I got a suspicious password reset request email today from Meta but it landed in my inbox. Luckily I have MFA and after checking audit logs inside IG upon logging in, I did not see anything suspicious.
The RCA and preventive measures was a pleasant read. I got a lot of respect for companies putting a lot of effort into incident reports like these. Makes them appear very professional rather than just blaming the cloud provider outright.
We just invested a lot migrating 300+ pipelines from Azure DevOps to GitHub Actions. What a bummer timing-wise. Anyone got an alternative to GitHub Actions?
The article refers to their GH repo and that was all cherry and sunshine up until just recently, where it is redirected to https://github.com/LobsterTrap/lola.
No mention of it anywhere. "Did it get compromised?" was my initial thought. Still in the fog here.
Windows is just a wonderful box of chocolate that keeps expanding. You never know what you get, all brilliant frontier tech innovations like Edge, Bing, the calculator, vertical taskbar, and now the highly intelligent Copilot, up there fighting with OpenCode, CC and others...!
Many European software companies are looking for alternatives outside the US now with the geopolitical situation between the US and EU. It's not only limited to the three big cloud providers, but Microsoft in general, in addition to other US providers.
TLS certificates is not the only technology for which the default mode is failure. What about disks, databases or syntax errors in configuration files in general?
In technology, there are known problems and unknown problems. Expiring TLS certificates is a known problem which has an established solution.
Imagine if only some of the requests failed because a certificate is about to expire. That would be a debugging nightmare.