Monday, February 18, 2008

S3 Outage

A bit surprised this didn't make more news, but I find the S3 outage (originally via Tim Bray) fascinating. From what I can tell reading between the lines, it seems as though a handful of demanding clients ground the service down with bad authentication requests. Makes sense on some level, auth requests are computationally expensive and in this case, they came from within EC2. My guess is that Amazon treats EC2 as a more privileged network and ultimately allows a higher QoS level between EC2 nodes and S3 nodes. So, while it may be en vouge to diss "architects", it's also important to have people around who understand the fundamentals from TCP stacks through the crypto and application layers and who build reliable systems across all three.

My prediction is that we'll see more of these incidents from EC2-hosted nodes, then growing out to bad S3 requests across the public network launched from various bot nets. It's not an easy problem Amazon is undertaking with EC2 or S3 to begin with, it's an even more difficult one to protect from DDoS and DoS attacks.

No comments: