• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

Amazon AWS: Almost Perfect Cloud Failover Engineering

DarkCyber noted a tweet from Andy Hunt. The tweet stated:

Amazon AWS had a power failure, their backup generators failed, which killed their EBS servers, which took all of our data with it. Then it took them four days to figure this out and tell us about it.

We also noted this write up: “Strangelove Redux: US Experts Propose Having AI Control Nuclear Weapons.” Assume Amazon continues to make headway in the US government. What happens if an Amazon glitch occurs at a critical time?

Just an idle question.

Stephen E Arnold, September 4, 2019

NSO: More PR Excitement, Facts, or Bloomberg Style Reporting?

I read the Financial Times’ write up about NSO Group. The title is a show stopper: “Israeli Group’s Spyware Offers Keys to Big Tech’s Cloud.” (Note: You may have to pay money to view the orange newspaper’s online “real” news write up.

There’s a diagram:

There’s a reminder that NSO is owned by an outfit called “Q Cyber.” There’s information contained in a “pitch document.” There’s a quote from Citizen Lab, a watchdog outfit on cyber intelligence firms and other interesting topics.

What’s missing?

1. Information from a Q Cyber or NSO professional. A quote or two would be good.
2. Statements from an entity which has used the method and obtained the desired results; for example, high value intel, a person of interest neutralized, the interruption of an industrialized crime operation, or something similar
3. Scanned images of documents similar to the Palantir Gotham how to recently exposed by Vice, a zippy new news outfit.

Think about the PR problem the revelations create: NSO gets another whack on the nose.

Think about the upside: Visibility and in the Financial Times no less. (Does NSO need more visibility and semantic connections to Amazon, Apple, or any other “in the barrel” high tech outfit?)

Outfits engaged in cyber intelligence follow some unwritten rules of the road:

First, these outfits are not chatty people. Even at a classified conference where almost everyone knows everyone else, there’s not much in the way of sales tactics associated with used car dealers.

Second, documentation, particularly PowerPoints or PDFs of presentations, are not handed out like chocolate drops for booth attendees who looked semi alert during a run through of a feature or service. Why not whip out a mobile device with a camera and snap some of the slides from the presentation materials or marketing collateral? The graphic is redrawn and quite unlike the diagrams used by NSO type cyber intel outfits. Most trained intelligence professionals are not into “nifty graphics.”

Third, cyber intel companies are not into the media. There are conference organizers who snap at people who once worked as a journalist and made the mistake of telling someone that “before I joined company X, I worked at the ABC newspaper.” Hot stuff New York Times’ stringers are stopped by security guards or police before getting near the actual conference venue. Don’t believe me. Well, try to gate crash the upcoming geo spatial conference in Washington, DC, and let me know how this works out for you.

Fourth, why is NSO acting in a manner so different from the other Israel-influenced cyber intelligence firms? Is Voyager Labs leaking details of its analytic and workflow technology? What about Sixgill’s system for Dark Web content analysis? What’s Webhose.io doing with its content and expanding software suite? What’s Verint, a public company, rolling out next quarter? NSO is behaving differently, and that is an item of interest, worthy of some research, investigation, and analysis.

For the established cyber intel firms like NSO, assertions are not exactly what sells licenses or make BAE Systems, IBM, or Raytheon fear that their licensees will terminate their contracts. How many “customers” for NSO type systems are there? (If you said a couple of hundred, you are getting close to the bull’s eye.) Does publicity sell law enforcement, security, and intelligence systems? Search engine optimization specialists are loco if they think cyber intel firms want to be on the first page of a Google results page.

Consider this series of bound phrases:

Cat’s paw. Bloomberg methods. Buzzfeed and Vice envy. A desire to sell papers. Loss of experienced editors. Journalists who confuse marketing with functioning software?

These are the ideas the DarkCyber team suggested as topics an investigator could explore. Will anyone do this? Unlikely. Too arcane. Too different from what problems multiple systems operating on a global scale present for one method to work. Five Eyes’ partners struggle with WhatsApp and Telegram messages. “Everything” in Amazon or Apple? Really?

Net net: Great assertion. How about something more?

Stephen E Arnold, July 20, 2019

The Cloud, SaaS, PaaS, and CaaS: Old Wine, Newish Bottles

I read in SaaStr, a blog whose name I have no idea how to pronounce, “SaaS Unicorns vs New Categories.” The information in this post is a list of “100+ public SaaS companies and unicorns.” What’s interesting about the list is that “70 percent” of the entries are recycled software. How is this possible? The obvious answer is that a new name, a strong elevator pitch, and investors looking for a big pay day seems to work magic.

