon, and it's not like we've had any snow here either since the week before last, it was all melted off by last Monday so if they are overdue there doesn't really seem to be an excuse now.

Define "here". Parts of Scotland got a lot more snow in the middle of last week (whereas my part of Scotland- which got a lot the previous week- was unaffected despite being not that far away, so don't assume that your local area reflects the whole of the UK). It's possible that any Amazon operations based in Scotland may be affected. (I don't know if they store the same item at multiple warehouses and choose the most efficient one to dispatch from according to the customer's location- but if so I'd guess this would only apply to the better-selling items(?)).

At any rate, Parcelforce (the parcel branch of the Royal Mail) still have such a backlog here that they're refusing to take any further deliveries to Scottish addresses at present, even though there hasn't been further snow since and it appears to be getting removed.

Re:I don't know

[Anonymous+Brave+Guy]

In my case, "here" means Cambridge, UK. There was a bit of snow here and rather more in places like Essex and Kent, but it was all cleared several days ago, and unlike those of you further north, we really weren't disrupted for that long. I can understand the various retailers and delivery services who are tightening up on what commitments they will give in Scotland, but I don't see any excuse for having a week or more of backlog in delivery services in this region.

Re:I don't know

[Meski]

A hardware failure couldn't be triggered by a DDOS?

Re:I don't know

[Xest]

West and North Yorkshire in my office. I asked around this morning where deliveries where the tracking data on tracked parcels people hadn't received were from and a few people said Kettering, Northants. and one said Milton Keynes, others didn't have any tracking details so it doesn't seem in at least some of these cases that there really is much of an excuse. We did have bad snow around here for a few days, but it was maybe 3 days out of a week the week before last.

I can certainly see why people who went for guaranteed delivery would be annoyed, they shouldn't really use that term if they can't fulfil it. It's the sort of term you should only really be using if you're using a courier that can cope with all weather conditions- i.e. have delivery vans either with snow tyres/snow chains, or have vehicles better adapted to off-road. Either that, or simply don't offer the service. If the road from the depot to a main road is too deep in snow it woudln't cost much in the grand scheme of things to just pay for a snow plow to clear the road. These services run just fine in places like the US/Canadian snow belt who get far worse, for far longer so it's not as if it's impossible to resolve, just that after 3 winters of this kind of weather the courier firms whose business fundamentally revolves around figuring out how to get to places still haven't planned for it it seems.

Re:I don't know

[Dogtanian]

I don't see any excuse for having a week or more of backlog in delivery services in this region.

Well, I was trying to say that if something is being dispatched from a snowed-in warehouse based in Scotland, your delivery is still going to be delayed, regardless of whether the home counties are swanning around in a heatwave, knocking back Pimms and G&Ts or not :-)

As I said, I don't know where Amazon orders are generally dispatched from- I strongly suspect that popular items will be held at all their UK warehouses, but am less sure about the obscure stuff.

Re:I don't know

[Anonymous+Brave+Guy]

Well, I was trying to say that if something is being dispatched from a snowed-in warehouse based in Scotland, your delivery is still going to be delayed

Sure, I understood what you meant. Given that Amazon UK tend to sell you things like DVDs using their "preferred Jersey merchant" these days (for tax reasons, presumably), I wouldn't expect a warehouse much further north to factor into the equation, but I suppose with business logistics these days you can't assume too much!

Re:I don't know

[Dogtanian]

Sure, I understood what you meant. Given that Amazon UK tend to sell you things like DVDs using their "preferred Jersey merchant" these days (for tax reasons, presumably), I wouldn't expect a warehouse much further north to factor into the equation, but I suppose with business logistics these days you can't assume too much!

They definitely do have at least one warehouse in Scotland- Glenrothes in Fife- but as you imply, whether that would be used for your delivery is unclear.

I guess deliveries from the "preferred Jersey merchant" are less likely to be affected by snow. But more likely to be affected by Nazi occupation of the territory... :-/

FWIW, the mysteriously-named "Jersey merchant" is actually Indigo Starfish, which I've heard some not entirely complimentary things about (mainly due to bad packaging on DVDs and the like), though they were okay when I ordered an ink cart, the only thing I've ever used them for personally. The envelope and receipt had the "Indigo Starfish" branding and Amazon's blurb makes clear that one's contract is with IS, not Amazon themselves.

