back to article Danger lurks in the clouds

The failure of Microsoft to safeguard data synchronised from Danger's Sidekick devices on T-Mobile's network has thrown up important questions about cloud-based storage, along with insufferable smugness from iPhone owners. Most cloud-based services aimed at consumers are still on the backup side of things, offering to hold a …

COMMENTS

This topic is closed for new posts.
  1. Steve Loughran
    WTF?

    Sabotage? Natural causes

    Whoever assumes someone sabotaged the system by wiping every hard drive doesnt understand how datacentre filesystems work. They should read about GFS then go look at the source for Apache Hadoop.

    The index server -in Hadoop, the Namenode- keeps track of what file is where. Lose the data on that, and it doesnt matter that the many petabtyes of HDD still has the data, you don't know which bits belong to which file. That's all you have to lose. Hence it needs to be looked after -RAIDed, replicated, backed up. But those can all fail -hardware failure in the RAID controller anyone? and you don't notice failure of backup tapes until they're needed.

    no conspiracy here, just par for the course.

  2. amanfromMars 1 Silver badge
    Alien

    Blighty's Get out of a Hole Scot Free Card?

    "AppleInsider also reaches new levels of self-satisfaction when explaining how such a thing could never happen to an iPhone as backups of data are held on an obligatory PC rather than synchronised with the cloud, in contrast with Microsoft's MyPhone service which makes a local backup optional."

    It is naive to imagine that cloud services do not reach deep into PCs for whatever they need.

    It is interesting Civil CyberSpace Project to consider that if we lost All Present Data and Memory, what kind of Future IntelAIgents would Build/Share/Script/Present ....... with what would then be Everyone's Virgin AIMaginanation ...... Singularity?

    Another one of those Novel Programs for CyberIntelAIgent Security Operations Centres ..... UKGBNI GCHQ .... 42 Protect Servers, Enigmatically.

  3. Fazal Majid

    Incompetence, not sabotage

    This article has more details:

    http://www.roughlydrafted.com/2009/10/15/microsofts-pinkdanger-backup-problem-blamed-on-roz-ho/

    It seems the data loss was due to a trifecta of failure to maintain adequate backups to save a few bucks, combined with incompetent management, and staff turnover at Danger leaving few people qualified to manage the system. If true, the level of incompetence is shocking, but not all that surprising, after all we are talking about Microsoft here.

    Anyone entrusting their data to a cloud service had better ensure they have an ironclad SLA with substantial penalties for noncompliance. Most cloud services do not offer anything like the level of transparency into their architecture and operations that customers need to assess its trustworthiness. You can't damn cloud services from all providers, some of them are competent, unlike Microsoft, but prospective customers need to start asking more pointed questions from would-be suppliers.

  4. Fred Flintstone Gold badge

    Irony..

    I still find it fantastically ironic that a Microsoft provided service has to warn people NOT to reboot. As stories about this company go, I find that one just hard to beat :-).

    With respect to cloud services, from a security and privacy perspective I will need a lot more convincing - you never know where that cloud drifts. I prefer things with slightly sharper defined outlines, the last 8 years have seen the all but complete removal of constraints on government sanctioned snooping (aka industrial espionage, depends on your point of view) so it's worth asking the VERY ugly questions first: whose jurisdiction?

  5. IT specialist
    Badgers

    Microsoft dying

    This is a Microsoft issue, not a cloud issue.

    It's panic stations inside Microsoft. Its 'Windows Mobile' OS is plummeting in marketshare, going from 25% a few years ago down to 9% today.

    When management is in panic, it makes rash and stupid decisions. Microsoft pulled staff away from Danger, and reassigned them to help save Windows Mobile. The Sidekick phone, and its 1 million users, were essentially abandoned.

    Expect Microsoft to make more panic decisions for its dying Windows Mobile platform.

  6. Doug Glass
    Go

    Backup, Backup, Backup

    Put it there; leave it there; lose it there.

    He who fails to understand the need to responsible for and backup ones own data is going to lose it sooner or later.

  7. Steve McIntyre

    Totally retarded device design

    Depending on the network for everything will only work when the network is 100% available and 100% reliable. We're nowhere near that...

  8. Chris 211

    Backup or die!

    Its hard enough getting users to backup at all without this kind of incompetence. A local PC Sync and backup is still and for the foreseeable future the best way to keep data safe. I have looked at cloud sync and dont like it one bit, I would not trust it to backup my contacts.

  9. cschneid

    faith, et. al.

    Ah, the cloud, a faith-based computing initiative. Have faith that the provider actually knows what they’re doing with respect to backup, security, redundancy, etc. Have faith that the provider won’t be purchased by another company in order to kill the service in favor of the acquirer’s – the one you deliberately didn’t choose for reasons of your own. Have faith that the provider is actually a responsible business – reputation in the Internet Age meaning having a corporate history that can be measured in months.

    Me? I’m an atheist.

    On the (forgive me) client side, the concept of degrading function gracefully will apparently have to be resurrected. Despite what your "mobile apps for dummies" book told you, memory isn't unlimited, persistent storage isn't unlimited, the network isn't always available, or as fast as you'd like, or as reliable as you'd like.

    T-Mobile's compensatory offering of $100 (presumably that's USD) is interesting. Woefully inadequate, but interesting. Exactly how much is that industry insider's private number worth?

  10. Anonymous Coward
    Anonymous Coward

    @Steve Loughran

    Most, if not all, big disk arrays have functionallity to erase disks. At the company I work for we run an erase job on all arrays prior to decomming them and removing them from site. This requires no interaction from any server. This could easily be used for sabotage, given the correct access to the array.

