2. Mandatory. Secure Boot must ship enabled Configure UEFI Version 2.3.1 Errata B variables SecureBoot=1 and SetupMode=0 with a signature database (EFI_IMAGE_SECURITY_DATABASE) necessary to boot the machine securely pre-provisioned, and include a PK that is set and a valid KEK database. The system uses this database to verify that only trusted code (for example: trusted signed boot loader) is initialized, and that any unsigned image or an image that is signed by an unauthorized publisher does not execute. The contents of the signature database is determined by the OEM.....
I don't think I need to go over the sometimes downright contradictory nonsense within that document. Frankly, it looks as if a great deal has been tacked on to that document ad-hoc without seemingly little thought. As I've said, there is no way an OEM is going to write code for a key database and it shows the difference between specification and implementation. It's already started:
Besides, we're getting somewhat off the beaten track. We are referencing a MSDN document here where Microsoft tells everyone what will and will not run on hardware. That is the problem here.
I'm sorry, but this load of bull and misiniformation is going to have to be smacked down - hard.
So who decides what keys can be added to the bootloader? The end user, in the case of every x86 board.
No they fucking don't. There will be one key in there, and that will allow you to boot Windows. How many motherboard manufacturers do you think are going to implement a whole key management system in their firmware that Windows does not require, you silly idiot?
However, I'm seeing this deliberate misiniformation coming up more and more, probably because it's all certain people have left to tell us that there is no problem.
Microsoft requires any system vendor to allow end users to add their own keys (either directly, or by wiping the existing keys and requiring the user to add their own and microsofts back in). No user-modifiable Secure Boot, no Windows 8 for you.
No they do not, so I don't know where you're getting this from. No motherboard manufacturer is going to lose any certification if they do not implement certificate management or Secure Boot disabling. The only reason any manufacturer is forced into being able to disable it right now is because there are existing versions of Windows people will want to install and ghosting and imaging tools. It's not being required by Microsoft.
No windwos 8 certification? The manufacturer can do whatever they want, from locking down the loader to only one key of their choice, or not implementing secure boot at all/ Basically, the current state of affairs.
Utter bullshit. Nothing more can be said.
It is decentralised. It's so decentralised, that it's handled on a per-end-device basis. Because you manage the keys on your device by entering them.
I believe we've dealt with this untrue bullshit.
and adding your own key wasn't mutually exclusive with other keys (as it effectively is now,)
No idea what this nonsense means.
The level of FUD over Secure Boot, and it's non-relation to Windows 8, is astounding.
The level of bullshit we're getting from various people who desperately want to paint a picture of there not being a problem is astounding now, right down to plucking untruths out of thin air about what Microsoft does or does not require. The point here being that we are relying on Microsoft to tell us what can and cant be run on hardware.
I hate to reply to this but this is the usual anonymous crap you get regarding XFS that I was referring to. Someone's cousin twice removed always has a 'crash' which results in lots of data loss apparently, the reasons for which aren't obvious.
Too little, too late I'm afraid. Active Directory is well, well over a decade old and Samba 4's inability to sensibly reuse existing components has contributed to the ridiculous amount of time it has taken. As such the momentum that Samba 3 had has all been lost.
I know you were hoping to troll with what has been a long-running design philosophy...
Meh. Most of us would call that reality. You're late and irrelevant, something that those who seek to interoperate and compete with Microsoft never seem to get into their thick skulls. While you're ducking and covering for over a decade they're getting ahead.
Red Hat spent a lot of time effectively saying to everyone that they didn't support XFS. Eventually they had to throw in the towel because it's the only Linux filesystem that genuinely works well once you start dealing in terabytes of data. It's also recently got better at handling lots of smaller files and metadata. It's an incredibly useful filesystem and unfortunate that it still gets a lot of FUD thrown at it because of many peoples' misunderstanding about data loss issues several years ago.
That's not fair. Pulseaudio in it's current state is the best goddamned thing that has ever happened to Linux audio.