A couple of observations:

• A rose by any other name is still a rose. What hack said that?
• The cloud is a version of time sharing; that is, forget the computer on every desk. The network is the computer. Who said that crazy thing?
• Who cares? What me worry? Who said that?

Net net: Innovation is moving in the direction of cereal. New box, new slogan, and new colors. Same stuff: Pressed genetically modified grain. The staff of life goes digital.

I use three, maybe four applications each day. I have used these same digital tools since I got my hands on my own terminal at Halliburton Nuclear in 1972, maybe 1973. True, I couldn’t carry it around.

The innovations have less to do with the functionality and more to do with convenience, economies of scale, and short attention spans. Just the view from Harrod’s Creek.

Wine now comes in tubes. Great innovation but not much of an improvement over clay jars used thousands of years ago. Just like timesharing.

Stephen E Arnold, June 27, 2019

Frisky Language Aside: An Important Cloud Message

I don’t know much about Digital Ocean, droplets, Checkly, Raisup, “”or the other Fancy Dan technologies mentioned in the write up. I usually ignore articles with unpleasant language. I worked through this write up because in Myrtle Beach at the policeware conference, there was quite a bit of chatter about the move to the cloud by law enforcement entities of all shapes and sizes.

The title of the article is “Why the recent “Digital Ocean Killed My Company” incident Scares the [curse word] Out of Me.” The link to the story is here. The main idea is that a cloud provider relied on a monitoring system. The customer found that his account was killed. After some flim flam, the account was restored. There are other details, but the value of the write up resides in these points, often buried in the description of who shot John or Jane in the back on a stormy night near the digital corral.

ITEM 1: “I’m scared I could be hit by an out-of-control abuse algorithm and a broken customer service process. And I have zero Twitter clout or any other online notoriety.” DarkCyber’s comment: Yep, get used to the reality of engineers who either don’t know, don’t care, or who are trying to find a better job.

ITEM 2: “you can’t just shrug off basic service reliability and availability planning just because you’re a (small) startup. Consequently, that is the whole reason you are using a cloud service.” DarkCyber’s comment: Sorry, no free lunch.

ITEM 3: “You only have to be wrong once.” DarkCyber’s comment: Some folks are used to getting gold stars for trying hard. Nope, gold stars go to those who win the race, are the top student in math, and those who don’t make mistakes. Life is cruel for those who make errors.

ITEM 4: Do have some backups. DarkCyber’s comment. That’s good advice.

Stephen E Arnold, June 7, 2019

Centralizing and Concentrating: Works Great Until It Does Not

No joke or joke? Let’s assume the story is true.

US airlines are proving that centralizing and concentrating online services works great until the system fails. I read “Computer Outage Affecting Major US Airlines including Southwest, Delta and United Causes Hundreds of Flight Delays Nationwide.” (I first saw the news in a UK stream from the Daily Mail, a British newspaper.) As I write this at 910 am US Eastern (April 1, 2019), the story is now appearing in other feeds. The problem appears to be one with software called Aerodata. By 840 am US Eastern time, more than 700 flights were affected.

What seems to be lousy systems administration, engineering, or business processes have made April 1, 2019, into unpleasant anecdotes, not frothy jokes.

Aerodata’s Web site cheerfully reports my public IP address which, not surprisingly, is not what my IP address is. The Web site requires Flash, a super unsecure software in my opinion. I was not able to locate current news from the company. I noticed that VMWare mentions that the company uses VSAN to power a modern software defined data center.  You can read the marketing inspired explanation at this link or you could at 917 am US Eastern on April 1, 2019.

According the a Chicago NBC outlet, all is well again. You can get this take at this link.

What happens if a cyber attack takes down a concentrated service?

Stephen E Arnold, April 1, 2019

Juicy Target: Big Cloudy Agglomerations of Virtual and Tangible Gizmos

Last week I had a call about the vulnerability of industrial facilities. The new approach is to push certain control, monitoring, and administrative systems to the cloud. The idea is that smart milling machines, welders, and similar expensive equipment can push their data to the “cloud.” The magic in the cloud then rolls up the data, giving the manufacturing outfit a big picture view of the individual machines in multiple locations. Need a human to make sure the industrial robots are working happily? Nope. Just look at a “dashboard.” If a deity were into running a chemical plant or making automobiles, the approach is common sense.