Along with the fact that they're using their own identity for sending out "Jersey merchant" orders, and are a separate company, it's unlikely that Amazon are using them for their "own" orders as I've never had one of those with the Jersey customs declaration on it (nor been notified that it would be dispatched from Jersey, which I assume they'd have to do were this the case).

BTW, IIRC there used to be an "Amazon Jersey" and now there isn't, so I'm not sure what the story was there.

possible cause of failure

[bl8n8r]

Load from the DDoS traffic fried the switch.  So you see, it's a hardware failure.

Re:possible cause of failure

Thanks, Professor Hawking.

Re:possible cause of failure

[gilbert644]

DDoS attacks were aimed at amazon.com, i.e. US infrastructure so I doubt it.

Re:possible cause of failure

Please explain to us how DDoS traffic fries the switch?

There was only one time I have ever heard of software frying hardware: IBM's OS/2 device driver for the (IIRC) 5414 monitor - IBM had to replace a shit load of monitors that year ('93?).

Re:possible cause of failure

Self-esteem meme for hackers?

My packets were big enough, my packet count was enough, it fried the hardware.

Re:possible cause of failure

Was it a PoE capable switch :-P?

Re:possible cause of failure

[datapharmer]

Heat.

It is why we air condition data centers.

Re:possible cause of failure

Heat.

It is why we air condition data centers.

OK. So, we'll assume here that Amazon is smart enough to air condition their server rooms. And we'll assume here that the router manufacturer's engineers are smart enough to have adequate ventilation in the actual router case.

How can a DDoS attack make the router generate more heat than it can handle?

There's no way to do it. Folks are just grasping at straws trying to make it look like a bunch of skiddies took the "man" out.

Re:possible cause of failure

You quite overestimate the hardware. Switches do fail, overheat, etc, it happens all the "F." time.
There's always some which are less tolerant than the others. Especially when it's really big, complicated hardware.

Welcome to the real world.

Re:possible cause of failure

I like fried packets too. Greasy!

Re:possible cause of failure

You quite overestimate the hardware. Switches do fail, overheat, etc, it happens all the "F." time.

Yes, you are right, but you've lost track of the discussion. Nobody's saying the hardware can't fail (as you say, it happens all the time), but that has nothing to do with a DDoS. If this DDoS came in right after a cooling fan failed (for example), that's nothing more than coincidental timing.

Re:possible cause of failure

In the late 80s, Bulgaria tried to produce color monitors. Those could be easily destroyed by making the video card cycle through refresh rates. And no, it is not a rumor, I fried two myself - the first one by accident while trying to figure how a game got more than 4 colors on a CGA adapter, and the second to fine tune the attack.

Then I attached a few hundreds bytes to a program I knew would be running on the PCs of a guy who had swindled a bunch of people. Yes, it worked, but my revenge palled compared to the one of whoever burned down his car... Ah, Eastern Europe. I so do not miss you.

Re:possible cause of failure

[Opportunist]

You don't watch many action movies, do you? From them I learned that you can even make computers explode by things like entering the wrong password or just hitting the wrong key. And they also throw you halfway across the room when they blow up in sparkles.

Re:possible cause of failure

[MobileTatsu-NJG]

Load from the DDoS traffic fried the switch. So you see, it's a hardware failure.

Is that even possible? +5 Insightful??

Re:possible cause of failure

[MobileTatsu-NJG]

Heat.

It is why we air condition data centers.

Uh huh. And these digital routers just keep revving up more and more as data comes through until they catch fire?

Re:possible cause of failure

[Noughmad]

Heat.

It is why we air condition data centers.

Uh huh. And these digital routers just keep revving up more and more as data comes through until they catch fire?

I was just wondering why my processor never overheats, and now I know it's because it's digital.

Re:possible cause of failure

[MobileTatsu-NJG]

I was just wondering why my processor never overheats, and now I know it's because it's digital.

Good. Now go read more about why things like web-servers don't actually catch fire when they are slashdotted.

Re:possible cause of failure

But you can make certain processing units explode with overflows of some sorts, and attempted divide by zero operations.

Re:possible cause of failure

[spongman]

nothing's going to catch fire but it only takes one bad transistor to take down a machine during abnormal load. i had a sup720 go belly-up on me a while back as soon as we started load testing. it happens.

Re:possible cause of failure

[MobileTatsu-NJG]

Okay, so the cause was a defective bit of hardware and not a DoS attack, right?

Re:possible cause of failure

[spongman]

i'm not saying it wasn't a DDoS. i'm saying that it could have been defective hardware, and that the fault could have been caused by a DDoS.

Re:possible cause of failure

[MobileTatsu-NJG]

i'm not saying it wasn't a DDoS. i'm saying that it could have been defective hardware, and that the fault could have been caused by a DDoS.

Right, I get what you're saying, but you're wrong about what the 'cause' is. If a transistor blows under a high load, then the transistor is defective. The only reason a DDoS would be to blame for it is if part of the process was that it changed how the hardware behaved (i.e. bypassing a safety mechanism) to cause a burn-out.

You said yourself, you caught it during load testing. You didn't break the hardware.

Re:possible cause of failure

[spongman]

yeah, we broke the hardware. fried, blue smoke, nasty smell.

Re:possible cause of failure

[MobileTatsu-NJG]

I mean that you didn't break it, it was defective.

I know one thing...

[digitaldc]

...you can't believe anything you read about outages any more.

Re:I know one thing...

[mcgrew]

Wisdom from my old man: Don't believe anything you hear or read, and only half of what you see.

Re:I know one thing...

[gstoddart]

Don't believe anything you hear or read, and only half of what you see.

I don't believe that. ;-)

Re:I know one thing...

[Posting=!Working]

If I believe it on sight, then read it, I need to disbelieve half of it, and both believe and not believe the other half.

I can handle the quantum state of belief, I just need to know which half to ignore so I don't accidentally observe it and ruin the advice. I'm leaning towards "ou hear or read, and only half of what you see."

Now if someone would just read it aloud to me so I could hear it, I'd only need to believe half of it half as much as I don't believe it.

Good advice, but there's too much math and physics for the average person.

Re:I know one thing...

I don't believe that. ;-)

I don't believe that you don't believe it then.

Re:I know one thing...

[gmhowell]

Wisdom from my old man: Don't believe anything you hear or read, and only half of what you see.

Instead, I heard it through the grapevine.

Yes but...

[should_be_linear]

...sales lost for many people suddenly _hate_ Amazon is directly related to WikiLeaks debacle. Lets take as an example one average customer (me), who used to spend lots of money there...

Re:Yes but...

No, the average customer (not you) has not stopped shopping there because of WikiLeaks.

Re:Yes but...

[Sonny+Yatsen]

You post on slashdot and you pay attention to the news. I seriously doubt you fit into the category of "average customer".

I believe you'd find that the "average customer" doesn't share the "hate" that you suddenly gained, but are rather quite apathetic about the whole thing so long as they can get a cheap Playstation 3.

Re:Yes but...

[ScentCone]

sales lost for many people suddenly _hate_ Amazon is directly related to WikiLeaks debacle

You're not taking into account the customers they retain or attract as people learn more about the actual facts. Amazon is under no obligation to let oily weasles like Assange operate outside of their TOS, and they have a strong incentive to been seen actually enforcing their stated policies. Likewise, people who see that Amazon can easily weather a moderately aggressive DDoS like that juvenile tantrum thrown by Anonymous now have that much more of a reason to trust Amazon while buying goods or considering where to host cloud-ish stuff. This whole thing has been a fine demonstration of Amazon's infrastructure, and a good object lesson in why you should read the hosting company's TOS when operating the web site you use to take money and handle stolen government documents.

Re:Yes but...

[Pojut]

No offense, but that's fucking stupid. Why should Amazon risk compromising their servers just because one of their hosted sites has become a target? I fully support Wikileaks and their efforts, but you can't really put the blame on Amazon for dropping Wikileaks...Amazon is a business, and risking that business because of a single client would be a horrible idea.

Re:Yes but...

[Duradin]

Apathetic in general or doesn't care that a(n insult to) weasel(s) found out he had to play by the rules. Or they do care and want to reward Amazon for supporting freedom of association.

Re:Yes but...

[ArsenneLupin]

Why should Amazon risk compromising their servers just because one of their hosted sites has become a target?

Hmmm, look like they did exactly that :-)

Amazon is a business, and risking that business because of a single client would be a horrible idea.

So why did they do it, if it was such a horrible idea?

Re:Yes but...

[Sechr+Nibw]

Maybe they reckoned the fallout from dropping WikiLeaks would be less than it would be from keeping them.

Re:Yes but...

[ThirdPrize]

... and if I was trying to host an illegal file sharing site on one of their clouds they would shut it down for exactly the same reasons as they did WikiLeaks. It is stuff that is illegal to have. Now if Wikileaks had moved it to China :) or one of them countries that doesn't believe in copyright then they would be fine.

Re:Yes but...

[Lumpy]

You and those like you amount to 0.01% of amazons customers.

Most people watch dancing with the stars+Glee and buy every shiney they see.

"Ohh this is pretty and made with the hearts of baby seals that were clubbed to death and assembled in china by slave children that get whipped! I'll buy 2!"

And yes, that is accurate. Otherwise Nike would be out of business as everyone knows their factories are horrible crimes against humanity.

Re:Yes but...

[Lumpy]

I agree, back in 1776 a bunch of evil weasels took over the colonies and look at what happened. a lot of innocent British soldiers sent over to protect the citizens died!

One man's TERRORIST is another mans Freedom Fighter.

Re:Yes but...

[Pojut]

That's what I was getting at, more or less...between pressure from the government and pressure from all the faceless people targeting wikileaks, it just wasn't a sound business decision.

I very rarely take the side of big business, but Amazon couldn't afford those kinds of problems. I have no idea why they agreed to host the servers in the first place (maybe they didn't think it would affect their end as much as it did?) but I completely understand why they decided to stop hosting them.

As I said in my OP, I support Wikileaks, but I place no fault on Amazon here. They just did what was necessary to mitigate any damage to their business. They didn't take an official stand one way or the other in their press release...it was quite "matter of fact" in tone.

Re:Yes but...

[arkenian]

I have no idea why they agreed to host the servers in the first place (maybe they didn't think it would affect their end as much as it did?) but I completely understand why they decided to stop hosting them.

My understanding was that they didn't "Agree to host the servers" as a concious act. Wikileaks just set up an account and provisioned them automatically...

I agree with you, FWIW. While I have issues with the payment services cutting off donations, I have trouble objecting to what amazon did.

Re:Yes but...

[turbidostato]

"... and if I was trying to host an illegal file sharing site on one of their clouds they would shut it down for exactly the same reasons as they did WikiLeaks."

Except for the "illegal" part.

"It is stuff that is illegal to have."

Don't think so. And provided that no USA fiscal office has started procedures against Wikileaks for the published contents, so do think USA legal body. It is stuff that it may be illegal to share if you are managing it. Perfectly legal to have and publish if you have managed to get to somehow. That's why, in case of any doubt, those pesky UK terrorists made a point introducing the First Amendment to their Constitution. Cfr. the legal situation of Bernstein & Woodward versus "Deep Throat" regarding the Watergate scandal.

Re:Yes but...

[Saint+Stephen]

Moral relavatism.....

Re:Yes but...

No offense, but that's fucking stupid. Why should Amazon risk compromising their servers just because one of their hosted sites has become a target? I fully support Wikileaks and their efforts, but you can't really put the blame on Amazon for dropping Wikileaks...

No, what you just said was fucking stupid. Amazon shouldn't be in that business if they are unwilling or incapable of mitigating those risks. Period. I put the blame solely on Amazon for dropping Wikileaks. It's the same thing if say, you showed up at the hospital, hired a doctor to heal you, became the target of a bubonic plague infection, and were sent home to die specifically because your system was targeted by the infection. Is that the type of behavior you really want to advocate our society switch to?

Amazon is a business, and risking that business because of a single client would be a horrible idea.

Amazon is a business. To think that they are running a hosting service without the ability to mitigate an coordinated attack on their network is shameful. Their IT is a joke. My industry is regulated federally by the CFTC. We have strict BC/DR plans to mitigate catastrophic network or data loss. So should Amazon. The fact that they do not should be a huge fucking red flag to their shareholders and investors.

Re:Yes but...

I agree, back in 1776 a bunch of evil weasels took over the colonies and look at what happened. a lot of innocent British soldiers sent over to protect the citizens died!

On their first terrorist attack, they cowardly disguised themselves to put the blame on innocent Native Americans. If they had succeeded, they could have caused an Indian massacre by the British.

Re:Yes but...

On a similar note, one man's traitor is another man's informant.

Re:Yes but...