It took what worked and made it not work, not too mention turning over a disproportionate amount of CPU time. Pulseaudio was just to get mixing to work basically because some twits decided it couldn't be done in the kernel (it can, and no one apart from OSS has tried). They broke the whole sound system for a very long time to do it. Lunacy.
Using its unsteady beginnings to discredit Pottering is just FUD.
It's not. It was unsteady because of Poettering's attitude and he simply has a big track record on whatever project he has worked on. Pulse has become sem stable down to the hard work of others, not that it isn't still completely the wrong solution for Linux.
If you see a project that Lennart Poettering is involved in...............run for the hills. Seriously. There have been many fits of insanity with PulseAudio (something that has set desktop Linux audio back years) and systemd is such a departure from traditional Unix system administration it's just ridiculous. That might not be a completely bad thing is done carefully but this guy is full of his own self-importance and just cannot see the lunatic path he's on. Ulrich Drepper has similar 'issues'.
Seriously, how can you break something so fundamentally that worked for so many years?
Given that RHEL is probably their biggest competator that move could be considered a counter to - I would say you need to put down your anti-ms tinfoil hat, your brain is overheating.
Ahhh, yes, black is white, there are no black helicopters and all that jazz........ It's firmly in that bracket.
It's probably a support engineer related decision - "We don't want to have to deal with questions/complaints regarding unsupported operating systems that have gotten installed... so we'll prevent them from being installed."
Errrrr, no. For one thing this actually takes effort which hardware manufacturers are not prone to actually putting in, for another I didn't think they give a crap about supporting any Linux operating systems and conveniently Red Hat is the only distribution Microsoft recognises for the purposes of their 'Safeboot' keys.
I tend to prefer FreeBSD and Hackintosh'ed as my non MS OS.
Nice of you to let us know that after telling everyone their paranoid lunatics for questioning this that, afterall, you're a regular non-Microsoft guy.
This works if you are the complete copyright holder of a self-contained piece of software linked to software with appropriate licenses allowing you to do what you want. However, if you are the copyright holder on code that is part of GPL software that has other copyright holders then this doesn't work. You will need their permission. There is no escape from that.
I think Red Hat have a point here, as distasteful as it might be.
It is more complicated than that. DirectX requires WDDM which is aero and 3D composition GPU support starting with DX 10. WDDM 1.2 is not compatible with any other kernel. A rewrite would be needed....
I'll I'm hearing is "Blah, blah, blah, blah" over reasons why backwards compatibility can't be done. It was done in the past, certainly when sensible people like Raymond Chen were in control. Microsoft have lost that understanding many years ago.
A rewrite would be needed that would make WIndows 7 not Windows 7 anymore and break video and CAD software and piss off the corporate users.
Bollocks.
The reason why backwards compatibility is important is that when an application developer uses a new API they want to know that it is going to be available for a large proportion of their target users. For a new version of Windows that isn't the case. Windows 7, Windows Vista and even Windows XP will still be used by a lot of people for a long time so an application developer will look for new APIs to be ported to those systems first. That means that developers are going to be disinclined to use new APIs unless there is a sufficient userbase, or they do twice the work and port to two or even more APIs in order not to screw over their userbase and their bottom line. Either that or they could simply drop Microsoft's APIs and use something like OpenGL, which miraculously seem to work even amongst different versions of Windows.
In turn backporting APIs helps Microsoft in that it provides a clear path and an installed base of applications that makes upgrading to a new version of Windows easy. It's all circular. This is why Microsoft has had a tough time getting people off Windows XP. Nothing has changed. Even worse, Windows 8 now has a brand new interface that no one is writing applications for largely because there is no userbase.
This is why IE 9 is not available for XP. It has nothing to do with MS forcing users to upgrade.
Bollocks. The irony is that it hasn't forced users to upgrade.
If you think this is bad wait a couple of more years for smart tv's to start needing these kinds of updates.
I know. I'm wandering around various stores laughing at these 'Smart TVs' with stuff like YouTube and Netflix on them and thinking to myself 'What happens when this needs a major update in a couple of years, someone changes their interfaces or Netflix goes bust?'. It'll also be a cold day in hell before I plug an ethernet cable into a TV and give it access to the internet. I hate to be cynical, but us technical people always know this crap goes badly wrong.
