Microsoft’s online Windows Live estate was hit by a major server shutdown for about an hour yesterday, after some users of the service complained that they could see other people’s accounts. “As some of you may have noticed (we heard from you on Twitter!) we had an issue with the Windows Live ID service between 9 and 10AM PST …
I smell Danger! Microsoft needs a kick in the side. They've done this before.
Remember late last year (2009) when Microsoft's 'Danger' division tried to upgrade a server, but accidentally erased the data of about 1 million Sidekick phone users in the USA? Then it was revealed that Microsoft had no back-up for the data.
Microsoft has a bad history with unreliable online services. Now they let anyone access your Hotmail account. You'd be made to give your data to Microsoft.
This might explain
why a contact had a strange email, definitely posted from one of my hotmail accounts ... since closed down
RE: This might explain
To say nothing of the accounts that were hacked in late December/early January and used to send out spam to everyone in the account address book.
Mine was one of them - but since I only use the account to sign up to things where I fear I may be spammed, there are only two worknig contacts in the address book...
Had a call from someone today. They received a strange Hotmail email from their husband, turned out to be spam. Problem is their husband was working and his workplace has strict policies about using webmail and personal mobile phones so could not access it.
As I know several peoples accounts have been hacked and used to send spam I advised them to change the password to something more stronger. Makes me wonder if their account was hacked after all!
And what the hell is wrong with their servers? One server goes down and suddenly you get into other peoples accounts when you log in?! That sounds highly fishy to me and tells me that their authentication system is highly fecked up!!
"Died on its' ar$e"?
I know El Reg has a dissaffected style to maintain, but this is a step beyond.
It is, however, a real pick-me-up in my multithreaded hell of a day. It's a phrase I use continuously as a software (and test) engineer.
So "increased load" on a server caused users to be able to see other users' accounts?!?!?
Either this is an outright lie or the software is fundamentally insecure and not suitable for production use.
"Either this is an outright lie or the software is fundamentally insecure and not suitable for production use."
I just find it amusing that the removal of a single server caused the outage.
So much for redundancy.
What, no Azure?
doesn't that solve scalability problems?
That is not the only problem they have - I have had a problem since the 19th of January, with a malformed (?) cookie that reports an error when one returns to MyMSN from a followed link (the message is "Your request could not be processed at this time, please refresh this page or try again later.").
Initially it happened irrespective of platform or browser used (FF on Linux and Vista, Opera and Konquerer as well as IE - 6 and 8). I duly reported it and received a ticket number.
Some digging around revealed that it was a cookie that caused the problem, as deleting all MyMSN cookies restored access again.
I gave feedback to MS about this as well. The following day it only afflicted FF on Linux - normal operation had been restored to all other browsers.
Some more digging revealed that it was a particular cookie called MUID that is the culprit, which I duly reported again. No further communication have since been received from MS and the problem still exists.
Curiously this whole problem started the same day FF announced the spike in downloads following the IE6 security disaster (http://www.theregister.co.uk/2010/01/20/opera_and_mozilla_download_uptick_post_ie_warnings/).
Coincidence, or retaliation? Mmmmmm....
One positive development though was that I finally weaned myself of MyMSN (only visited it once in a while as I monitor my Hotmail account for messages from a forum that I have belonged to for a long time), as GMail now picks up my Hotmail.
And if I can find a way to change my e-mail address in that forum without having to close my account and therefore lose my logon name (as there are no guarantees that I can re-register the same name again), I can finally close my Live account (which was foisted upon me) as well.
"users of the service complained that they could see other people’s accounts"
That is a fail of the most epic proportions, and definitely dangerous for the users. I've put it off long enough, but I'm ditching hotmail right now.
Ah, on the other hand ...
... isn'y Kelly not a wonderful name?
And any Kelly with wit, charm and vigour to express "arse" in such an elegant form is trooli worthy of endearing prose?
I only come here to put shit on Microsoft.... to kick them in the guts for being such greedy, incompetent arseholes who fuck so many things up and rip people off so badly for junk software and bad practices......
Hearing about another horrible blunder makes my day.