QRZ Temporarily Shut Down by Amazon Web Services Outage

LOL
The only real loss is the lack of a call sign lookup.

 

First, I don't know where you get "constantly babble" from, considering I never have. (Look through my post history, see for yourself)

Second, I work in IT security. For whom? The Department of Defense. Maybe this helps you understand why it's important to me that people keep their mouths shut. Try making a living attempting to help make the DoD networks more secure, only to have people undermine your work by telling everybody "Hey, look! Their system is down! All hands on deck and attack!" or, if he was correct, and it was in fact down due to some malicious attack "Hey look! It's back up now, but whatever you did worked!"

Let me say, no systems went down that I know of, I'm not important enough to have insight into that, but even if they did, we shouldn't be telling everyone. It may not be a matter of national security, but it IS a matter of common sense.

It's almost like telling your opinion of the worst way to die to the serial killer who is about to murder you... Don't make no stinkin' sense!


We can agree to disagree, that's fine, but this is what I do for a living, so forgive me if I come across as over-passionate.

 

Ok this appears to be true. I am just tired of government officials constantly using that excue.

In that case, it appears that it is indeed partially your problem.

I apologize for using false assumptions, it is not a good practice.

Now this is where I will directly disagree with you. Just because you work in that field does not mean you can just tell someone to "shut their mouth" because you feel like it. There is no obligation for them to listen and it does not show an intelligent approach.

Think of it this way, if you were in a different field and some competitor tried to undermine your work with a certain advertisement, you could not just tell them to not to put out the advertisement.

Your logic is failing in this situation in my opinion. The situation might be different if it was a known internal information leak.

Ok, that is good but really has little to do with the point I am making.

Lots of things make no stinkin' sense but all you can do is accept it.

Fine by me as well.

 

QRZ is a web site devoted to ham radio. If national security has been compromised such that this site is exposing intelligence secrets, we have much more to worry about. If that's the case, someone much higher up in the intelligence food chain than me needs to have a serious talk with his underlings.

...............Bob

 

I understand your point, however I think there is a bit of context that is lost here.. OPSEC is a requirement for government personnel. Failure to practice OPSEC is a punishable offence under the UCMJ for military members, and numerous federal laws/employer policies for civilians and contractors. My real complaint is with whomever leaked the information. If the information did not originate with the OP, then whomever told him. In my eyes, it's not a matter of me (some worker bee nobody) telling someone to shut their mouth, it's a matter of someone being OPSEC trained (if they weren't, they wouldn't have access to such information) disregarding that training and sharing that information. Furthermore sharing it with someone that would not have the state of mind to keep from blasting it to the world on a public forum.

All that said, this is all moot if the report is bogus, but security is a mind set. We really should ALL be aware of what we post and transmit. The whole world can see/hear what we're saying.


Finally, I'm certain this thread is destined for a lock since we've both strayed so far off topic. I apologize to Fred for getting in the weeds and muddying this thread up.

PCL - I'm willing to continue the discussion in private if you wish, but regardless, I'll be clear on your final.

-Alex

 

Of course it isn't. But for many organizations it offers security, backup, financial stability and freedom from the cost/responsibility of owning their own stuff. That's a lot of good stuff on the positive side of the ledger.

The phone system pre-1970 or so was the ultimate cloud - you didn't even own the phone on your wall. You were entirely at the mercy of the phone system, but by and large, it was reliable and worth the money.

 

Remember human nature seems to be want to get and give out information and no amount of training can completely change that.

I sincerely doubt the poster was the leak source. If he was, he would spread it in a more secure way most likely.

Again, it is nearly impossible to completely change human nature.

Of course we have to be aware of what we post and transmit but also it should not get to the point of paranoia.
There is a significant chance the report is bogus regardless.

This is likely true but it is probably for the best anyway. I don't think these idle arguments are really helpful.

Since I feel we will never completely see each others point of view, it would be for the best to discontinue this conversion.
This will be my final post on the subject.

 

Dave,

I generally agree with you and understand the issues of weighing outages versus the time to build the redundancy. It is however a valid point that the particular data center you run from has had two unrelated outages in recent memory. Moving to another data center would do no good as you still have the single point of failure. More importantly, if you offered the service for free, then obviously you can do whatever you like with no expectation of being questioned in the way you provide a service. But, for some of us, you are not providing the service for free. Granted, the $40 annually I pay is not going to fund adding the infrastructure, but I think since you do offer higher levels of service, you have to acknowledge a little more responsibility. Note I am still not suggesting we cannot live without QRZ for a little while but when I read your email, it does come across as indifference to the fact that you are a business selling a service for which we pay. 4 nine's of uptime is indeed a success for the cost of the service (otherwise premium subscriptions would be $200 per year), but with your cost model, I would opt for contrition versus indifference (at least that is how it seems from a toneless medium such as a forum post).

Regards,

Tom Schaefer, NY4I

 

I guess you could ask for a refund for down time. If it's down for a day in the year that you paid $40 for then I guess you should expect to get about 11 cents back.

 

QRZ shutdown

You can fly thru the cloud if you have an instrument rating !
73 Joe W4CBJ

 

Ah! QRZ.com had a cloud burst

 

operational security at it's finest

We all need to wear our government rain boot's HI HI.

I to have worked in government wear i had and still do security clearances to sensitive information.
do a basic search of DOD security here's a few links what I commented about has already been in the national news this week. http://www.3news.co.nz/Urgent-revie...tems/tabid/1607/articleID/272967/Default.aspx Further more what I am reporting was over heard from a contractor who was sitting next to me eating lunch who had just been on base. He over heard the conversation being explained at the security desk at the visitor center. I know for a fact that there are layered security protocols that are in place to deal with this. The security failure was with the person at the desk not saying any thing other than I don't know whats going on and leaving it at that rather than going into the details that she did in open ear shot of all. The idea that some how my commenting several hours after the fact as Amazon was back up and running some how compromises security is laughable! Further more notice how I didn't go into detail as to what system or exactly how it affected things that's the common since at work. Great thing these constitutional rights freedom of speech and press.

That's all I will say about this as yes we are now off topic for the forums but I thought a response was warranted . Fred and his staff do an awesome job! I love QRZ but was just putting the thought out that maybe a diffrent server or better yet a secondary backup might be nice.

 

You do realize the link you shared was from a news station in the country of New Zealand reporting on New Zealand's GCIO, and completely irrelevent, right?

Again, if anyone wishes to discuss the topic further, I'd be glad to do so via PM.

 

Post above beat me to it Being from that part of the world, I've actually been following that story.

http://www.3news.co.nz/Urgent-revie...tems/tabid/1607/articleID/272967/Default.aspx

What???

This is a story article about government owned public kiosk computers in New Zealand. Someone discovered that they are configured very insecurely. It's possible to see the rest of their Windows network by doing File / Open in Word.

What has this got to do with Amazon, QRZ.com or US military security?

Bizarre indeed.

 

YES I DID LOL just seeing if you would bother reading the link. Do a simple Google search with these words US GOVERNMENT COMPUTER SECURITY FAILURES and that's just the tip of the iceberg. As for the rest of my post it speaks for it's self.