A bungled FBI raid on a data centre has taken out an unknown number of Web sites. Apparently targeting a particular – but unnamed – customer of DigitalOne, the G-men seized three enclosures of equipment, according to the New York Times. Among the collateral damage is New York publisher the Curbed Network, and the Pinboard …
All hail Cloud Computing until the Feds show up and take your data
Not just the cloud...
Not a bad point, though not completely relevant. This could easily happen to a hosting or co-location provider. I have my own servers sitting in a co-location facility which could be subject to an FBI raid one day due to another customer in proximity. Even though my servers are clearly marked as belonging to me, the feds may very well van them as well.
You know, just to be thorough.
The big question comes, can the FBI be held liable for damages as a result of taking non-involved servers offline like this? Especially if said servers are outside of the scope of the assumed warrant in-hand at the time? My guess is no, or the process would be expensive beyond the point of principle.
And, of course the resultant trickle down affecting customers of customers of customers of customers, ad nauseum. SOMEONE is going to be nailed to the wall for this.
No, Ray 8, that was just a data centre, and not real cloud computing. Every properly prepared executive board presentation will clearly demonstrate that if you put your data in The Cloud it will be absolutely safe and neither earth quakes not nukes from orbit will be able to hamper access to your data.
You don't know what cloud computing is then?
This was their own servers, at a colo.
And that won't be covered by any SLA - or rather it will be explicitly not-covered.
This isn't cloud computing ...
It's bog-standard data centre computing.
That's the problem - This would be almost impossible to do without seizing every machine in a cloud scenario.
Do try to keep up.
If ones "cloud"...
...is in one location, then one really isn't getting the point.
Oh god oh god oh god we are de-evolving, DEVO was right!!!!!
New DoS ?
Just call the FBI.
BB, coz this world is fast becoming a Police Nation.
I was going to say the same thing but you beat me to it.
Have a thumb up instead.
Not a cloud
The whole point of the cloud is that when the Feds, mother nature, or the International Brotherhood of Careless JCB Drivers take out your server - another instance spins up on the other side of the world
re: International Brotherhood of Careless JCB Drivers
the first rule of the International Brotherhood of Careless JCB Drivers is you don't talk about it!
That assumes the 'cloud' isn't being used for lowest-cost and that there will be backups everywhere. Do you honestly believe that the cloud isn't a financial model?
Wots a JCB, then?
What's a JCB? I know it's a company that makes a wide range of construction equipment. From the context in this thread and other places, and from some almost useless online dictionary results, I get the impression it connotes something a little more specfic (like what we USians would call a backhoe).
they are referring to the ubiquitous backhoe initiated network outage.
between this, and http://www.theregister.co.uk/2011/02/18/fed_domain_seizure_slammed/ and the 141 / Kentucky bullshit Im amazed there isnt a massive re-education program in place for the US Justice departments.
seriously, can you imagine this sort of shit going down in a bank? "we have no idea which deposit box. Take em all" "we know the first 6 digits of the laundering account, so freeze all of them starting with that"
someone needs to slap the fuck out of whomever approved the warrant to empty out 3 enclosures.
Wee teacher, cos someone in the DoJ chain clearly needs a tech lesson.
right on ..
a proper warrant would have required DigitalOne to clone the *particular* customer's data and take only that *particular* customer's site(s) offline .. not necessarily in that order
if they do not have the knowledge and skill to do that, what is the fucking point of taking a bunch of racks they probably can't fire up without DigitalOne's help ? .. DigitalOne should be the first in line to sue
do hope they get sued for any damages, however it is very hard to sue the Feds, and harder to sue the FBI ( only if the scope of the warrant was violated ), and impossible to sue a Fed judge for damages
I wonder whether they tagged/flagged/infiltrated
the colo/server farm site at all. Couldn't they have surreptitiously done so without tipping off the target?
Now, the target who may have been smart enough to pay for redundant services may have had "hearbeats" or "beacons" of sorts running between the two sites so that if a take-down happened, they'd know. OTOH, if there was no heartbeat, and their criminal endeavours were disrupted, they'd know.