I read “Citrix Hacked and Didn’t Know Until FBI Alert.” The FBI is capable, but each week I receive email from companies which perform autonomous, proactive monitoring to identify, predict, and prevent breaches.

The write up points out

The firm attributed the attack to an Iranian group called “IRIDIUM” and says it made off with “at least 6 terabytes of sensitive data stored in the Citrix enterprise network, including e-mail correspondence, files in network shares and other services used for project management and procurement.”

The article buries this statement deep in the report:

The breach disclosure comes just three days after Citrix updated its SD-WAN offering to help enterprises to administer user-centric policies and connect branch employees to applications in the cloud with greater security and reliability. The product is intended to simplify branch networking by converging WAN edge capabilities and defining security zones to apply different policies for different users.

What’s the implication?

Forget Go to My PC vulnerabilities. Old news. The bad actors may have the opportunity to derail certain industrial and manufacturing processes. What happens when a chemical plant gets the wrong instructions.

Remember the Port of Texas City mishap? A tragic failure. Accidental.

But Citrix style breaches combined with “we did not know” may presage intentional actions in the future.

Yep, cloudy with a chance of pain.

Stephen E Arnold, March 9, 2019

Fragmented Data: Still a Problem?

Digital transitions are a major shift for organizations. The shift includes new technology and better ways to serve clients, but it also includes massive amounts of data. All organizations with a successful digital implementation rely on data. Too much data, however, can hinder organizations’ performance. The IT Pro Portal explains how data and something called mass data fragmentation is a major issue in the article, “What Is Mass Data Fragmentation, And What Are IT Leaders So Worried About It?”

The biggest question is: what exactly is mass data fragmentation? I learned:

“We believe one of the major culprits is a phenomenon called mass data fragmentation. This is essentially just a technical way of saying, ’data that is siloed, scattered and copied all over the place’ leading to an incomplete view of the data and an inability to extract real value from it. Most of the data in question is what’s called secondary data: data sets used for backups, archives, object stores, file shares, test and development, and analytics. Secondary data makes up the vast majority of an organization’s data (approximately 80 per cent).”

The article compares the secondary data to an iceberg, most of it is hidden beneath the surface. The poor visibility leads to compliance and vulnerability risks. In other words, security issues that put the entire organization at risk. Most organizations, however, view their secondary data as a storage bill, compliance risk (at least that is good), and a giant headache.

When surveyed about the amount of secondary data they have, it was discovered that organizations had multiple copies of the same data spread over the cloud and on premise locations. IT teams are expected to manage the secondary data across all the locations, but without the right tools and technology the task is unending, unmanageable, and the root of more problems.

If organizations managed their mass data fragmentation efficiently it would increase their bottom line, reduce costs, and reduce security risks. With more access points to sensitive data and they are not secure, it increases the risk of hacking and information being stolen.

Whitney Grace, January 28, 2019

Amazon Opens a New Front in the Cloud Wars

A Microsoft “expert” has explained why Azure, the Microsoft cloud service, why the Azure cloud failed Thanksgiving week. Like the explanation for the neutralizing of some customers’ Windows 10 machines, three problems arose. You can work through the explanation at this link, but you may, like me, remain skeptical about Microsoft’s ability to keep its cloud sunny. Key point: Microsoft apologizes for its mistakes. Yada yada yada.

At about the same time, Amazon announced that its cloud service uses its own custom designed Arm server processors. How will Microsoft compete with a service that is not without flaws but promises lower costs? The GeekWire write up states:

Vice president of infrastructure Peter DeSantis introduced the AWS Graviton Processor Monday night, adding a third chip option for cloud customers alongside instances that use processors from Intel and AMD. The company did not provide a lot of details about the processor itself, but DeSantis said that it was designed for scale-out workloads that benefit from a lot of servers chipping away at a problem.

From our vantage point in Harrod’s Creek, the Amazon approach seems useful for certain types of data mining and data analytics tasks. Could these be the type of tasks which are common when using systems like Palantir Gotham’s?

The key point, however, is “low cost.”

But the important strategic move is that Amazon is now in the chip business. What other hardware are the folks at the ecommerce site exploring? Amazon network hardware?

Microsoft makes fuzzy tablet-laptops, right?

