this post was submitted on 06 Dec 2024
69 points (100.0% liked)

Technology

37799 readers
140 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Archived

It's not just Microsoft and Crowdstrike: Cloudflare, the internet infrastructure giant, experienced a major outage on November 14th, resulting in the irreversible loss of over half of its log data. The outage, which lasted for 3.5 hours, stemmed from a faulty software update that crippled the company’s log service, preventing it from delivering crucial data to customers.

Log services are essential for network operations, allowing businesses to analyze traffic patterns, troubleshoot issues, and detect malicious activity. Cloudflare’s log service, which processes massive volumes of data, relies on a tool called Logpush to package and deliver this information to customers.

However, an update to Logpush on November 14th contained a critical error. As Cloudflare explained in their incident report, the update failed to instruct auxiliary tools to forward the collected logs, leading to a situation where logs were gathered but never delivered. This data was subsequently erased from the cache, resulting in permanent loss.

“A misconfiguration in one part of the system caused a cascading overload in another part of the system, which was itself misconfigured. Had it been properly configured, it could have prevented the loss of logs,” Cloudflare stated in their report.

While engineers quickly identified the flaw and rolled back the update, this triggered a cascading failure. The system was flooded with an overwhelming influx of log data, including data from users who hadn’t even configured Logpush, further exacerbating the issue.

Cloudflare has issued an apology for the incident and the permanent loss of user data.

you are viewing a single comment's thread
view the rest of the comments
[–] TehPers@beehaw.org 2 points 2 weeks ago (2 children)

Unless I'm missing what they're referring to, I don't see why MS even comes up related to Crowdstrike. A software dev that deploys to Windows making a royally bad mistake doesn't exactly make that MS's fault.

[–] Troy@beehaw.org 3 points 2 weeks ago (1 children)

If I use a third-party for delivering my service or product, you may assume that I am also responsible for the their mistake because it effects my own offering.

[–] TehPers@beehaw.org 1 points 2 weeks ago

Did MS deliver a product through Crowdstrike? Maybe that's what I'm missing here. I don't use Crowdstrike myself, so I'm not sure how it relates at all to MS except that it works on Windows.

[–] jlh@lemmy.jlh.name 1 points 2 weeks ago

Microsoft doesn't support secure ways of monitoring processes like Linux does