|
There is no guarantee it won't happen at another company. I should have chosen the option to pay monthly, instead of annually. My yearly subscription ends at October. I'll see if I can get my remaining money back.
|
|
|
|
|
That should teach you all that USB drives, Private NAS drives and other personal backup / repositories were a good idea and that the cloud is a bad idea.
|
|
|
|
|
The issue is not the cloud. The issue is trusting a single backup location (and I count "the cloud" as such). If you really care about backups, you should have different backup locations. And a cloud backup can still be a good choice for that as long as you still have your own copy somewhere.
|
|
|
|
|
In the case of the cloud, different backup locations has to be different cloud providers not just different data centers from the same company. If CodeSpaces had maintained backups with Microsoft, Google, Rackspace, or etc having their Amazon ECS account compromised and nuked would not have brought them down permanently.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
No, the cloud as your sole repository is a bad idea, just like have only your own NAS is a bad idea.
Combining them as backups of each other and your local copies is a good idea.
|
|
|
|
|
I wonder how "off-site" their backups really were if they could just be deleted from the control panel.
I store all of my code in Azure, but I also have everything backed up at home and on my own "off-site" backups. I always maintain 3 copies of everything I can't afford to lose, on seperate media, services and locations, none of which are connected to each other.
Unless an asteroid hits the East Coast and obliterates half the United States, it's impossible for me to lose everything like you have.
|
|
|
|
|
Dave Kreskowiak wrote: Unless an asteroid hits the East Coast and obliterates half the United States, it's impossible for me to lose everything like you have.
Now you're just tempting fate!!
|
|
|
|
|
I guess I'll say, there's something suspicious here. The grammar is terrible, and the very concept that backup data could be wiped is hard to believe. Furthermore, they talk about DDOS but also someone who had access to their control panel. How are those two related? And then there's this bizarre statement:
Upon realisation that somebody had access to our control panel we started to investigate how access had been gained and what access that person had to the data in our systems, it became clear that so far no machine access had been achieved due to the intruder not having our Private Keys.
No machine acccess...not having private keys? What does the double negative mean? And why would you even futz around "investigating" if you thought access was compromised? I would instantly change passwords, keys, etc.
At this point we took action to take control back of our panel by changing passwords, however the intruder had prepared for this and had already created a number of backup logins
And you didn't check for this? Supposedly compounding the problem?
And why hasn't this story been picked up in the news? There is absolutely no mention of it anywhere that I've found.
To be honest, this looks like a "take the money and run" scheme.
Marc
|
|
|
|
|
I was about to say the same thing. Alternatively, they lost data "accidentally" and are trying to cover themselves with the hacker theory.
|
|
|
|
|
I agree with what you are saying but the pedant in me forces me to point out that "no machine access had been achieved due to the intruder not having our Private Keys" Is not a double negative.
|
|
|
|
|
Track down the hacker and delete them.
|
|
|
|
|
Never put stuff you care about in the cloud without local working copies! It sucks that a provider was taken down (although I agree that the explanation seems pretty implausible and it sounds like a take-the-money-and-run type of thing), but you should never lose data if a remote provider goes down or becomes unavailable. Disk space is so cheap that there's no point in ever deleting any of your local source code, it will all add up to less than one video or CD unless you're really prolific.
|
|
|
|
|
The posting makes no sense to me. A big one is how would you lose the offsite backups? Sounds to me like an insider with a grudge did the deed.
|
|
|
|
|
Certainly doesn't pass the smell test...
".45 ACP - because shooting twice is just silly" - JSOP, 2010 ----- You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010 ----- When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013
|
|
|
|
|
Probably for them "offsite" == in a different amazon data center.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
Not wishing to take advantage of your misfortune, but this just confirms my distaste/distrust for "the Cloud".
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein | "As far as we know, our computer has never had an undetected error." - Weisert | "If you are searching for perfection in others, then you seek disappointment. If you are seek perfection in yourself, then you will find failure." - Balboos HaGadol Mar 2010 |
|
|
|
|
|
Sorry for your data loss. I find it very suspicious that the service can't restore older backups.
Going forward, you may want to consider using Visual Studio Online (Basic)[^]. It's free (for up to 5 users) and I've found it to be extremely reliable and very fast.
/ravi
|
|
|
|
|
Ravi Bhavnani wrote: I find it very suspicious that the service can't restore older backups. You and some others.
I don't; if they backup, then chances are that those backups be infected too, or simply invalid without anyone noticing. It wouldn't be much of a ransom if people could simply restore the backup - it wouldn't even be news, but merely a joke in the Soapbox.
--edit
tx for the link
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
Here at work my browser blocks this site, indicating it as Malware. It may be a false positive, but better be safe than sorry.
GOTOs are a bit like wire coat hangers: they tend to breed in the darkness, such that where there once were few, eventually there are many, and the program's architecture collapses beneath them. (Fran Poretto)
|
|
|
|
|
Why didn't they contact Amazon right away so their account could be temporarily frozen, preventing the malicious people from doing any further damage?
|
|
|
|
|
Behold the power of panic.
Did you ever see history portrayed as an old man with a wise brow and pulseless heart, waging all things in the balance of reason?
Is not rather the genius of history like an eternal, imploring maiden, full of fire, with a burning heart and flaming soul, humanly warm and humanly beautiful?
--Zachris Topelius
Training a telescope on one’s own belly button will only reveal lint. You like that? You go right on staring at it. I prefer looking at galaxies.
-- Sarah Hoyt
|
|
|
|
|
If you are keeping data of any sort (code would be data) on a cloud system then you should keep backups on another cloud company.
Just to be clear it isn't sufficient to have another server within the same company, it must be a different company.
There are any number of reasons why a single company is insufficient. Some possible reasons
1. They no longer want to be in the cloud business and told you so, 6 months ago, and you ignored it. Today the server is no longer there. Or they no longer want you as a customer. (As a business it might be the case that they told the employee this on the same day you fired that employee.)
2. The location that actually hosts the physical server blew up - literally. (I read a story about a hosted service that had this happen to their hosting company, when the electrical substation that existed solely to support the hosting center literally blew up. It required not only replacing the substation but replacing the electrical conduits into the company.)
3. The feds seize the company for any number of reasons and walk in and shutdown the servers one day.
|
|
|
|
|
What about calling the NSA and ask for a copy of your files?
Alcohol. The cause of, and the solution to, all of life's problems - Homer Simpson
|
|
|
|
|
But how soon?
According to this[^] I have a mere 33 years left upon the earth.
|
|
|
|
|
Thats' only because they didn't ask about preservatives Gin.
|
|
|
|