Siezing 285k feet of server racks could take hundreds of techs weeks or months if they're looking for physical evidence, but, with the right cooperation from the sysadmins, might sweep all the servers' data files (contiguous and scattered) in weeks. In any case, it's going to be expensive to find whatever it is their court order specifies, and it should come out of their budget if critical services disrupted can be traced back to this scattershot takedown/confiscation. Very broad blast.
But, I like that bank analogy:
"seriously, can you imagine this sort of shit going down in a bank? "we have no idea which deposit box. Take em all" "we know the first 6 digits of the laundering account, so freeze all of them starting with that""
First good chuckle of the day for me. There were other chuckles, but yours, Heff, was the best so far, hehehehe.
But, maybe one reason they took the whole shedload was the criminals may have been dastardly and clever enough to cause dispersion of their own files so as to make taking one rack insufficient and taking them all a huge gamble and a political nightmare, as well as a CLM (career-limiting move) for all signature authorities involved.
brings new meaning to the term
Offsite replication and redundency
Useful for natural disasters and sudden cases of Fed
@ray What has any of this got to do with cloud computing? This is an old school hosting company, not a cloud provider.
If you had a well designed cloud based setup you could quickly rebuild your infrastructure at another location or even on another provider.
I'd be impressed if even the FBI could confiscate enough of Amazons AWS infrastructure to cause them a serious problem.
Amazon don't need the FBI's help, they can bugger the AWS up on their own.
And what happens when someone uses "The Cloud"...
...for illegal purposes. Already "white hats" have used rented cloud capacity to cheaply demonstrate proof of concept attacts which would otherwise be impossible or impractical with resources available to ordinary folk.
So what happens when LulzSec, Anonymous, uses a cloud to carry out a DDoS or to brute force a password table? What happens if Pakistan or Iran is discovered using a cloud to run nuclear simulations?
They WON'T be told that it's a commoditised service. They WON'T be told the evidence they are after is not there. They will take every machine (or at least datastore) within their reach and make whatever is outside that reach effectively inaccessible, at least from within the US.
@BB: My favorite piece of news about the (probably pre-LulzSec) hack of Sony was that it was launched from an Amazon Cloud Services box.
Lots of bandwidth, Amazon quite obviously has no effing idea what anyone's doing in there, their own router teams included, and who wants to be Sony had lots of permit ecs2.* rules in their firewalls - and that's assuming they bothered with firewalls on those connections at all.
They might not have; they might have believed the bandwidth salesmen who told them MPLS=VPN.
Stability of network clouds...
...Depends on local political weather
Congress bitches about China doing the same thing
FBI trying to kill US cloud computing centers
Another reason why putting your data in the hands of another company is a bad idea. Wonder how many companies might bite the dust because of the FBI's inconsiderate tactics and how much US tax payers might wind up paying as the results of lawsuits by affected companies. This is a good reason for companies to consider just where they off site data to the clouds. FBI stupidity like this might just keep the US from being a major player in cloud computing. Hopefully the more details on how many companies were affect will be published when it becomes available.
I wouldn't hold your breath...
"Hopefully the more details on how many companies were affect will be published when it becomes available."
If they've REALLY f**d up as we expect they have there'll be a cover-up "In the interests of National Security" (translation:- they're likely to get their asses sued off and they can't afford it) OR they'll miraculously "find" something dodgy on all of the siezed drives and lock up all of the owners. (More paperwork bu thte headlines will read "US winning the war on terror")
Me, cynical, never.. (it's the one with the RAID 5 pockets)
Typical American attitude
Go in ... shoot first ... shoot some more ... when everybody's dead, then try and ask a few questions.
Not really cloud but...
The way the installation is described it is not really Cloud, but if your servers are hosted or virtually hosted at a third party data center it might be worth finding out who your "neighbours" are in the racking. Impossible I know, but it could be an embarrassing question to ask your hosting company.
"Excuse me, but are any .xxx websites hosted in the same rack as my mega corp server?"
"unable to determine which cloud resource was hosting the kiddie pron site and collection of Blind Faith Artwork, the FBI seized the Internet"
ALL YOUR DATA BELONG US
Perhaps they should have got better Intel (TM)...
Perhaps they should have got better Intel (TM)...
For instance they turn up at Amazon and they don't know which is the criminals server or its running on multiple instances - so they take the lot...
How would this work for S3?
