back to article Microsoft brings Azure back online

Microsoft has managed to repair its Windows Azure cloud, after an expired SSL certificate downed storage and other services for people across the world. Ninety-nine percent of the affected services have been brought back online, Redmond said early in the hours of Saturday morning, Pacific Time. "We will continue monitoring …

COMMENTS

This topic is closed for new posts.
Paris Hilton

Re: @Eadon

So your comment of "...Naturally Linux / UNIX admins are the top predators - the elite...." suggests that anyone who uses Linux in their organisation are superior to those who choose not to.

Does that mean you are ignoring Microsofts UNIX heritage, and possibly the fact that Microsoft uses Linux on a regular basis within its own organisation?

0
0
Silver badge

Re: 20 goto 10 - MS GOTO FAIL

>It's a certificate issue... Nothing to do with windows or linux

And with the increased use of certificates, certificate expiry issues are going to happen more often and certificate administration is something that will become more important.

In the last few years I've already encountered:

1. email providers who have allowed their certificate to expire and then to renew it specifying a different domain ...

2. third-party application code signing certificates expiring.

The worrying thing is that the wide spread use of certificates could make Enterprise IT infrastructures more unstable, particularly as most certificates seem to have a relatively short life and the user (IT operations) really gets very little visibility of the certificates being used by third-party applications and their 'health'.

The really worrying thing is that whilst your software license may not have an end date, the failure of the OEM to update the software's certificates may render this largely irrelevant.

1
0
Vic
Silver badge

Re: 20 goto 10 - MS GOTO FAIL @Phoenix50

> I am never going to let you forget this.

You should do. Some of us hadn't seen that particular missive. Now you've republicised it, the Streisand Effect will tend to take over :-(

Vic.

0
0
Vic
Silver badge

Re: @Eadon

> Does that mean you are ignoring Microsofts UNIX heritage

I certainly am, as, I believe, is Mictrosoft.

Xenix was a fabulous product[1] in its time. But where is it now?

Vic.

[1] I'd love to see something Xenix-derived with a Win95/XP-style skin on top. That could be a *major* seller for Microsoft, if they were to introduce it carefully. But they won't... :-(

0
0
Silver badge
Devil

Microsofts "customers" get Ballmered again

Having stuffed them on phones, tablets and their comedy new desktop OS, destroying their faith in their cloud offering is an essential step in the slow car crash suicide that is 2013: Microsofts year of hell.

20
4
Pint

Re: Microsofts "customers" get Ballmered again

"comedy new desktop" - love it!

beer for ya

6
1
Anonymous Coward

Re: Microsofts "customers" get Ballmered again

Ballmer can get billions for slow-crashing the company into the ground, the operations guys are just following his lead. Corrupt CEO maybe? Ballmer and Beeblebrox.

1
0

This post has been deleted by a moderator

Silver badge
Facepalm

Re: Microsoft CLOUD EPIC FAIL

"Obviously Microsoft just bung a framework on some windows servers and call it a "Cloud"."

Putting lipstick on a pig has been Microsoft's entire philosophy since Windows 1.0. If it ain't broke...

Oh , wait...

13
2
Anonymous Coward

Re: Microsoft CLOUD EPIC FAIL

Whilst this was an undisputed cockup by Microsoft this all hail FOSS stuff is getting a bit annoying. It's got to the point where the zealotry is making people think Linux is a bastion of security & stability that Jobs tried to get people to think the Mac was. Then Mac starts getting popular and malware authors turn their attention to it. As icing on the cake people think they are safe and sound because of the "Macs don't get viruses" claptrap.

As more inexperienced people are flocking to FOSS based alternatives you are helping them stick their head in the sand to the issues that face any system. It's damaging and will lead to people not taking the security & stability of their systems seriously.

Case in point, I saw a post by someone the other day that stated that Linux doesn't get viruses because they have nowhere to hide as it's open source software (He then went on to insist other people only state facts about Linux or shut up, but I digress). More and more new people are heading to Linux and people like you, Eadon, are making it out to be something that it's not.

And to finish off I will echo another poster, this has nothing to do with the operating system on which the service runs. It was organisational incompetence at management level.

16
6
Pirate

Re: Microsoft CLOUD EPIC FAIL

Putting lipstick on a pig has been Microsoft's entire philosophy since Windows 1.0. If it ain't broke...

Only since Windows? Have you forgotten the whole PC-DOS/MS-DOS fraud the outfit cut its teeth on? I've never figured why IBM brought Microsoft into OS2 after being so completely shafted in the DOS débâcle. Fool me once... Got exactly what they had coming I suppose. Poor stupid IBM.