If I want this shit I will plug my computer into the TV. In the meantime just display the damn picture on the screen.
I have been in IT for nearly 25 years now and have learned a few things along the way. The first rule is that most employees referring to others as idiots,
turkeys, incompetent etc need to look first in their own seat.
Damn bloody right. This article is describing a dysfunctional company to me, as opposed to merely a dysfunctional employee.
For starters, referring to people as turkeys just makes me not want to take it seriously. Being sponsored by HP puts nails in its coffin.
When sys admins put back doors in for themselves it is usually to get around ridiculous amounts of bureaucracy that stop them from getting anything done. A competent sys admin also does not 'add patches as they become available' willy nilly because those patches need tested, you need to understand what is in them and you need to make a decision as to whether you are affected by it and the disruption is warranted. It also seems to be about security companies selling their wares and installing 'data loss prevention systems', whatever the hells those are. Would I trust and outside set of consultants to come in and do that? No I wouldn't.
Basically, if you're at a point where you are doing what this article says then your own company is incompetent and shooting blanks in the dark.
I don't have mod points but I am equally as puzzled. AMD haven't had that many opportunities over the past few years (none at all really) but that was certainly one.
Sadly the systems I work on are all Intel because we do a great deal of report and post-processing on data and that requires CPU grunt and running as much as we can in parallel. Had AMD done this they would have been under consideration. Hyper-threading makes very little if any difference to us really, it's all about getting as many full cores on as possible.
"Nobody has a product that lets you work and play that can be your tablet and your PC. Not at any price point,"
That's actually a true statement. Ballmer's problem is that it is still a true statement after Surface debuts.
They are still hung up on the PC and they still believe that because they are the dominant force in desktop operating systems that will naturally translate to other platforms and people will naturally want Windows. They still can't let it go and they just don't get it.
I have no idea. With something like Proxmox I download it, install it and start running KVM and OpenVZ machines. Easy. With OpenStack, I go to their web site and I find nothing but a bunch of marketing crap. Cynical me just looks around there and thinks that some companies have got together to make something look open and look as if there might be some open source code and downloads 'somewhere', but there aren't. This is all to try and protect their expensive 'real' products that they know are probably under threat from a truly open source competitor but they just want to muddy the waters.
I think Joel Spolsky or someone once called it 'fire and motion'.
Obviously you've not been keeping up. Gnome's development path is dead....and Xfce? Seriously? Don't make me laugh. A window manager designed for people who don't actually do anything.
People aren't complaining about this with KDE because it works. It's only Gnome and Unity pushing this on people, but articles like this are par for the course when working out why the Linux desktop has utterly failed. OpenGL is a requirement for Gnome and Unity where they are collectively called the 'Linux desktop' and a Gnome logo is slapped next to it. Seriously, it's over.
Do you have any evidence of this? Because I haven't seen any. And it sounds tin-foil-hat.
Sites who implement multiple across multiple zones are down and the forums are full of customers who complain about EBS slowdowns and problems regardless of the availability zones they personally use. You're an apologist if you haven't grokked this yet.
Actually, I run a load-balanced, redundant site on AWS. I ask the question because Multi-AZ (as defined by AWS) means geographically different...
This is total rubbish. Availability zones are not geographically separate, and don't give me that 'as defined by AWS' crap to give yourself a back door (they don't, anyway). Expanding to multiple regions which is the only thing you can do is not the same thing.
as in US West (in Oregon) vs US East (in Virginia) - NOT just the difference between US-East-1a,b,c,d (which Amazon makes very clear are in the same data center). That's why it's odd that Virginia's issues would affect Oregon (or any of the other AZs)
No, Amazon is very, very clear on what an availability zone actually is. Stop trying to make AZs out to be separate regions to get yourself out of this. They are not.
Try being helpful next time and answering the genuine question instead of smarting off because you can't get on reddit.
I'm afraid you don't run any geographically separate system that spans multiple regions because it is prohibitively expensive to do so. You don't maintain AMIs and backups in different regions and you don't pay for the extremely large amount of bandwidth you need to keep those regions mirrored and synchronised.
