Connect with us

Technology

Microsoft extends ‘outage mode’ for Azure Active Directory • The Register

Voice Of EU

Published

on

Microsoft hopes to improve the resilience of its cloud services by extending an “outage mode” for Azure Active Directory to cover web as well as desktop applications.

Azure Active Directory (AAD) is Microsoft’s cloud directory which handles authentication for Office 365 and can be linked to on-premises Active Directory. Further, developers can write applications that use the service. However, if it goes wrong, customers experience multiple failures, including the inability to access the Azure Portal in order to manage other cloud services.

In December last year Microsoft updated its SLA (Service Level Agreement) for AAD to 99.99 per cent uptime, increased from 99.9 per cent, though with some sleight of hand as it also removed “administrative features” from its definition of availability.

Now the company has given more details about its efforts, focusing on a backup authentication service which replicates authentication data during normal operations, and then if the primary service fails, transitions to “outage mode” where it is able to check requests and provide tokens to clients.

Microsoft's diagram showing how backup AAD works

Microsoft’s diagram showing how backup AAD works

According to Microsoft this has been in operation for Outlook Web Access and SharePoint Online since 2019, though we note that during the September 2020 outage both Outlook and SharePoint were impacted. The reason given at the time was that “a recent configuration change impacted a backend storage layer”, a problem that was compounded by a further issue caused by “a change put in place to mitigate impact.” It seems therefore that the backup service was not sufficient in that instance.

There is also a limitation in that authentications are only processed by the backup service if the user has already accessed an “app or resource” within the last three days, described as the “storage window.” The company felt this was OK for most users who “access their most important applications daily from a consistent device,” but it is easy to think of cases where users will be locked out, for example if they purchase a new device.

It is better than nothing though, and Microsoft has been busy extending its applicability. Earlier this year support for desktop and mobile applications was added, and next year more web applications including Teams Online and the rest of Office 365 will be too. Customer applications using Open ID Connect will follow shortly.

More questions than answers

In some respects Microsoft’s latest post begs more questions than answers. A quick look at the Azure status page shows “Azure Active Directory – Issues when attempting to authenticate”, though possibly restricted to customers using Azure Active Directory External Identities, with the root cause attributed to “outbound port exhaustion”, though where that sits on the company’s architecture diagram is not clear.

In March this year there was an extended AAD outage caused by mistaken removal of a key used for cryptographic signing. Microsoft referenced the backup service at the time and said that “Unfortunately, it did not help in this case as it provided coverage for token issuance but did not provide coverage for token validation as that was dependent on the impacted metadata endpoint.”

It is apparent therefore that the extension of the backup service will not solve all the issues that might impact AAD even though it is beneficial.

In August this year Gartner analysts reported that customers “remain concerned about real-world impacts” from Azure reliability even though its performance is not bad in an absolute sense. Gartner considers some Azure regions less resilient than they should be, perhaps thanks to capacity issues – though note that the pandemic caused a spike in demand for all cloud providers.

Microsoft also has questions to answer regarding the Cosmos DB vulnerability described by security researchers at Wiz earlier this month. The vulnerability has been fixed, but the researchers identified what look like some extraordinary architectural mistakes, like firewall rules designed to prevent escalation of a breach but “these firewall rules were configured locally on the container where we were currently running as root. So, we simply deleted the rules (by issuing iptables -F), clearing the way to these forbidden IP addresses and to some even more interesting findings.”

It is a good thing when Azure CTO Mark Russinovich pops up to tell us, along with colleagues, about improvements in Azure reliability, and the extended AAD backup service is welcome even if not always effective, but we would like to know more about these other pressing matters. ®

Source link

Technology

South Korea sets reliability standards for Big Tech • The Register

Voice Of EU

Published

on

South Korea’s Ministry of Science and ICT has offered Big Tech some advice on how to make their services suitably resilient, and added an obligation to notify users – in Korean – when they fail.

The guidelines apply to Google, Meta (parent company of Facebook), Netflix, Naver, Kakao and Wavve. All have been told to improve their response to faults by beefing up preemptive error detection and verification systems, and create back up storage systems that enable quick content recovery.

The guidelines offer methods Big Tech can use to measure user loads, then plan accordingly to ensure their services remain available. Uptime requirements are not spelled out.

Big techs is already rather good at resilience. Google literally wrote the book on site reliability engineering.

The guidelines refer to legislation colloquially known as the “Netflix law” which requires major service outages be reported to the Ministry.

That law builds on another enacted in 2020 that made online content service providers responsible for the quality of their streaming services. It was put in place after a number of outages, including one where notifications of the problem were made on the offending company’s social media site – but only in English.

The new regulations follow South Korean telcos’ recent attempts to have platforms that guzzle their bandwidth pay for the privilege. Mobile carrier SK Broadband took legal action in October of this year, demanding Netflix pitch in some cash for the amount of bandwidth that streaming shows – such as Squid Game – consume.

In response, Netflix pointed at its own free content delivery network, Open Connect, which helps carriers to reduce traffic. Netflix then accused SK Broadband of trying to double up on profits by collecting fees from consumers and content providers at the same time.

For the record, Naver and Kakao pay carriers, while Apple TV+ and Disney+ have at the very least given lip service to the idea.