[gestalt_n_pepper]

Moral relativism exists, like it or not. Morality != (something objectively verifiable)

Re:Yes but...

Not objecting If they GAVE HIM WARNING so he could get his data off before cutting him off due to their perceived threats. If it was a blindside, then I have objections.

Re:Yes but...

[Noughmad]

If they had succeeded, they could have caused an Indian massacre by the British.

They didn't fail completely though, the British got their revenge on the other Indians.

Re:Yes but...

Letting Wikileaks and Co run all over Amazon while they trembled in fear to act as they thought right isn't any more appropriate than allowing any other bully to push your around.

In this case some computer nerds band together to try and be the bully on the net that they can't be in "real life".

Pacifying Wikileaks and their supporters out of fear is the last thing that anybody should do. An honest Wikileaks / Op dumbass would probably acknowledge that allowing them to act as thugs is no more tolerable than letting the US or whomever else they dislike to do the same to them.

Re:Yes but...

[ScentCone]

One man's TERRORIST is another mans Freedom Fighter.

Sure, but only if you're an irrational moral relativist.

Re:Yes but...

[Lumpy]

Which is what reality has been for the last 90,000,000,003 years. Before then we had Moral Absolutism... but Cthulhu put a stop to that.

Re:Yes but...

[im_thatoneguy]

The Teabaggers would have probably boycotted Amazon for supporting "terrorists" if they did host Wikileaks. Either way they lose customers.

Re:Yes but...

[Almahtar]

Likewise, people who see that Amazon can easily weather a moderately aggressive DDoS like that juvenile tantrum thrown by Anonymous now have that much more of a reason to trust Amazon while buying goods or considering where to host cloud-ish stuff.

Juvenile tantrum? They took down Paypal, Mastercard, and Visa. That's not a juvenile tantrum, that is "hulk smash".

Managing Perceptions

[theshowmecanuck]

Whether true or not, Amazon pretty much has to say it was something other than a DDoS that impacted their site(s). It would be bad for business to say that an attack from a bunch of hackers can impact them negatively in any serious way. They have to maintain this "strong" outward face to their clients to maintain their level of trust. Given that Amazon did suffer some sort of outage or reduced service during the time period, I'm not sure of anything other than a trusted third party investigation to understand what level of effect the DDoS 'attack' had (if any) on Amazon. I'm not saying there isn't a way, I just don't know of one. Maybe someone can suggest one.

Re:Managing Perceptions

[Rysc]

It would also be bad for business to say "We weren't attacked, we just suck at doing our jobs." This is precisely what hardware-related outages mean for an outfit like Amazon. Why would you trust your business to Amazon hosted services when they are incompetent?

Re:Managing Perceptions

[somersault]

Yeah, I wouldn't have expected Amazon to have a single point of failure anywhere, it's pretty strange.

Re:Managing Perceptions

[Tanktalus]

Yeah, I'd expect them to have MANY points of failure, all in serial. So that's multiple, um, single-points-of-failure. Er, nevermind. Carry on.

Re:Managing Perceptions

Most would prefer a "Oh someone just forgot to do their job" over "an internet mob took down our site, and it could happen again at any moment"

Re:Managing Perceptions

[ThirdPrize]

I wonder how much an hour of downtime would cost Amazon in lost sales?

Re:Managing Perceptions

[theshowmecanuck]

I would estimate at least one shitload of sales. Offtopic: we had a big dump of snow last night... I am enjoying the sound of gunning engines and spinning tires identifying the idiots (sort of) driving by my window who were too lazy to get their snow tires on yet... and it isn't much of a hill.

Re:Managing Perceptions

[matt4077]

More importantly, admitting it was a DDoS creates an incentive for more attacks, where otherwise people would just give up. Anyway, I'm hoping they're right and the script kiddies failed. The wikileaks debate should be about the better arguments, not the larger number of nodes.

Re:Managing Perceptions

[clone52431]

One of them would be the result of a very small chance of failure at any given time. The other would imply a high chance of failure at the whim of whoever wants to attack them.

A rare screw-up looks bad, but folding whenever someone attacks you is worse.

Re:Managing Perceptions

[kiwimate]

How many outages for Amazon over the past 12 months, and what aggregate duration?

How many outages for Google (GMail, News, etc.) over the past 12 months, and what aggregate duration?