Sorry, but you aren't doing what you say you're doing and you don't know what the difference between availability zones and regions actually are, which was central to the question you asked. You were called out on it.
Multi AZ IS "completely geographically separate zones" and yes...
Availability zones are not geographically separate nor is there any evidence that they are geographically or even logically separate from the nature of every major EBS outage there has been.
Amazon is very clear that US East 1a,b,c,d are all the same physical data center. However, West is not. It's in Oregon (as opposed to VA for East)
a, b, c and d are availability zones. US East, West etc. are different regions. I'm afraid you're not understanding just what is meant by availability zones or just muddying the waters.
I've seen no evidence that true Multi AZ instances (as described by Amazon) are down. If you've got some though, I would be interested to see it because I would be pretty concerned.
As I've said above, Amazon makes it as difficult as possible to verify availability zone failures because AZ 'a' for one customer might be 'c' for another and 'b' for another, so you can't verify anything with others. However, it becomes very clear when you get on Amazon's forums and look at major sites that have implemented in multiple zones from their perspective that they are down and have EBS problems in different zones they have. You don't get much more evidence than that.
If you're not concerned when looking at that then I smell some apologism I'm afraid.
....and in the case of the European outage they actually screwed the EBS snapshots with a recovery job they ran. Thankfully I ran backups every night that took all data off Amazon's system. All I didn't know was when I could be back up and running.
I felt this was worth emphasising. These are EBS snapshots, not just the EBS disks - the ones supposedly stored in S3 and immune to corruption. Your backups, in other words. If you use RDS you rely on these completely for backup.
AWS is OK to get yourself up and running without paying huge amounts up front for hardware, but be aware that you just simply cannot trust this infrastructure.
Slashdot Mirror
2. Mandatory. Secure Boot must ship enabled Configure UEFI Version 2.3.1 Errata B variables SecureBoot=1 and SetupMode=0 with a signature database (EFI_IMAGE_SECURITY_DATABASE) necessary to boot the machine securely pre-provisioned, and include a PK that is set and a valid KEK database. The system uses this database to verify that only trusted code (for example: trusted signed boot loader) is initialized, and that any unsigned image or an image that is signed by an unauthorized publisher does not execute. The contents of the signature database is determined by the OEM.....
I don't think I need to go over the sometimes downright contradictory nonsense within that document. Frankly, it looks as if a great deal has been tacked on to that document ad-hoc without seemingly little thought. As I've said, there is no way an OEM is going to write code for a key database and it shows the difference between specification and implementation. It's already started:
http://mjg59.dreamwidth.org/20187.html
Besides, we're getting somewhat off the beaten track. We are referencing a MSDN document here where Microsoft tells everyone what will and will not run on hardware. That is the problem here.
So who decides what keys can be added to the bootloader? The end user, in the case of every x86 board.
No they fucking don't. There will be one key in there, and that will allow you to boot Windows. How many motherboard manufacturers do you think are going to implement a whole key management system in their firmware that Windows does not require, you silly idiot?
However, I'm seeing this deliberate misiniformation coming up more and more, probably because it's all certain people have left to tell us that there is no problem.
Microsoft requires any system vendor to allow end users to add their own keys (either directly, or by wiping the existing keys and requiring the user to add their own and microsofts back in). No user-modifiable Secure Boot, no Windows 8 for you.
No they do not, so I don't know where you're getting this from. No motherboard manufacturer is going to lose any certification if they do not implement certificate management or Secure Boot disabling. The only reason any manufacturer is forced into being able to disable it right now is because there are existing versions of Windows people will want to install and ghosting and imaging tools. It's not being required by Microsoft.
No windwos 8 certification? The manufacturer can do whatever they want, from locking down the loader to only one key of their choice, or not implementing secure boot at all/ Basically, the current state of affairs.
Utter bullshit. Nothing more can be said.
It is decentralised. It's so decentralised, that it's handled on a per-end-device basis. Because you manage the keys on your device by entering them.
