Software

Devops

At last, Atlassian sees an end to its outage ... in two weeks

Cloud collaboration biz says script deleted data that's so far been restored via backups


The Atlassian outage that began on April 5 is likely to last a bit longer for the several hundred customers affected.

In a statement emailed to The Register, a company spokesperson said the reconstruction effort could last another two weeks.

The company's spokesperson explained its engineers ran a script to delete legacy data as part of a scheduled maintenance for unidentified cloud products. But the script went above and beyond its official remit by trashing everything.

"This data was from a deprecated service that had been moved into the core datastore of our products," Atlassian's spokesperson said. "Instead of deleting the legacy data, the script erroneously deleted sites, and all associated products for those sites including connected products, users, and third-party applications."

Atlassian, which has been trying to repair the damage of its errant script, on Friday said it expected "most site recoveries to occur with minimal or no data loss." And so far, though data has been deleted, Atlassian has been able to revive it.

"We maintain extensive backup and recovery systems, and there has been no data loss for customers that have been restored to date," Atlassian's spokesperson said, and stressed that this was not the consequence of a cyberattack and that no authorized access to customer data has occurred.

Jira Software, Jira Work Management, Jira Service Management and Confluence continue to show problems on the Atlassian status page, as do Opsgenie and Atlassian Access. Jira provides software issue tracking while Confluence offers a web-based corporate wiki. Opsgenie is an alert service and Atlassian Access is an identity and access management service.

Onsite JIRA installations have not been affected. Self-managed servers are on the way out, however: Back in October, 2020, Atlassian announced the discontinuation of its server products – it stopped selling new licenses on February 2, 2021 and plans to end support for its server products on February 2, 2024. The reason, the company explained last year, is that the cloud is the future.

"We know this outage is unacceptable and we are fully committed to resolving this," Atlassian's spokesperson said. "Our global engineering teams are working around the clock to achieve full and safe restoration for our approximately 400 impacted customers and they are continuing to make progress on this incident."

As we reported earlier on Monday, the software biz says it has restored functionality for more than 35 per cent of those affected by the service outage.

Atlassian said that the company is doing everything it can to restore service as fast as possible but until today it had been unable to provide a likely recovery date due to the complexity of the rebuilding process.

"While we are beginning to bring some customers back online, we estimate the rebuilding effort to last for up to two more weeks," the company said.

That's quite a bit longer than the "<6 hours" recovery time promised by the company for Tier 1 services like Jira and Confluence.

"We know this is not the news our customers are hoping for, and we apologize for the length and severity of this incident. We don’t take this issue lightly and are taking steps to prevent future reoccurrence." ®

Send us news
48 Comments

HPE building its 4th global 'supercomputer factory'

Facility supports a flurry of HPC development, centered in the Czech Republic

Hewlett Packard Enterprise (HPE) expanded its European footprint this week as it revealed plans for a new manufacturing facility in the Czech Republic, dedicated to building high-performance compute (HPC) systems.

The new facility, located in Kutná Hora, adjacent to HPE's existing server and storage manufacturing plant and about 90km outside Prague, will be built in collaboration with Foxconn.

HPE sees the investment as an opportunity to address ongoing supply chain challenges in the region. "We are now able to manufacture the industry's leading supercomputing, HPC, and AI systems, while increasing supply chain viability and resiliency," Justin Hotard, EVP and GM of HPC and AI at HPE, said in a statement.

Continue reading

China's vice premier Liu He advocates technology and government cooperation

After years of crackdowns, Beijing changing its tune on the industry

The vice premier of China and Xi Jinping's economic right hand man, Liu He, has offered a rare show of support to China's tech industry – both domestic and abroad.

According to state-sponsored media, Liu told around 100 members of the Chinese People's Political Consultative Congress (CPPCC) it is important to have a good relationship between the government and tech, and to research and support specific measures that grow the platform economy.

"It is necessary to wage a successful battle for the strategic ground of critical core technologies," Liu said, according to Xinhua news agency.

Continue reading

Marvell CXL roadmap goes all-in on composable infrastructure

Chip biz bets interconnect tech will cement its cloud claim, one day

Fresh off the heels of Marvell Technology's Tanzanite acquisition, executives speaking at a JP Morgan event this week offered a glimpse at its compute express link (CXL) roadmap.

"This is the next growth factor, not only for Marvell storage, but Marvell as a whole," Dan Christman, EVP of Marvell's storage products group, said.

Introduced in early 2019, CXL is an open interface that piggybacks on PCIe to provide a common, cache-coherent means of connecting CPUs, memory, accelerators, and other peripherals. The technology is seen by many, including Marvell, as the holy grail of composable infrastructure, as it enables memory to be disaggregated from the processor.

Continue reading

Microsoft warns partners to revoke unused authorizations that drive <em>your</em> software

June debut of zero trust GDAP tool should make it harder for crims to attack through MSPs and resellers

Microsoft has advised its reseller community it needs to pay attention to the debut of improve security tooling aimed at making it harder for attackers to worm their way into your systems through partners.