If you want to take it further, figure out what the % uptime comes out to. Seriously, this is a technical web site. I'd expect people here to understand the difference between 100% uptime and reality.

Re:Managing Perceptions

[npuzzle]

Actually, I think it would be worse for Amazon to admit that they did suffer a DDoS. I can easily imagine the more "technically challenged" people confusing an attack with an actual break-in. A break-in would imply that their accounts are exposed, including personal data, and could potentially cause a threat to them (impersonation, blackmailing, etc).

Beginning of the End of DDoS?

[Notquitecajun]

I wonder if the recent WL issues signal the end of DDoS for at least large companies - Visa, Mastercard, Amazon, etc. I can foresee them putting enough money into their servers and infrastructure that, at some point, they really couldn't be overwhelmed. Is this going to wind up being a hardware or software issue in the future in preventing DDoS attacks?

Re:Beginning of the End of DDoS?

[nicholas22]

It all depends on the actual DDoS load. There's no such thing as infinite bandwidth, you see. Amazon was down for 30 minutes in 4 countries on Sunday. And this by some quasi-organized group of script kiddies. So no, I don't see that being the case yet at all...

Re:Beginning of the End of DDoS?

I honestly think that the only way DDoS can be avoided is for ISPs to actively disconnect zombified machines from the Net. Down-side, this gives the ISPs the justification for DPI and, well, disconnecting people from the Net.

Re:Beginning of the End of DDoS?

So this is all just a plot to increase IT's budget? Genius!

Re:Beginning of the End of DDoS?

[N1AK]

Load sharing between groups of large companies could be one potential counter-tactic. I'm not a network expert, so I'm not even going to try and elaborate on the concept, however I doubt it's beyond the wit of man to implement.

Re:Beginning of the End of DDoS?

[Notquitecajun]

That's near-future, though. I suspect we'll eventually see something for the large corps that prevents those type of attacks.

Re:Beginning of the End of DDoS?

[gknoy]

I imagine they'd like to see if a herd of ED-209s would help prevent/discourage it.

wait

[marcello_dl]

A hardware failure bringing down the site of a corporation who also is a cloud provider it's pretty bad PR, there should be no single point of failure in a proper cloudy system :)

Re:wait

[dragonhunter21]

I think it's better to have a system that might suffer from hardware failures than a system that can be taken down by a group of loosely-organized script kiddies.

Take a small PR hit to mitigate a larger one? Sounds like a plan to me.

Re:wait

[Haedrian]

What about the load balancer?

Re:wait

[drinkypoo]

Take a small PR hit to mitigate a larger one? Sounds like a plan to me.

On one hand you have incompetence. On the other hand you have incompetence. But on one hand you have someone to blame, and on the other you have only yourself. If a big piece of cloud can be taken down because one switch failed, then it's not a cloud, is it? It's just another centrally-managed cluster designed by idiots.

Re:wait

[dragonhunter21]

One hand, incompetence that might cause a fault in service once in a blue moon that can be repaired in less than half an hour. On the other, you've got incompetence that allows a system to be dropped by, again, a group of loosely organized script kiddies.

I'm not arguing for or against Amazon's service- I'm just stating that if I was in charge of damage control at Amazon, this is how I'd do it.

Re:wait

[dixiecko]

yes, there can be two

Re:wait

[marcosdumay]

Should be redundant, like switches, external connections, power, and everything else.

Anonymous themselves said they weren't going to...

[beh]

Is the group really that organized that you if someone says "we're not going to ', that (nearly) everyone will follow?

Could still be related

[markov_chain]

What's to say a disgruntled Amazon employee who is also an anonymous follower didn't "accidentally" unplug the A/C. Presto, hardware failure!

Re:Could still be related

This was my thought too. Just because Amazon pays your wages does not mean you love them unconditionally. In fact you probably hate them more than the average guy on the street.

Re:Anonymous themselves said they weren't going to

Try again, this time in something resembling English. ;^) I really can't figure out what you're trying to say.

Thanks

[dragonhunter21]

by a hacker group sympathetic to Wikileaks cause.

Thank you.

Damn you Amazon.

[orphiuchus]

So is this why none of my shit has arrived yet, even with the most expensive possible shipping?

Re:Damn you Amazon.

[Haedrian]

That's probably because with everyone and their dog shipping things for the Capitalistmas season - the postage system gets overwhelmed.