I believe we've dealt with this untrue bullshit.
and adding your own key wasn't mutually exclusive with other keys (as it effectively is now,)
No idea what this nonsense means.
The level of FUD over Secure Boot, and it's non-relation to Windows 8, is astounding.
The level of bullshit we're getting from various people who desperately want to paint a picture of there not being a problem is astounding now, right down to plucking untruths out of thin air about what Microsoft does or does not require. The point here being that we are relying on Microsoft to tell us what can and cant be run on hardware.
I hate to reply to this but this is the usual anonymous crap you get regarding XFS that I was referring to. Someone's cousin twice removed always has a 'crash' which results in lots of data loss apparently, the reasons for which aren't obvious.
I know you were hoping to troll with what has been a long-running design philosophy...
Meh. Most of us would call that reality. You're late and irrelevant, something that those who seek to interoperate and compete with Microsoft never seem to get into their thick skulls. While you're ducking and covering for over a decade they're getting ahead.
Red Hat spent a lot of time effectively saying to everyone that they didn't support XFS. Eventually they had to throw in the towel because it's the only Linux filesystem that genuinely works well once you start dealing in terabytes of data. It's also recently got better at handling lots of smaller files and metadata. It's an incredibly useful filesystem and unfortunate that it still gets a lot of FUD thrown at it because of many peoples' misunderstanding about data loss issues several years ago.
That's not fair. Pulseaudio in it's current state is the best goddamned thing that has ever happened to Linux audio.
It took what worked and made it not work, not too mention turning over a disproportionate amount of CPU time. Pulseaudio was just to get mixing to work basically because some twits decided it couldn't be done in the kernel (it can, and no one apart from OSS has tried). They broke the whole sound system for a very long time to do it. Lunacy.
Using its unsteady beginnings to discredit Pottering is just FUD.
It's not. It was unsteady because of Poettering's attitude and he simply has a big track record on whatever project he has worked on. Pulse has become sem stable down to the hard work of others, not that it isn't still completely the wrong solution for Linux.
Kay seems to be throwing asynchronous around as a 'solution' very liberally. It all sounds very node.js............
.....In the long and broken road to PulseAudio broken Linux drivers are a very recurring theme.................
If you see a project that Lennart Poettering is involved in...............run for the hills. Seriously. There have been many fits of insanity with PulseAudio (something that has set desktop Linux audio back years) and systemd is such a departure from traditional Unix system administration it's just ridiculous. That might not be a completely bad thing is done carefully but this guy is full of his own self-importance and just cannot see the lunatic path he's on. Ulrich Drepper has similar 'issues'.
Seriously, how can you break something so fundamentally that worked for so many years?
Given that RHEL is probably their biggest competator that move could be considered a counter to - I would say you need to put down your anti-ms tinfoil hat, your brain is overheating.
Ahhh, yes, black is white, there are no black helicopters and all that jazz........ It's firmly in that bracket.
It's probably a support engineer related decision - "We don't want to have to deal with questions/complaints regarding unsupported operating systems that have gotten installed... so we'll prevent them from being installed."
Errrrr, no. For one thing this actually takes effort which hardware manufacturers are not prone to actually putting in, for another I didn't think they give a crap about supporting any Linux operating systems and conveniently Red Hat is the only distribution Microsoft recognises for the purposes of their 'Safeboot' keys.
I tend to prefer FreeBSD and Hackintosh'ed as my non MS OS.
Nice of you to let us know that after telling everyone their paranoid lunatics for questioning this that, afterall, you're a regular non-Microsoft guy.
Looking into it my arse. You have to write code to check this, and there is no good reason at all to check it.
This works if you are the complete copyright holder of a self-contained piece of software linked to software with appropriate licenses allowing you to do what you want. However, if you are the copyright holder on code that is part of GPL software that has other copyright holders then this doesn't work. You will need their permission. There is no escape from that.
I think Red Hat have a point here, as distasteful as it might be.
It is more complicated than that. DirectX requires WDDM which is aero and 3D composition GPU support starting with DX 10. WDDM 1.2 is not compatible with any other kernel. A rewrite would be needed....