Korea isn’t the only place where telcos have noticed Big Tech taking up more than its fair share of bandwidth. The European Telecommunications Network Operators’ Association (ETNO) published a letter from ten telco CEOs asking that larger platforms “contribute fairly to network costs”. ®

Source link

Continue Reading

Technology

Twitter acquires Slack competitor Quill to improve its messaging services

Voice Of EU

Published

on

As part of the acquisition, Quill will be shutting down at the end of the week as its team joins the social media company.

Twitter has acquired the messaging platform Quill, seen as a potential competitor to Slack, in order to improve its messaging tools and services.

Quill announced that it will be shutting down at the end of the week as its team joins the social media company to continue its original goal “to make online communication more thoughtful, and more effective, for everyone”.

The purchase of Quill could be linked to Twitter’s new strategy to reduce its reliance on ad revenue and attract paying subscribers.

Twitter’s general manager for core tech, Nick Caldwell, described Quill as a “fresher, more deliberate way to communicate. We’re bringing their experience and creativity to Twitter as we work to make messaging tools like DMs a more useful and expressive way people can have conversations on the service”.

Users of Quill have until 11 December to export their team message history before the servers are fully shut down at 1pm PST (9pm Irish time). The announcement has instructions for users who wish to import their chat history into Slack and states that all active teams will be issued full refunds.

The team thanked its users and said: “We can’t wait to show you what we’ll be working on next.”

Quill was launched in February with the goal to remove the overwhelming aspects of other messaging services and give users a more deliberate and focused form of online chat.

In an online post, Quill creator Ludwig Pettersson said: “We started Quill to increase the quality of human communication. Excited to keep doing just that, at Twitter.”

The company became a potential competitor for Slack, which was bought by Salesforce at the end of 2020 for $27.7bn. The goal of that acquisition was to combine Salesforce’s CRM platform with Slack’s communications tools to create a unified service tailored to digital-led teams around the world.

Last week, Salesforce announced the promotion of Bret Taylor to vice-chair and co-CEO, just days after he was appointed independent chair of Twitter after CEO Jack Dorsey stepped down.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Continue Reading

Technology

Australians’ 2021 Google searches: Covid comes out on top with sport our favoured non-pandemic distraction | Google

Voice Of EU

Published

on

The Covid-19 pandemic once again dominated internet searches in Australia this year, as lockdowns gripped the two largest states, and people sought vaccines.

Google has compiled data on the most popular search terms from the previous 12 months, which showed Covid’s dominance in Australia was challenged by people looking for an escape in sports. The NBA, AFL, cricket, NRL, football, Wimbledon and the Olympics took out the top spots for most searched sport in Australia in 2021.

The Covid situation in New South Wales dominated news-related searches, with the Delta outbreak forcing the state into the longest continuous lockdown in 2021. Victorians, having endured the most number of days in lockdown since the pandemic started, did not appear to seek out information about the Covid situation in their own state nearly as much, with “coronavirus Victoria” coming in fifth in news-related searches, even behind Queensland at number three.

For the second year in a row, people Googled “how to make face masks” more than any other DIY-related search. As residents in NSW, Victoria and the ACT endured extended lockdowns, at-home activities like making your own candles, playdough, paper planes, and chatterboxes soared.

As Australia’s vaccination “strollout” gathered pace in the second half of 2021, people searched how to get their vaccination certificates, how to book their Covid vaccination, how to link their Medicare to myGov, and how to enter the Million Dollar Vax campaign.

Sign up to receive the top stories from Guardian Australia every morning

The shocking disappearance of West Australian four-year-old Cleo Smith and the dramatic rescue over two weeks later was the second biggest news event searched on Google by Australians. The ongoing search for missing toddler William Tyrrell came in sixth.

The former federal attorney general Christian Porter’s name dominated Google search trends in the days leading up to a press conference where he outed himself as the unnamed minister in an ABC report about an alleged historical rape. He vehemently denies the allegations. In his now-settled defamation suit against the ABC, lawyers for Porter raised that after the report searches of his name “increased significantly and much more so than any other senior male cabinet members”.

The former minister, who announced last week he would not recontest his WA seat of Pearce at the 2022 federal election, appears eighth in the 2021 list of news-related searches.

Porter was the fourth most-searched person overall in Australia, behind Cleo Smith, Ash Barty, and William Tyrell. The new NSW premier, Dominic Perrottet, came in sixth.

Bringing up the rear of news searches was the moment that shook Melbourne – literally – the 5.9 magnitude earthquake that hit Victoria in September.

Interest in all things cryptocurrency was also reflected in Australian searches with cryptocurrency exchange Coinspot the ninth most searched term, and people searched how to buy Dogecoin.

Prince Philip was the most searched among those who died in 2021, followed by US woman Gabby Petito, and Australian entertainment giant Bert Newton.

Thanks to Jaden Smith and Britney Spears, people were searching for the meaning of the word “emancipated” more than any other word in 2021, followed by “insurrection” after the events at the US Capitol on 6 January, then it was “gaslighting”, Naidoc and NFT.

Despite emerging late in the year, Omicron came in sixth as people looked up the meaning of the latest Covid-19 variant of concern.

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!