Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chaos Monkey Released Into the Wild

Posted by Unknown on from the infinite-monkeys-with-infinite-hammers dept.

Quince alPillan writes "Netflix revealed today that they've released Chaos Monkey, an open source Amazon Web Service testing tool that will randomly turn off instances in Auto Scaling Groups. 'We have found that the best defense against major unexpected failures is to fail often. By frequently causing failures, we force our services to be built in a way that is more resilient. We are excited to make a long-awaited announcement today that will help others who embrace this approach. ...source code for the founding member of the Simian Army, Chaos Monkey, is available to the community.'"

1 of 76 comments (clear)

  1. Tech journalists: Stop hyping unproven security... by Anonymous Coward · · Score: 0, Offtopic

    Tech journalists: Stop hyping unproven security tools
    Monday, July 30, 2012 | Christopher Soghoian
    http://paranoia.dubfire.net/2012/07/tech-journalists-stop-hyping-unproven.html

    http://static.guim.co.uk/sys-images/Media/Pix/pictures/2010/3/25/1269523445370/Austin-Heap-001.jpg

    "Preface: Although this essay compares the media's similar hyping of Haystack and Cryptocat, the tools are, at a technical level, in no way similar. Haystack was at best, snake oil, peddled by a charlatan. Cryptocat is an interesting, open-source tool created by a guy who means well, and usually listens to feedback.

    In 2009, media outlets around the world discovered, and soon began to shower praise upon Haystack, a software tool designed to allow Iranians to evade their government's Internet filtering. Haystack was the brainchild of Austin Heap, a San Francisco software developer, who the Guardian described as a "tech wunderkind" with the "know-how to topple governments."

    The New York Times wrote that Haystack "makes it near impossible for censors to detect what Internet users are doing." The newspaper also quoted one of the members of the Haystack team saying that "It's encrypted at such a level it would take thousands of years to figure out what youâ(TM)re saying."

    Newsweek stated that Heap had "found the perfect disguise for dissidents in their cyberwar against the worldâ(TM)s dictators." The magazine revealed that the tool, which Heap and a friend had in "less than a month and many all-nighters" of coding, was equipped with "a sophisticated mathematical formula that conceals someoneâ(TM)s real online destinations inside a stream of innocuous traffic."

    Heap was not content to merely help millions of oppressed Iranians. Newsweek quoted the 20-something developer revealing his long term goal: "We will systematically take on each repressive country that censors its people. We have a list. Donâ(TM)t piss off hackers who will have their way with you.

    The Guardian even selected Heap as its Innovator of the Year. The chair of the award panel praised Heap's "vision and unique approach to tackling a huge problem" as well as "his inventiveness and bravery."

    This was a feel-good tech story that no news editor could ignore. A software developer from San Francisco taking on a despotic regime in Tehran.

    There was just one problem: The tool hadn't been evaluated by actual security experts. Eventually, Jacob Appelbaum obtained a copy of and analyze the software. The results were not pretty -- he described it as "the worst piece of software I have ever had the displeasure of ripping apart."

    Soon after, Daniel Colascione, the lead developer of Haystack resigned from the project, saying the program was an example of "hype trumping security." Heap ultimately shuttered Haystack.

    After the proverbial shit hit the fan, the Berkman Center's Jillian York wrote:

    I certainly blame Heap and his partnersâ"for making outlandish claims about their product without it ever being subjected to an independent security review, and for all of the media whoring theyâ(TM)ve done over the past year.

    But I also firmly place blame on the media, which elevated the status of a person who, at best was just trying to help, and a tool which very well could have been a great thing, to the level of a kid genius and his silver bullet, without so much as a call to circumvention experts.

    http://blogs-images.forbes.com/jonmatonis/files/2012/07/web_chat.png

    Cryptocat: The press is still hypin'

    In 2011, Nadim Kobeissi, then a 20 year old college student in Canada started to develop Cryptocat, a web-based secure chat servi