I was wondering how this would work for something like S3 - being distributed and all that. I presume the FBI wanted a copy of stuff to search through, as opposed to taking a site down.
an artificial distinction?
Sure, they want to take a look at it, but if they've taken against someone to that extent, they'll be happy to cause them maximum inconvenience while doing so.
I know i shouldn't be, but im still amazed that this kind of crap goes on. Peoples rights getting trampled on all in the name of terror/riaa/think of the children.
Will this shit ever stop?!?
Machine gun your own goal
The NYT says "the F.B.I. was actively investigating the Lulz Security group".
So they are trying to stop the activities of a hacking group which is knocking innocent web sites off line.
And to do this, they ... err ... whoops!
Out of business? Not our problem.
You can always sign up with a new job at State.
But they don't have to did it in such a kackhanded way
Do they? At some point a bright spark will remember that all they have to do is tinker with CALEA et al and force the cloud to allow real time network access to whatever they want. And as we are all potential terrorists, without any court orders or indeed any other oversight.
"A Smith & Wesson beats four aces".
I don't suppose the Dibble half-inching a bunch of hardware was very high up in the planning. If it wasn't for the damage done to other users, the FBI's ultimate low-tech hack might even be funny. Part of me really hopes they're investigating a DoS attack.
That said, I wouldn't be laughing if my site was one of those not working.
Lulzsec is who they are after
Maybe Its part of Lulzsec's game plan.
They dont need to do much more than tweak the fed;s tail for them to go round trashing the net causing more damage than Lulzsec ever did,
In your dreams
> another instance spins up on the other side of the world
You might hope so, and if you've paid extra then it might do so. At least the first time. After that you tend to run out of server farms.
The current incarnation of The Cloud is more marketing hype than engineering reality.
This is absolutely true and cannot be stated enough
For all the hype you have to remember that we are still talking about spinning magnetic disks in boxes on racks in buildings. Excepting a couple of giants, an individual "cloud provider" is achingly vulnerable today. The cloud is *not* a distributed storage/compute system, like the kind of global RAID the mainstream press imagine it to be; it is just a contract, an SLA and Someone Else's Problem.
May the multi million dollar lawsuits rain down on these jack booted thugs.
They should be made to pay so much in compensation and punitive damages that they never again dare to unlawfully seize the property of companies who aren't connected with their investigations.
Oh, there may be a few. Don't expect any victories for the Little Guy, though.
Sovereign Immunity claims by the FBI alone will tie up the case for decades, and that's assuming the Gov't doesn't win their case. Should the gov't fail in claiming Immunity, the next steps will continue at whatever glacial pace the best government lawyers can force.
There's little point to it all, except to make oneself a big enough nuiscance that the Fibbies releaqse the hardware just to shut the owners up. Of course, the Fibbies might instead turn their magnifying glass on the plaintiffs, too...
"A Safe Place"
That's where Mrs TickTock put the things she can never find again!
So that's ...
... who really ran off with the UK census data.
> This would be almost impossible to do without seizing every machine in a cloud scenario.
Not at all, you simply snapshot the virtual machine and take a back-up. Or in cheaper incarnations you just snapshot the data. On the other hand, if you want to be sure to have an evidence trail, you take the entire data store and all mirrors and backups. That would be fun for the other customers.
In a data centre you can still point to your server. In a cloud the server is meaningless, but I do not think you can point to your disk drive.
Tried and tested method, chumrades.
They had to destroy the data centre in order to save it.
Where is "North Virginia"?
Reston, Virginia is the center of the Washington, DC area "tech corridor", but there is no such state as North Virginia. The Virginia suburbs of DC are colloquially referred to as "Northern Virginia", but there is no official designation.
Is right next to East Virginia (see the comic strip "Shoe")
There are plenty of server farms in northern Virginia. This story seems to be getting a lot of coverage in the Washington, DC area, it was even mentioned on the radio. The radio report mentioned unnamed "payment processors" as affected.
- Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
- FOUR DAYS: That's how long it took to crack Galaxy S5 fingerscanner
- Did a date calculation bug just cost hard-up Co-op Bank £110m?
- Feast your PUNY eyes on highest resolution phone display EVER
- Wall St's DROOLING as Twitter GULPS DOWN analytics firm Gnip