Skype Blames Microsoft Patch Tuesday for Outage 286
brajesh writes to tell us that Skype has blamed its outage over the last week on Microsoft's Patch Tuesday. Apparently the huge numbers of computers rebooting (and the resulting flood of login requests) revealed a problem with the network allocation algorithm resulting in a couple days of downtime. Skype further stressed that there was no malicious activity and user security was never in any danger.
Yeah........ (Score:2, Interesting)
Re:Yeah........ (Score:4, Insightful)
Re:Yeah........ (Score:5, Interesting)
Re:Yeah........ (Score:5, Interesting)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2, Insightful)
You still typically need to reboot when done. In this case, I don't think the load should have been a big issue - other than what was mentioned by another reply, namely that it would increase the variance of time for when the reboots occured (differing connection speeds). This would actually be to the advantage of Skype I'd think.
Skype said it's the reboots that matter (Score:4, Informative)
Maybe the average machine had more downtime on this month's reboot? Or the reboots happened in a more concentrated time window?
Re:Skype said it's the reboots that matter (Score:5, Insightful)
Re: (Score:2)
Re: (Score:3, Informative)
Re: (Score:3)
Re: (Score:3, Informative)
Faaaaaalse. Since win2k, you've had the built-in ability to select an account, and have your machine behave as if that account was "logging in" automatically.
Granted, MS makes that setting a little hard to find, something that Tweak UI remedies, but still.
Re:Yeah........ (Score:5, Informative)
I had to leave town and usually leave Thunderbird up and running to filter my mail on my IMAP account so my laptop syncs without having to redo all the filters I have in place. After no reboot on Tuesday I was relieved that I wouldn't have an issue with a down T-bird unless the power went out - which never happens unless I leave town (happened only once before).
Sure enough, none of my mail is filtered after Thursday. Come home this morning and see "Your computer has been recently updated" balloon.
Re: (Score:3, Funny)
[Thursday is when Patch Tuesday happened]
Sometimes it's early, sometimes it's late. Sometimes it's big sometimes you don't notice. Ask your girlfriend about TinyFlacid Windoze.
Wiretap law? (Score:5, Interesting)
Consider that Skype could not tell the users of the real reason even if they wanted to: the law mandates that the forced cooperation be kept in secret.
Re:Wiretap law? (Score:5, Interesting)
Interesting point, but Skype is based in Luxembourg and has no obligation to US law. Then again, they are owned by eBay, but just because they are owned by a US company does not mean much: they do not have to follow every shareholder's local law.
Re: (Score:2)
Not to mention that Skype has a US office, which means they do have some obligation to follow US laws.
how wrong you are (Score:4, Interesting)
Otherwise, Foster Wheeler would just setup a shell in another country and start building refineries for Cuba.
I, personally, know of companies who have gotten into trouble when their equipment, somehow, found it's way to a restricted country (Cuba, Sudan, Syria, Iran, etc). The US treasury department publishes a list. [doc.gov] Admittedly, this is only the voluntary actions but I am certain there are involuntary actions as well (ie: criminal cases). See the entry about Varian (Switzerland) for a specific example of what I am talking about.
The point is: they ARE subject to US law via eBay owning them.
Re:how wrong you are (Score:4, Interesting)
You are so, so wrong. If a US company owns them, then they are subject to US law. This is to prevent US based companies from just setting up a shell and providing services to, say....Cuba or any other restricted country. There are countless examples of subsidiaries getting in trouble for things that are illegal in the US -- but not where their offices are.
Or the other way round... In Norway, denying services due to e.g. nationality is illegal. If a US owned company operating in Norway does not serve Cuban customers, they could face discrimination charges. As they should, US law should not apply here.
Re:Wiretap law? (Score:5, Funny)
Yes, the US government ordered Skype (a UK company, btw) to shut down for two days and blame it on Microsoft, and they complied. Hint: The aluminum foil goes on your head, not crammed forcibly into your ear.
Re: (Score:3, Informative)
Re:Wiretap law? (Score:5, Funny)
I agree. Every two-day outage of a web service can only logically be explained as a consequence of George Bush spying on you.
One-day and three-day outages, that's something else entirely.
Re: (Score:2)
Agreed. One-day outages are done by the Illuminati, and the three-day ones are almost always Gremlin-related.
Re: (Score:3, Interesting)
If you ask me, peer to peer phone is a stupid idea anyway.
Re:Yeah........ (Score:4, Insightful)
Skype network was overloaded by the zillions of Windows PCs rebooting after the patch installations.
Re: (Score:2, Flamebait)
Re: (Score:3, Informative)
Re: (Score:2, Funny)
Apologies to Obi-Wan [imdb.com].
UserFriendly said it better (Score:3, Funny)
You're right. (Score:2)
Re:Yeah........ (Score:5, Interesting)
Re:Yeah........ (Score:5, Insightful)
Re: (Score:2, Funny)
Re: (Score:2)
Re:Oh please! (Score:5, Insightful)
For the love of God editors, I understand that it is fine to write a sensationalist title on some articles but that is blatant FALSE. It is a complete LIE. People at Skype specifically stated that the fault was in *their* log-in mechanisms.
Really this kind of journalism is disgusting... I am tagging this story as LIE which I hope other people do as well, unless editors change the title.
I find hard to believe Slashdot has got so low... this and the speculative digg-like "articles" ending with a question mark "?", What the fuck.
Re: (Score:3, Insightful)
For the love of God editors, I understand that it is fine to write a sensationalist title on some articles but that is blatant FALSE. It is a complete LIE. People at Skype specifically stated that the fault was in *their* log-in mechanisms.
Really? So when they said [skype.com], "[t]he disruption was triggered by a massive restart of our users computers across the globe within a very short timeframe as they re-booted after receiving a routine set of patches through Windows Update", they didn't really mean it?
Come on, just admit that you're wrong. It was a fault with their auth service in the sense that it wasn't able to cope with a Patch Tuesday-induced slashdotting that it wasn't designed for.
After watching Sycko now I am very afraid to live in the USA. How can you live there?
The same way Australians can live in Australia, even
Re:Yeah........ (Score:4, Informative)
Skype's model is somewhat controversial. My own company does not allow employees to run Skype on company issued laptops because the closed code is running distributed and there is no way of knowing where company confidential conversations might be landing.
Skype did not blame Microsoft (Score:5, Informative)
Re:Skype did not blame Microsoft (Score:5, Interesting)
Re: (Score:2)
Re:Skype did not blame Microsoft (Score:5, Insightful)
Isn't this how it's supposed to work?
Re:What part of Skype's Blog Did You Not Understan (Score:3, Insightful)
Skype Blames Skype for Outage (Score:5, Informative)
That's what Skype says. Doesn't sound like they're blaming anyone but themselves.
They rightly blamed M$. (Score:3, Insightful)
SKYPE is blaming Skype for the outage quite contrary to the completely misleading headline on this article.
No, I don't know better [slashdot.org]. They have takes some part of the blame but a M$ anomaly was the initiating cause. To be fair to Skype you have to admit that 85% of the world's computers turning off at the same time is not an event a normal person would predict nor could such an event be tested in advance. M$'s synchronized forced updates are a menace.
So, their servers got hammered (Score:2)
It sounds like bad planning on their part. A large scale power outa
Re: (Score:2, Informative)
Grow up (Score:4, Insightful)
That's the reason the use MS (Score:3, Funny)
Re: (Score:2)
Re: (Score:3, Insightful)
Welcome to Slashdot.
In other news . . . (Score:5, Funny)
Re: (Score:3, Funny)
Re: (Score:2)
I just had to say, that really made me laugh. Maybe it was imagery of it all.
Cheers,
Fozzy
timezones (Score:5, Interesting)
Re: (Score:2)
Note absence of word "Microsoft" (Score:3, Insightful)
Note that nowhere in Skype's announcement does the word "Microsoft" appear.
It's very striking how, when some major vulnerability appears, Microsoft's name doesn't appear prominently in news releases.
It also reminds you that Redmond has the power to reboot most of the computers in the world remotely. What if, one day, they didn't come back up?
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Well that's an easy one. We'd format them and install Linux instead, so it can't happen to our friends again.
Of course, we'd put Windows right back on for our customers, since 2 hours sitting on your ass and getting paid for it is always good, and Windows virtually assures you'll get to do it again in the future, too.
Re: (Score:2)
"The disruption was triggered by a massive restart of our users' computers across the globe within a very short timeframe as they re-booted after receiving a routine set of patches through Windows Update."
P2P dumbness (Score:5, Interesting)
VOIP connections should be direct encrypted connections from my computer to the computer of the person whom I wish to contact. Period.
NAT dumbness (Score:2)
Hello.... NAT, anyone?
Re: (Score:3, Informative)
Re: (Score:3, Insightful)
Hello, it's the freaking internet, you're call is going to get routed to hell and back. Encrypted or not, you're going to be bouncing from routers to ISPs, to backbones, and back down the other side, and depending on your flavor you may even have a 3rd party provider to talk to in the loop.
-Rick
Re:P2P dumbness (Score:5, Informative)
Unlikely story! (Score:2)
This has been going on for years now. You will note that the outage occurred on *Thursday* August 16th. Microsoft's patching schedule is every Tuesday. Typically computers reboot on Wednesd
Like I needed another reason not to use VoIP (Score:3, Interesting)
This is why I won't even consider VoIP. Why in the world would I want to take risks like this? I live in a house my family has lived in for over 60 years, with the same old phone line and it's NEVER GONE DOWN IN SIXTY YEARS! A couple of times a month my Internet craps out, though, though usually for less than an hour. And sometimes the router needs to be reset, like many people find they have to do periodically. What happens if I need 911 during one of those times, and I can't get around it?
"Internet phone", "digital phone" whatever they want to call it, anything but a REAL land-line from the local phone company is a substandard service by definition. They can throw whatever words out there to make it sound super-dooper, but it's a substandard service just like anyone who experienced this outage can tell you.
AE
Re: (Score:2)
I live in a house my family has lived in for over 60 years, with the same old phone line and it's NEVER GONE DOWN IN SIXTY YEARS!
It's not as simple as you describe. For example, in the United States at least, a large number of landlines were unable to initiate any phone calls on September 11, 2001, whereas internet based services such as e-mail had no problems on that day.
Even for people who need a landline for 911, VoIP is still a useful complement for a landline. You can use VoIP for calling overseas, and the landline for local calls. In fact, you don't even need to subscribe to a VoIP service -- any calls that you place overs
Yeah, but for how long? (Score:2)
The ultrareliable telephone service the U. S. has known for about a century is going away. It just doesn't make much money for the carriers,
What, you monitor your dial tone with nagios? (Score:5, Insightful)
Sure, you've never been affected by an outage of your phone service, but that doesn't mean it hasn't been out of service ever.
Plus, you pay for it too. At $30-40/month per line, you expect minimal outages. When you are paying $30/year or even nothing, a two day outage, while annoying, isn't surprising, especially when operated on a public network. Your phone line is on a private, dedicated network. You simply can't compare the two when it comes to uptime.
If all of Skype's customers paid $30-40/month, I'm much more confident that they wouldn't have had this outage.
Re: (Score:2)
Nice attempt at deflection of the topic, but the answer is very simple. No one who has lived in my house in 60 years has ever picked up the phone and it not worked.
That is a different experience than those who use this service have.
AE
Re: (Score:2)
Do you know any Skype users who have neither a landline nor a cell phone? I don't.
Do you know anyone who's called 911 with Skype? I don't.
In fact, for most Skype users, 911 isn't even a valid number where they live.
Reminds me of AOL crashing mail servers (Score:5, Interesting)
Re:Reminds me of AOL crashing mail servers (Score:5, Funny)
me2!!
monoculture (Score:2)
Anyone know... (Score:4, Funny)
Proof. (Score:2)
hmm (Score:3, Insightful)
Not MSs Fault (Score:2, Redundant)
More info: http://arstechnica.com/news.ars/post/20070820-gian t-synchronized-reboot-windows-update-smokes-skype. html [arstechnica.com]
Read TFA (Score:3, Funny)
Re: (Score:2)
You must be new here.
Not malicious? (Score:2)
But since it was a result of a Microsoft patch isn't that a contradiction?
Reminds me of a 50-year-old telephone outage (Score:5, Interesting)
The earthquake had jostled thousands of telephones off hook. The central office switches survived the quake just fine, but crashed due to a bug that seems eerily like the one Skype just described. Basically the switch kept a list of phones that were off hook. The switch is responsible for playing "dial tone" to those phones, but the central office only had a certain number of units that could play dial tone and listen for dialing. So the first "n" phones off hook got dial tone; the rest were put into a FIFO list of phones waiting for dial-tone equipment.
There were so many phones off hook due to the earthquake that the FIFO list overflowed, crashing the switch.
When the switch rebooted, it had to figure out which phones needed dial-tone. So it had to examine each phone line in turn, putting the ones that were off hook into the queue for a dial tone...thus overflowing the list and crashing the switch again. And again. And again.
After a while the telco folks figured out what was wrong, but then couldn't tell anyone about it...since the phones were down. They eventually had police and fire trucks driving all over town, stopping to hang up all the pay phones that were jostled off hook, and blaring over megaphones for people to hang up their phones.
Eventually enough phones were hung up so the switch could reboot without crashing - end of crisis.
Good times.
Serves Skype right (Score:3, Insightful)
Sorry. I have a rabid hatred of TSRs. Particularly those that don't show up in the Startup folder.
it's just you (Score:2, Informative)
Re: (Score:2)
I think the "mono-culture" thing is an interesting argument, but nobody is going to add or change operating systems because of this reason. So the argument is mostly academic. Furthermore, to solve this problem, you would need to replace the Skype mono-culture, not the Wi
Re: (Score:2)
Yes, that's also a good point. My argument isn't specific to an operating system monoculture; it applies equally to an application-level monoculture. This is why I believe in multiple implementations around a central o
Re: (Score:3, Insightful)
Not really why do you think that any exploit for Windows is so dangerous? Even then if you think about it the idea that EVERY windows system is going to have to reboot on a certian day is just laughable.
Re: (Score:2)
While your point is valid it's not really relevant to this particular situation since it was a single implementation of VOIP that died.
Skype going down had zero impact on my life or my network. If a computer is relying solely on Skye for VOIP then your statements would be relevant to the story. This is why I have both Cisco VOIP and Vertical's VOIP implemented into my network. The Cisco as a backup to my primary PBX. It's not as functional but during a failure mode it will still allow us to call out and to
Re: (Score:2)
A reasonable one might suggest Slashdot change their misleading headline, and recommend Skype fix their network. It's not like this is the first Patch Tuesday in history, or the last.
It's convenient to blame Microsoft, I think. Skype knows all over the internets today people will be waxing poetic about "software monoculture" and "M$ Windoze is teh suxxorz" instead of questioning why a simple DoS they're supposed to be able to handl
Re: (Score:2)
Headline is factually inaccurate. (Score:2)
-Rick
Re: (Score:2)
Re:Assuming this is true... (Score:4, Insightful)
Load testing is hard. I know. I used to do it. It is hard to anticipate what your peak load might be. It can also be hard to generate the right kinds and volumes of loads that your service might experience. Proper load testing requires a realistic test bed with enough machines running client simulation scripts to sufficiently load the machine. This requires a deep understanding from management that spending large amounts of money on non-production systems is essential. Your setup might deal with some kinds of load well and fail on others. Perhaps Skype had considered what might happen during a natural disaster with a large number of calls originating at the same time, but neglected to see login as a significant risk, especially if they had weathered that storm before.
My least proud moment in quality assurance was seeing my company's service go down for a weekend due to excessive database load. We had a new version of our web service software that required significant database changes to each user account (including database structure redesign...go ahead and wade through that hard book on database principles before you start coding my friends...funny its what I'm doing right now as I go from QA dude to programmer). We made an upgrade script that ran when each user logged in, which brought the user's data up to date with the current version of our software. The thing is I knew about the risk, measured a high load at user login, notified engineering about the potential problem, but didn't demand that the upgrade be placed on hold until the issue could be better quantified. Ah, live and learn.
-Jon
Re: (Score:2)
Re:Assuming this is true... (Score:5, Interesting)
We recently upgraded our login server authentification routines, and in spite of our testing, we missed something.
The underlying problem with Skype has always been the auth server: everything has to go through it. Worse, when a supernode goes down (e.g., reboots due to a planned install), everything connected to that supernode has to go through it. Now, Skype has been growing pretty fast, pretty much every week their auth servers handle more traffic than the previous week. Your average user might not reboot all computers at the same moment, but what about big enterprises?
And how does Skype pick its supernodes? We know one of the criteria is bandwidth. So let's say in some part of the world where a bunch of little skype clients are wired to a few big bandwidth providers, patch Tuesday hits, and a bunch of those supernodes reset at the same time. The Auth server is hit with the traffic, not from the rebooting supernode, but from all the clients connected to it. That's "peak load" for your auth server, and it increases every patch Tuesday.
Re: (Score:2)
Re: (Score:3, Insightful)