Mastodawn

Research Network Digi-Oek.ch 6d ago

[en] Cloud outages: "#Concentration is the real risk" - Prof Doug #Jacobson

For example, #DNS ... has quietly become a single point of failure ... DNS is not alone.

#Cloud outages are getting more #expensive. "#Centralization magnifies these costs."

"... concentration means that a single configuration error, routing issue or attack can ripple across much of the web."

https://theconversation.com/why-cloud-service-outages-ripple-across-the-internet-and-the-economy-272241

#cybersecurity #spof #outage #crowdstrike #iastate

Why cloud service outages ripple across the internet – and the economy

It makes sense for companies and organizations to outsource key internet services, but with those services in the hands of a few corporations, failures have a wide impact.

The Conversation

Jérôme Herbinet | FLOSS Nov 19

🔥 Internet s’est encore cassé la gueule à cause d’un seul acteur. Bienvenue dans la monoculture logicielle et ses #SPOF à large échelle. #Cloudflare, rappel utile : vos données sont entre leurs mains… et celles de Donald 🇺🇸.
💥 Ces derniers tps, tous ont merdé : #AWS, #Microsoft, #Meta, #Google... #GAFAM.
⚠️ Les solutions libres et décentralisées ? Oui, ça demande un effort, mais les boîtes acceptent de galérer pour la compta ou le bâti, mais pas pour le numérique, encore jugé comme "non vital" 🤦

Show thread

Kevin Karhan

Nov 4

@Mer__edith That's why YOU DON'T DO THAT to begin with!

Cuz lets be fundamentally clear on this one: There's no "legitimate reason" to mandate #PII like #PhoneNumbers and have #centralized infrastructure so riddled with #SPOF|s that it can't handle a single datacenter outage.
Seriously, if @signalapp was coded by some freelancer on #Fiverr for like $100 I'd be okay with that. But how many $ did the development and infrastructure cost you (per year)?

To me this is #malpractice!

rniamat ✍🏽Oct 28

Signal waarschuwing die meevalt, maar wel te denken geeft
In de Signal app verscheen bij een account de waarschuwing “Je veiligheidsnummer met [naam] is veranderd”. Volgens de supportpagina kan er dan van alles mis zijn, dus oplett
https://www.niamat.nl/blog/signal-waarschuwing-die-meevalt-maar-wel-te-denken-geeft/
#Algemeen #security #spof

synlogic4242 Oct 27

anyone know of an e2ee comms tool like Signal but without any SPOFs?

#Signal
#SPOF

synlogic4242 Oct 27

so... turns out that Signal has a SPOF on AWS us-east-1

... *until* and unless they can prove (or at least convince us) they have made approp changes and therefore no longer do

plan accordiningly, folks!

e2ee comms matters little if its backend pipes are down. all that fancy encryption becomes irrelevant if DoS'ed, at scale, and without warning

Vint Cerf would not be happy!

#Signal
#SPOF

synlogic4242 Oct 22

Vint Cerf and Al Gore, in all their wisdom, designed The Internet to be able to withstand a nuclear attack on large parts of it, on key hubs, and yet survive and continue to work fine.

By 2025 AWS has become a de facto SPOF (single point of failure) for a *significant* percentage of the world's compute infrastructure.

And The Bad Guys out there know it.

So let's change it, mmmmkay?

#AWS
#SPOF

synlogic4242 Oct 21

Anybody want to send me cash to make code contribs (part-time, remote) to CoreDNS?

Focused on perf, scale, availability, reliability, failover, latency, throughput, etc

cuz SPOFs are bad (esp at Internet-scale), mmmmmkay

#DNS
#CoreDNS
#PaidFOSS
#AWS
#AWSOutage
#outages
#availability
#SPOF