  11. Anonymous Coward
    Anonymous Coward

    Failure built in.

    Anyone who has participated in the scoping and design of any high availability solution - be it storage, server, network, or other technology - will know the sad evolution.

    - At first a simple design based on trusted - though possibly leading edge - technologies that gently carves away single points of failure and eases that nagging gnawing of the gut that plagues most system managers who have not yet traded duty for apathy in self defense.

    - Then the sales pitch to convince management that the investment is worthwhile highlighting the benefits of increased uptime, easier management, improved fault tolerance, and availability.

    - Then the intra-management chinese whispers that morph that into "always up, easy to manage, wont fail, always available". The critical application migration begins and suddenly the solution is the "The Solution".

    - Next, or perhaps simultaneously, come the changes in culture. The changes in procedures and processes that at first "take advantage of" and then eventually "rely on" The Solution. The old techniques and processes that used to give application developers and system managers some level of comfort as the data flowed through the system are slowly phased out as unnecessarily inefficient under The Solution. Why duplicate that piece of data at rest when it is safely stored across so many spindles and in so many processing units?

    - And then, for a time, comes peace - when The Solution does what it was designed to do and does it so well that more and more critical apps find their way there. Only now they are designed for the solution. There is no vestige of the old ways - the old habits of good programming or diligent system management. Applications keep data on the fly and tape units stand idle except for the occasional, mandated, "disaster" backup. The old distrust of the weak and vulnerable computer has become a faith in The Solution. Even when experienced devs and system managers voice their discomfort at that old gnawing sensation again, there is too much invested in The Solution now. Besides, it is working perfectly.

    - Finally comes The Failure. The scenario that slipped through testing. The risk that was of so low a likelihood or of so small a consequence - at least in the original stages of planning - that it was completely disregarded. Regardless, there are no fall-backs because the fall back was The Solution and The Solution has failed.

    OK, so they mostly dont turn out that way - certainly while sane minds are in charge. But these solutions are becoming more and more "all encompassing". More self contained. More commoditised. They are ceasing to be technical solutions that require analysis, understanding, and critical review, and instead are becoming commodity blackbox services that often have only a promise, a contract, and a fee.

    The Solution will always look good. Being able to buy into The Solution without a crippling investment in knowledge, time and technology will always look appealing. You can even get contractual guarantees of The Solution's good'ness. It is just that when The Solution goes wrong, you lose an awful lot. Maybe everything. And being able to point the finger may be less satisfying than you think.

  12. Slappy Frogg

    It's all about profits...

    Fazal Majid's comment makes a salient point: The effort to save money/pump up stock prices/Wal-Mart-ize IT services is going to lead to this kind of disaster over and over.

  13. Mathew White
    FAIL

    Compensation

    $100 t-mobile credit for the loss of your last 3 months of business contacts. errmmm... who are you mean to phone?

  14. John Doe 1

    Whispering Game revived?

    Why bother to quote AppleInsider's so-called self-styled "sources" when it's clear all they have is uninformed speculation? Note the use of 'may have', 'must have', ... and so forth.

    These so-called sources are also apparently unfamiliar with Occam's Razor and the more common forms of human nature involved in enterprise data failure. :) El Reg would do well to steer well clear of such poor 'sources' for quoting from when composing an article that isn't pure satire.

  15. Anonymous Coward
    Anonymous Coward

    @Fazal Majid

    "If true, the level of incompetence is shocking, but not all that surprising, after all we are talking about Microsoft here"

    It's not Microsoft specific. I worked at a telecoms company that had the same sort of thing. Drove me bonkers. Only thing that saved my sanity was when they made me redundant.

  16. Anonymous Coward
    Anonymous Coward

    " there's still only one medium that can really be trusted"

    Yeah, a csv encoded export! Why does no-one do this anymore? Getting useful, plain-text, archivable data out of any application these days usually involves a purchasing some 3rd hack. God, I hate syncing!

  17. /dev/null
    Boffin

    @John Doe 1

    Hanlon's Razor, not Occam's: "Never attribute to malice that which can be adequately explained by stupidity."

  18. Daniel B.
    Jobs Horns

    It's already happened!

    "MobileMe, MyPhone and Ovi could all disappear in a flurry of commercial short-termism and no one would be as inconvenienced as those poor Sidekick users."

    Erm ... MobileMe also ate users data ... those who cancelled their account after the free trial got their data eaten up at the next sync. Geeze, you'd think something like that would only give a "Sync Error: Login failure" but things seem to work differently in the Appleverse.

    In fact, it seems kinda rich that Apple worshippers claim it wouldn't happen with the iPhone, when it has in fact happened *under normal conditions*, without any weird server failure, with or without sabotage being involved.

    Of course, the possibility of "losing data" due to a technical fault is an unfortunate reality, as I've had this happen to myself a couple of times now.

    - Formatting a < 500Mb HDD with the "big HD" thingy needed to see > 512Mb HDs on old motherboards made it remove precisely that boot-up translator (I think it did something weird like turning CHS requests to LBA or something like that). I was thus unable to see my big HDD until I reformatted.

    - RAIDs great... except when the one you got is a fakeraid, and it is on board your motherboard. ESPECIALLY when said motherboard dies and you're left with a RAID array that can't be read without the specific controller ... which I've been unable to find.

    - Filesystem massacre: Let's see how you find your files when the FAT goes down and there's no way to know what your files were. Older DOS virii did this, and I did suffer from data loss back in those days.

    There are a bunch of possible accidents that can result in total data loss, but these are the ones that I've personally suffered.

This topic is closed for new posts.

Other stories you might like