I'll I'm hearing is "Blah, blah, blah, blah" over reasons why backwards compatibility can't be done. It was done in the past, certainly when sensible people like Raymond Chen were in control. Microsoft have lost that understanding many years ago.
A rewrite would be needed that would make WIndows 7 not Windows 7 anymore and break video and CAD software and piss off the corporate users.
Bollocks.
The reason why backwards compatibility is important is that when an application developer uses a new API they want to know that it is going to be available for a large proportion of their target users. For a new version of Windows that isn't the case. Windows 7, Windows Vista and even Windows XP will still be used by a lot of people for a long time so an application developer will look for new APIs to be ported to those systems first. That means that developers are going to be disinclined to use new APIs unless there is a sufficient userbase, or they do twice the work and port to two or even more APIs in order not to screw over their userbase and their bottom line. Either that or they could simply drop Microsoft's APIs and use something like OpenGL, which miraculously seem to work even amongst different versions of Windows.
In turn backporting APIs helps Microsoft in that it provides a clear path and an installed base of applications that makes upgrading to a new version of Windows easy. It's all circular. This is why Microsoft has had a tough time getting people off Windows XP. Nothing has changed. Even worse, Windows 8 now has a brand new interface that no one is writing applications for largely because there is no userbase.
This is why IE 9 is not available for XP. It has nothing to do with MS forcing users to upgrade.
Bollocks. The irony is that it hasn't forced users to upgrade.
If you think this is bad wait a couple of more years for smart tv's to start needing these kinds of updates.
I know. I'm wandering around various stores laughing at these 'Smart TVs' with stuff like YouTube and Netflix on them and thinking to myself 'What happens when this needs a major update in a couple of years, someone changes their interfaces or Netflix goes bust?'. It'll also be a cold day in hell before I plug an ethernet cable into a TV and give it access to the internet. I hate to be cynical, but us technical people always know this crap goes badly wrong.
If I want this shit I will plug my computer into the TV. In the meantime just display the damn picture on the screen.
I have been in IT for nearly 25 years now and have learned a few things along the way. The first rule is that most employees referring to others as idiots, turkeys, incompetent etc need to look first in their own seat.
Damn bloody right. This article is describing a dysfunctional company to me, as opposed to merely a dysfunctional employee.
For starters, referring to people as turkeys just makes me not want to take it seriously. Being sponsored by HP puts nails in its coffin.
When sys admins put back doors in for themselves it is usually to get around ridiculous amounts of bureaucracy that stop them from getting anything done. A competent sys admin also does not 'add patches as they become available' willy nilly because those patches need tested, you need to understand what is in them and you need to make a decision as to whether you are affected by it and the disruption is warranted. It also seems to be about security companies selling their wares and installing 'data loss prevention systems', whatever the hells those are. Would I trust and outside set of consultants to come in and do that? No I wouldn't.
Basically, if you're at a point where you are doing what this article says then your own company is incompetent and shooting blanks in the dark.
I don't have mod points but I am equally as puzzled. AMD haven't had that many opportunities over the past few years (none at all really) but that was certainly one.
Sadly the systems I work on are all Intel because we do a great deal of report and post-processing on data and that requires CPU grunt and running as much as we can in parallel. Had AMD done this they would have been under consideration. Hyper-threading makes very little if any difference to us really, it's all about getting as many full cores on as possible.
"Nobody has a product that lets you work and play that can be your tablet and your PC. Not at any price point,"
That's actually a true statement. Ballmer's problem is that it is still a true statement after Surface debuts.
They are still hung up on the PC and they still believe that because they are the dominant force in desktop operating systems that will naturally translate to other platforms and people will naturally want Windows. They still can't let it go and they just don't get it.
I have no idea. With something like Proxmox I download it, install it and start running KVM and OpenVZ machines. Easy. With OpenStack, I go to their web site and I find nothing but a bunch of marketing crap. Cynical me just looks around there and thinks that some companies have got together to make something look open and look as if there might be some open source code and downloads 'somewhere', but there aren't. This is all to try and protect their expensive 'real' products that they know are probably under threat from a truly open source competitor but they just want to muddy the waters.