6
3
Trollface

Re: Microsoft CLOUD EPIC FAIL

Love it. Yes, of course it's the lipstick on the pig. Microsoft's heritage has been to buy products with massive potential and then do a 'cut and shut' on them. The exceptions are maybe Exchange and SQL server (I like to call them 'princess products' since the product teams don't give a crap and have more talent than the rest of the giff-gaff.).

I've been working with MSFT 'technology' for 21 miserable years and found that 'predictable' and 'reliable' are considered by the company in the same breath as 'delinquent' and 'that's all folks'. I've presided over (unfortunately) Certs expiring on patch management infrastructure, meaning my clients' ability to secure their systems is compromised by Cert 'features' - a complete non-seqitur.

I agree with the general sentiments in this thread - if you want a robust cloud, buy one based on very old and very predictable technology - Linux/Unix.

Oh and for what it's worth, Azure is considered by most enterprise as mickey-mouse anyway so good luck to the MSFT sales force on the back of this one!

3
0

Re: Microsoft CLOUD EPIC FAIL

Forgetting to re-new your own SSL certificates really is an EPIC fail. But it has nothing to do with operation systems, depending on who was responsible maybe not even with IT (I have seen cases where the secretary forgot to "pay"/get signed an internal bill and services where shut down...)

Claiming "This OS is perfect" is a reason NOT to hire someone as an admin. A good admin KNOWS and ACCEPTS that his OS of choise has problems/weaknessses etc. Then he finds ways around them if possible and admits "take something else" in other cases. That goes double for security and availability

The best example is a Siemens engineer stating flat out: "The system can not do that. Export the data and use another OS to generate those graphics/reports"(1) He than made recommendations and Siemens got hired for writing an export/import software.

(1) The guy was a long time developer of that system and really liked it. Oh before Eadon throws another evil Windows fit - we used SCO Unix based software on X-Terms back then in 1990.

1
0
WTF?

Re: Microsoft CLOUD EPIC FAIL

Linux is already popular as a server platform, and has been for many years...

It is tried and tested, and while not perfect has a much better track record than windows, which has a number of serious design flaws.

While it's true that users could misconfigure any system in an insecure way, it is much more likely for such a configuration to arise on windows than linux.

5
2
Anonymous Coward

Re: Microsoft CLOUD EPIC FAIL

@Joe Mantana

I have to disagree, Windows vulnerabilities are much more likely to be the result of software bugs than misconfigurations. Linux software still relies heavily on text based configuration which would be daunting to most users.

I'm not sure what it offers in the way of firewalls these days as I haven't used a Linux distro for about 6 months but there was very little in the way of easy to use configuration tools. Let alone zero configuration possibilities. And IIRC the *ubuntu iptables was allow all by default.

1
4

Re: Microsoft CLOUD EPIC FAIL

UNIX is a good, solid server platform. Linux profits from that and can be secure IF your admin knows his stuff. OTOH it is more difficult to judge capabilities in a Linux admin than in a Solaris/AIX/HPUX/... admin since there are so many variants of Linux and knowing one does not mean knowing all. For reasons like that Linux is not the platform of choice for many companies either

As for Windows - It had some spectacular fails on the server side when exposed to the web. And I would still be reluctant to run IIS on Windows server and expose it to the internet. OTOH the customers use SOLARIS for that so I do not have to. Windows is "internal network" stuff and there it shines when you have qualified admins. And again - quality is easier to check

3
0

Re: Microsoft CLOUD EPIC FAIL

AC: There is "privat use" and "company use"

For privat use Windows, MacOS or even iOS and Android, are the better choice for 98+ percent of the users. Zero configuration and coupled with the typical DSL box (that has rather restrictive firewalls set up(1))) it simply works.

A company that exposes parts of it's network to the outside hopefully uses a proper DMZ architecture and firewalls that are NOT on the exposed servers but rather independent systems. With those and staff that knows it's job OS does not matter much. You do not read much about hacked Exchange or Domino servers. The exploits on this level aim at errors in the Application servers, Skripts etc(2)

(1) At least german Telecom, UnityMedia and Vodafone units are basically "all closed except HTTP(s)" and "open only one port at a time"

(2) And rarely social engineering. That is more an end user than a administrator problem.

0
0

@AC

Windows vulnerabilities are much more likely to be the result of software bugs than misconfigurations....

So what? Remind us again why do Microsoft strongly recommend to use antivirus software, while either Ubuntu or any other GNU/Linux vendor do not?

1
2
Anonymous Coward

Re: @AC

"So what? Remind us again why do Microsoft strongly recommend to use antivirus software, while either Ubuntu or any other GNU/Linux vendor do not?"

Because Linux on the desktop isn't popular enough for malware authors to put any serious effort into targeting the platform. This in turn means that anti-malware corps don't consider it commercially viable to make a serious effort to support it. If Desktop Linux becomes popular, as folk seem to wish it to be, malware authors will target it, hopefully anti-malware corps wont catch on too late.