Re:Damn you Amazon.

[Dan+Dankleton]

You mean it's a DDoS of the postal service?

Re:Damn you Amazon.

[game+kid]

The posties say "If it fits, it ships." Apparently it just doesn't fit.

Just Amazon Europe?

[0123456]

Amazon.com was screwed yesterday afternoon too. Or was that just all the Christmas shopping?

"The cloud you can depend on"

[holamundo]

That's what they told us.

Quoting from their site: "Reliable and redundant – Our datacenter is built using large amounts of commodity hardware. When one node fails, millions of other nodes pick up the slack. As a result, you gain all the benefits of an always-on and self-healing infrastructure, without ever having to configure or replace hardware."

So how did "a" hardware failure brought their cloud down? Anyway, a hardware failure still sounds better than a DDoS though.

Re:"The cloud you can depend on"

[Ash-Fox]

So how did "a" hardware failure brought their cloud down?

If you were using Amazon's cloudfront service, it would have automatically redirected traffic through a non-European data center instead, so it was only really down for those who chose to do S3 only without cloudfront.

Re:"The cloud you can depend on"

[jonbryce]

So the likes of amazon.co.uk and amazon.fr are not showcases for their flagship technology then?

Re:"The cloud you can depend on"

[Ash-Fox]

So the likes of amazon.co.uk and amazon.fr are not showcases for their flagship technology then?

The main sites run on ec2, which doesn't benefit from cloud capabilities across multiple data centers, but their static data is placed on cloudfront.

Sure

But now they've just painted themselves for an attack that will be much more obvious. The idea is for them to have pie on their face, and if they've been able to wipe this one off without anyone noticing, the group Anonymous won't consider their work done. Since when have groups like this given up so easily? This could be worse for their bottom line in the long run. Haven't we learned from wikileaks that managing perceptions is a really bad idea in the long run?

Opportunistic Single Point of Failure

[javalizard]

If there is no demand/traffic, wouldn't that be the single point of failure that every cloudy system is designed to take advantage of?

Harry Crumb would say

[future+assassin]

Sure Sure ....

blame the hackers

[bzipitidoo]

It's one reason why threats of vandalism can be a bad idea. No matter what happens, there's now a group who has volunteered to be the whipping boys. As if it wasn't already too easy to blame it all on hackers to cover up incompetence.

So...

So it wasn't the hackers talent. It was Amazon's incompetence...

Re:Anonymous themselves said they weren't going to

[ArsenneLupin]

In order to stay "technically" legal, the group can't openly call for an illegal action, such as DDosing of a target. So they instead say "hopefully nobody will DDos target", and hope that everybody understands what is really meant...

The real cause of the "hardware" failure

[Christian+Marks]

The surge of account terminations in protest over Amazon's treatment of WikiLeaks caused an outage after power needed for their data center in Europe was diverted to overloaded call centers outsourced by Amazon to the Indian subcontinent.

Re:Anonymous themselves said they weren't going to

Yep pretty much. No point DDoSing without plenty of assistance, after all. There is some sort of hierarchy (it's mostly democracy-driven, they either hold a poll or make a decision that reflects the will of the majority) but it's highly informal and transient, however when a call comes from "the top" everyone tends to listen.

When I participated in earlier Operation Payback attacks, there was lots of talk of switching targets and attacking early, but we mostly stayed on target. A sub-group jumped the gun by a few minutes, taking down the site, and everyone else piled on when that happened, but overall it was pretty well-controlled.

I believe Amazon

DDOS attacks can be prevented if the company is willing to shell out enough cash. Many ISP's offer a DDOS prevention service which in the event of a DDOS, the Internet traffic is routed through the ISP's backbone which often is >=100Gbp.

There it is again..."sympathetic"

[mykos]

This word has been thoroughly hijacked as euphemisms by the propaganda machine. "Communist sympathizers". "Al Qaeda sympathizers". "Terrorist sympathizers". It seems that anyone that doesn't pledge to fight whatever the government wags a finger at is a "sympathizer".

Re:Anonymous themselves said they weren't going to

[AoT]

Given that they haven't shied from calling for DDoSes against other targets, which is just as illegal, it seems silly they'd somehow beat arount the bush in this case.

Amazon is correct

[Nyder]

It was a hardware problem.

the hardware wasn't enough to keep up with all the requests coming in.