That service providers can be used to attack their customers is not in dispute: recent exploits targeting ConnectWise, SolarWinds, and Kaseya made that plain. If you need extra proof, recall that just last week the Five Eyes nations’ intelligence agencies urged managed services providers to harden up in the face of increased attacks.

Microsoft currently lets its resellers gain “delegated administration privileges” (DAP) that let them manage a customer's services, software, or subscriptions.

Continue reading

State of internet crime in Q1 2022: Bot traffic on the rise, and more

According to this cybersecurity outfit that wants your business, anyway

The fraud industry, in some respects, grew in the first quarter of the year, with crooks putting more human resources into some attacks while increasingly relying on bots to carry out things like credential stuffing and fake account creation.

That's according to Arkose Labs, which claimed in its latest State of Fraud and Account Security report that one in four online accounts created in Q1 2022 were fake and used for fraud, scams, and the like.

The biz, which touts device and network defense software, said it came to this conclusion after analyzing "billions of sessions ... across our global network" during the first three months of the year. These sessions apparently spanned account registrations, logins, and interactions with financial, ecommerce, travel, social media, gaming, and entertainment services. Take all these numbers with a grain of salt as ultimately Arkose wants you to buy its stuff to prevent all this kind of crime.

Continue reading

Surf the web from your parked Renault: Vivaldi comes to OpenR

French frolics for Chromium browser on Android Automotive

Browser-maker Vivaldi has added Renault to the list of users for the Android Automotive OS version of its eponymous web renderer.

Continue reading

Monero-mining botnet targets Windows, Linux web servers

Sysrv-K malware infects unpatched tin, Microsoft warns

The latest variant of the Sysrv botnet malware is menacing Windows and Linux systems with an expanded list of vulnerabilities to exploit, according to Microsoft.

The strain, which Microsoft's Security Intelligence team calls Sysrv-K, scans the internet for web servers that have security holes, such as path traversal, remote file disclosure, and arbitrary file download bugs, that can be exploited to infect the machines.

The vulnerabilities, all of which have patches available, include flaws in WordPress plugins such as the recently uncovered remote code execution hole in the Spring Cloud Gateway software tracked as CVE-2022-22947 that Uncle Sam's CISA warned of this week.

Continue reading

Red Hat Kubernetes security report finds people are the problem

Puny human brains baffled by K8s complexity, leading to blunder fears

Kubernetes, despite being widely regarded as an important technology by IT leaders, continues to pose problems for those deploying it. And the problem, apparently, is us.

The open source container orchestration software, being used or evaluated by 96 per cent of organizations surveyed [PDF] last year by the Cloud Native Computing Foundation, has a reputation for complexity.

Witness the sarcasm: "Kubernetes is so easy to use that a company devoted solely to troubleshooting issues with it has raised $67 million," quipped Corey Quinn, chief cloud economist at IT consultancy The Duckbill Group, in a Twitter post on Monday referencing investment in a startup called Komodor. And the consequences of the software's complication can be seen in the difficulties reported by those using it.

Continue reading

Infosys skips government meeting – and collecting government taxes

Tax portal wobbles, again

Services giant Infosys has had a difficult week, with one of its flagship projects wobbling and India's government continuing to pressure it over labor practices.

The wobbly projext is India's portal for filing Goods and Services Tax returns. According to India's Central Board of Indirect Taxes and Customs (CBIC), the IT services giant reported a "technical glitch" that meant auto-populated forms weren't ready for taxpayers. The company was directed to fix it and CBIC was faced with extending due dates for tax payments.

Continue reading

Google keeps legacy G Suite alive and free for personal use

Phew!

Google has quietly dropped its demand that users of its free G Suite legacy edition cough up to continue enjoying custom email domains and cloudy productivity tools.

This story starts in 2006 with the launch of “Google Apps for Your Domain”, a bundle of services that included email, a calendar, Google Talk, and a website building tool. Beta users were offered the service at no cost, complete with the ability to use a custom domain if users let Google handle their MX record.

The service evolved over the years and added more services, and in 2020 Google rebranded its online productivity offering as “Workspace”. Beta users got most of the updated offerings at no cost.

Continue reading

GNU Compiler Collection adds support for China's LoongArch CPU family

MIPS...ish is on the march in the Middle Kingdom

Version 12.1 of the GNU Compiler Collection (GCC) was released this month, and among its many changes is support for China's LoongArch processor architecture.

The announcement of the release is here; the LoongArch port was accepted as recently as March.

China's Academy of Sciences developed a family of MIPS-compatible microprocessors in the early 2000s. In 2010 the tech was spun out into a company callled Loongson Technology which today markets silicon under the brand "Godson". The company bills itself as working to develop technology that secures China and underpins its ability to innovate, a reflection of Beijing's believe that home-grown CPU architectures are critical to the nation's future.

Continue reading