FOSS that runs on Linux, such as web browsers, have had their fair share of security problems too, and with no anti-virus solution to catch intrusions it then this could be a problem if malware authors start to make a focused effort.

Oh, and if you are one of the folk under the impression that Linux has no viruses then allow me to direct you to this rather aptly timed rootkit discovery http://www.itwire.com/business-it-news/security/58832-sshd-rootkit-in-the-wild.

0
3

(Re: @AC)x2

Okay, first off let me ask you, AC, why hiding behind a mask?

Isn't it because you're affiliated to the celebrated company we're commenting about and which should shut the fsck up to properly enjoy all this humiliation?

Now you can see that wasting money and soul on pretty dirty campaigns like patent trolling, "droidrage", "scroogled" and other extravagant spendings is not justified at the end. Microsoft would not be so vigorously ridiculed these couple of days if they had just hired a single competent expert, not another manager or lawyer. It would only take one sane ssl brain!

As to what you're trying to allege now, I've done hundreds of times already and will repeat this for you again, the unknown friend.

When you and others try to surmise about someone's theoretic interests, you should prefix it with IMO (or better IMHO). Since you're making a statistical supposition that the risks and popularity are correlated, so tell us about the nature of this correlation. Is it linear ?, polynomial? logarithmic? what are the corresponding coefficients? Yet, I remind you again that, Microsoft strongly recommend AV software. On ANY setup, be it a specialized server or desktop. Now, according to netcraft, non-windows setups facing Internet are the majority. So there should be an explanation in your theory shedding some light on this paradox as well.

Yes, Linux, BSD and other servers do get hacked due to

** weak ssh policy

** insecure cgi applications, mostly php-based

** some ad-hoc sql incompetent proprietary products

No, AV is a bad idea. MAC is a much more professional solution against 0days and other threats.

.............

2
2
Anonymous Coward

Re: (@AC)x2

"Isn't it because you're affiliated to the celebrated company we're commenting about and which should shut the fsck up to properly enjoy all this humiliation?"

Didn't read past that point. If you can't make your arguments stand without resorting to paranoid accusations then kindly go somewhere else.

1
1
Silver badge
FAIL

Re: (@AC)x2

"Okay, first off let me ask you, AC, why hiding behind a mask?"

Eulampios, please state your full name and the company you work for.

Otherwise you are just another Anonymous Coward yourself

1
0
TJ1
WTF?

Monitoring for 24 hours...

"We will continue monitoring the health of the Storage service and SSL traffic for the next 24 hours," the company wrote.

And then?

That statement makes it sound like they don't monitor the systems routinely unless something fails; explains alot!

12
1
FAIL

Cron job needed and, er, why didn't they renew the cert for longer?

OK, so this happened last year, presumably on the annual renewal date. It begs how incompetent Microsoft is:

1. Most secure cert registrars send out e-mail reminders (mine does with 90, 30 and 7 days to go) - did whoever they registered with not send such e-mails or did Microsoft just ignore them?

2. A simple cron job to check the cert and e-mail (to more than one person!) every day at least 7 days before expiry would have saved their bacon.

3. When they messed up last year, why didn't they renew the cert for more than one year? Surely Microsoft can afford a multi-year cert?!

Multiple levels of incompetence there - that's Microsoft for you.

18
0
Anonymous Coward

Re: Cron job needed and, er, why didn't they renew the cert for longer?

Suppose the real reason is something else but the cert.

3
0
Anonymous Coward

Re: Cron job needed and, er, why didn't they renew the cert for longer?

Real enterprises don't use local schedulers, rather centralised scheduling. Anyone who thinks cron or windows scheduler is an acceptable solution in an enterprise, still has a lot to lean about IT.

4
5
Anonymous Coward

Re: Cron job needed and, er, why didn't they renew the cert for longer?

"Real enterprises don't use local schedulers, rather centralised scheduling. Anyone who thinks cron or windows scheduler is an acceptable solution in an enterprise, still has a lot to lean about IT."

Agreed. In this case even a good old calender reminder would have avoided this, though.

It really doesn't matter how they schedule things, as long as they do it, which apparently wasn't the case here.

"The global outage lasted for around 12 hours and occurred because Microsoft failed to renew a security certificate."

6
0
FAIL

Re: Cron job needed and, er, why didn't they renew the cert for longer?

The people directly involved probably did know, but then had to find out who to bribe/blackmail into procuring a new certificate before the old one went belly up.

Some of these big companies have an unbelievable amount of red tape and disparate divisions which are so out of touch with each-other they may as well be separate companies.

4
0
Silver badge

Re: Cron job needed and, er, why didn't they renew the cert for longer?

re: Suppose the real reason is something else but the cert.