I think Joel Spolsky or someone once called it 'fire and motion'.
Too many comments forget Kwin. Which kind of shows nobody really uses KDE4, apparently...
If peoples' KDE4 desktops actually work then why would they be bothered?
Obviously you've not been keeping up. Gnome's development path is dead....and Xfce? Seriously? Don't make me laugh. A window manager designed for people who don't actually do anything.
People aren't complaining about this with KDE because it works. It's only Gnome and Unity pushing this on people, but articles like this are par for the course when working out why the Linux desktop has utterly failed. OpenGL is a requirement for Gnome and Unity where they are collectively called the 'Linux desktop' and a Gnome logo is slapped next to it. Seriously, it's over.
Do you have any evidence of this? Because I haven't seen any. And it sounds tin-foil-hat.
Sites who implement multiple across multiple zones are down and the forums are full of customers who complain about EBS slowdowns and problems regardless of the availability zones they personally use. You're an apologist if you haven't grokked this yet.
Actually, I run a load-balanced, redundant site on AWS. I ask the question because Multi-AZ (as defined by AWS) means geographically different...
This is total rubbish. Availability zones are not geographically separate, and don't give me that 'as defined by AWS' crap to give yourself a back door (they don't, anyway). Expanding to multiple regions which is the only thing you can do is not the same thing.
as in US West (in Oregon) vs US East (in Virginia) - NOT just the difference between US-East-1a,b,c,d (which Amazon makes very clear are in the same data center). That's why it's odd that Virginia's issues would affect Oregon (or any of the other AZs)
No, Amazon is very, very clear on what an availability zone actually is. Stop trying to make AZs out to be separate regions to get yourself out of this. They are not.
Try being helpful next time and answering the genuine question instead of smarting off because you can't get on reddit.
I'm afraid you don't run any geographically separate system that spans multiple regions because it is prohibitively expensive to do so. You don't maintain AMIs and backups in different regions and you don't pay for the extremely large amount of bandwidth you need to keep those regions mirrored and synchronised.
Sorry, but you aren't doing what you say you're doing and you don't know what the difference between availability zones and regions actually are, which was central to the question you asked. You were called out on it.
Multi AZ IS "completely geographically separate zones" and yes...
Availability zones are not geographically separate nor is there any evidence that they are geographically or even logically separate from the nature of every major EBS outage there has been.
Amazon is very clear that US East 1a,b,c,d are all the same physical data center. However, West is not. It's in Oregon (as opposed to VA for East)
a, b, c and d are availability zones. US East, West etc. are different regions. I'm afraid you're not understanding just what is meant by availability zones or just muddying the waters.
I've seen no evidence that true Multi AZ instances (as described by Amazon) are down. If you've got some though, I would be interested to see it because I would be pretty concerned.
As I've said above, Amazon makes it as difficult as possible to verify availability zone failures because AZ 'a' for one customer might be 'c' for another and 'b' for another, so you can't verify anything with others. However, it becomes very clear when you get on Amazon's forums and look at major sites that have implemented in multiple zones from their perspective that they are down and have EBS problems in different zones they have. You don't get much more evidence than that.
If you're not concerned when looking at that then I smell some apologism I'm afraid.
....and in the case of the European outage they actually screwed the EBS snapshots with a recovery job they ran. Thankfully I ran backups every night that took all data off Amazon's system. All I didn't know was when I could be back up and running.
I felt this was worth emphasising. These are EBS snapshots, not just the EBS disks - the ones supposedly stored in S3 and immune to corruption. Your backups, in other words. If you use RDS you rely on these completely for backup.
AWS is OK to get yourself up and running without paying huge amounts up front for hardware, but be aware that you just simply cannot trust this infrastructure.
An honest question, why don't these large, big-name sites utilize the Multi Availability Zone failover that Amazon offers?
They do. Plenty of people do. The problem is that these EBS failures always propagate across availability zones no matter what Amazon says.
If they WERE using Multi AZ, or there is some other technical reason why it wouldn't help, I'm really curious to know why...
Because you have no hard experience of what multiple availability zones practically means in Amazon's infrastructure.