Stephen E Arnold, November 30, 2018

Cloudtenna for Combined Cloud and Local Search

Here’s a claim we’ve heard before: ZDNet declares, “Find a File Anywhere: Cloudtenna Targets Local and Cloud File Search.” Writer Robin Harris begins by describing the problem this upgrade addresses—an increasing number of cloud storage locations, combined with on-premise servers, make good search solutions even more challenging to build. Startup Cloudtenna is now expanding their cloud search engine, DirectSearch. Harris writes:

“The new product adds a machine learning platform that find files across disparate platforms, including Dropbox, Box, Microsoft OneDrive, Google Drive, Outlook, Gmail, Slack, Atlassian JIRA and Confluence, and local file servers. You can search on name, sender, date, file type, keyword, content, and other attributes regardless of where the file is located. That’s a lot, but it’s not the hard part. Nor is respecting file permissions, meaning that users can’t access files they aren’t supposed too. The hard part is doing this and delivering sub-second response times, even when thousands of users are searching across billions of files stored on dozens of repositories.”

Machine learning and a lightweight crawler (that collects metadata instead of files themselves) are strengths of the new platform. The company was understandably tight-lipped about the tech behind their cloudy search prowess, but they did release this tidbit:

“It uses real-time binding to build its file index and then performs consistency checks to capture deltas, such as a security change or a deleted file. File deduplication and ACL crunching reduces data required by the index, significantly reducing storage costs and requirements.”

A new OEM partner program helps users embed DirectSearch into existing platforms, and Cloudtenna offers a free, three-month account as a trial for potential users. Based in Sunnyvale, California, the company was founded in 2013.

Cynthia Murrell, November 15, 2018

Microsoft: Is the Master of Windows 10 Updates Really Beating Amazon in the Cloud?

How about that October 2018 Windows update? Does that give you confidence in Microsoft’s technical acumen? What? You are telling me that it is apples and oranges. Okay. Everyone is entitled to an opinion.

After reading a former Oracle executive’s analysis of Microsoft and Amazon cloud revenue, I suppose one could make that argument. I am not sure I buy the Forbes argument in “#1 Microsoft Beats Amazon In 12-Month Cloud Revenue, $26.7 Billion To $23.4 Billion; IBM Third.” The write up makes clear that the analyst is an award winning PR type at SAP and then a “communications officer” at Oracle before finding his true calling at Evans Strategic Communications LLC.

Is Microsoft #1?

From my point of view in lovely Harrod’s Creek, Kentucky, there are several items of information omitted from the Forbes’ analysis; for example:

How does Microsoft calculate its cloud revenue? Does the number include enforced cloud services?

What part of Microsoft’s cloud revenue is generated by accounting methods such as reallocating revenue and thinking really hard about attributing certain revenue to the cloud line items?

Using these accounting methods, how has Microsoft’s cloud revenue tracked over the last 12 quarters?

Analyses require more than accepting the rolled figure. But that’s in rural Kentucky, the rules may be different for PR experts in a real technology hotbed.

Now Amazon is no Mr. Clean when it comes to reporting its financial data. For years, AWS revenue was expressed as weird stuff like the number of things a complex network of computers does to complete work. Now Amazon generally reveals some numbers, and I assume these can be tweaked by figuring in some of the Amazon ecommerce magic into the cloud.

The larger question for me is:

Why is a former Oracle guy writing a pro Microsoft and pro IBM story about the cloud race among three firms?

The write up included this bit of “let’s not talk about the October update” offered up by Microsoft’s big dog:

CEO Satya Nadella offered this perspective on the centerpiece of the Microsoft cloud: “Azure is the only hyperscale cloud that extends to the edge across identity, data, application platform and security and management. We introduced 100 new Azure capabilities this quarter alone, focused on both existing workloads like security and new workloads like IoT and Edge AI.”

Yep, I believe this. Every. Word.

Perhaps nailing down the inclusions in the gross cloud revenue numbers would be a useful first step? Would it be helpful to learn why an Oracle PR pro is dissing Amazon?

The capitalist tool’s presentation of this analysis might have caused Malcolm Forbes to crash his motorcycle on the way to brunch in Manhattan on Sunday morning.

Quite an “analysis.”

Stephen E. Arnold, November  7, 2018

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Fogint
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month March 2025 February 2025 January 2025 December 2024 November 2024 October 2024 September 2024 August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • AI Generated Code Adds To Technical Debt
  • Patents, AI, and Lawyers: Litigators, Start Your Engines
  • Another New Search System with AI Too
  • Encryption: Not the UK Way but Apple Is A-Okay
  • Attention, New MBAs in Finance: AI-gony Arrives

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org