I suppose they should probably stop calling them "certs" then, if they aren't.

0
0
Silver badge
Boffin

Re: Cron job needed and, er, why didn't they renew the cert for longer?

So true!

They could have used RunMyJobs (runmyjobs.com) which is a cloud-based scheduler that leaves your data in your data centers and does not rely on Microsoft to get their cert renewed ... it runs on Amazon, iirc.

0
0
Silver badge
Coat

Re: Cron job needed and, er, why didn't they renew the cert for longer?

Perhaps they weren't expecting the service to last that long...

6
0

Act 1, Scene 1

[face in hands]

[throws a chair against the wall]

[does a bear scream]

[throws a chair against the wall]

[wrings an imaginary neck]

[throws a Surface Pro against the wall]

6
2

This post has been deleted by a moderator

Silver badge
Trollface

So how to customers get refunded?

I guess this single outage trashes their SLA promises of uptime over the coming year, so what happens now for the customers? Do they get a year's refund or free?

Yes, I know its online somewhere but could not be arsed looking up the legalise...

2
0
Silver badge

Re: So how to customers get refunded?

No "acts of idiot" are specifically excluded from the SLA

0
0
Anonymous Coward

Marketing buzzwords

All this talk of how Cloud will revolutionize business and yet nobody describes exactly what it is.

It is merely an internet computing Cluster which can be adapted to suite power required.

It will save you from buying your own Cluster hardware and managing it but requires paying for by the hour with the loss of data security. Your Cloud vendor has access to your valuable IP and customer data.

An advancement from Shared Plesk website hosting, Virtual/Dedicated Servers. You can upload your own machine image or build for the Cloud.

Some allow SQL others LINQ and Hadoop.

Hadoop may be fast but this comes at a cost of omitting required DBMS features. A DB change could result in a lot of code rewrite. Is it Transaction safe and does it allow online backups? When you add all the features of a DBMS it quickly comes down in speed.

As for LINQ, is it really much simpler to use than SQL. You could suffer an unnecessary performance penalty.

The marketing folks pushing Cloud need to understand its not the magic bullet that the industry desperately needs.

1
0
Go

monkey magic

that monkey sounds useful on his cloud

http://www.youtube.com/watch?v=K2huJqFsFDE

0
0
Anonymous Coward

Oh FFS!

How hard is it to write some code to check certificate expiry dates?

3
0
Anonymous Coward

Re: Oh FFS!

How hard is it to make a browser/shell allocate itself no more cache than it can actually manage and thus prevent it from slowly killing the sheeples systems?

4
0
Anonymous Coward

The big intro text on their website homepage says...

"A rock-solid cloud platform for blue-sky thinking"

I hope they're doing that to be ironic.

3
0
Silver badge
Coat

Re: The big intro text on their website homepage says...

""A rock-solid cloud platform for blue-sky thinking"

I hope they're doing that to be ironic."

Well, Looks like a fair description to me. When the cloud drops like a rock, there's nothing left overhead but empty. blue skies

6
0

This post has been deleted by a moderator

Anonymous Coward

Cloud is like the recent beef/horse food chain debacle.

Lots of managers looking around saying "Why would I want to pay to maintain a known chain of suppliers, a whole lot of equipment, and staff, when I can just buy it cheaper through a long chain of third party suppliers, and I won't have all that work managing all them things"... "think about how big my bonus will be when I deliver all them savings".

2
0
Silver badge

Are you sure you aren't thinking of the 787 battery debacle

3
0
Anonymous Coward

The Microsoft Secure Professional PowerCloud XP Enterprise 3000 ...

... has encountered an unexpected error and must now close.

Try reinstalling the Cloud, and then reboot.

5
0

This post has been deleted by a moderator

Anonymous Coward

The Microsoft Secure Professional PowerCloud XP Enterprise 9000 ...

...cannot do that. I'm sorry Dave.

Please place your data into the airlock.

Please Dave.

It's very important Dave. You must place your data into the airlock.

Place your data into the airlock Dave.

2
0
Facepalm

Somebody surely got ballmered ...

Nope ... no chair smash against the wall this time. Monkey-boy has no doubt called the Azure crew into his office, and he's smashed his chairs on their monkey-butts.

Atta boy, Ballmer. I read the piece in Fortune Magazine awhile back about how M$ motivates its crew. He had to expect that this was comin' down the pipeline.

2013 ... the year all the monkeys came to dance on Monkey-Boy's head.

1
1

This post has been deleted by a moderator

Anonymous Coward

Re: More FAIL

To be fair, that first one was 10 years ago.

Still, it's amusing that a decade later, they're still making this rookie mistake.

3
0
This topic is closed for new posts.

Forums

Biting the hand that feeds IT © 1998–2018