this post was submitted on 19 Nov 2025
276 points (99.3% liked)

Technology

76918 readers
3409 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
276
Cloudflare blames massive internet outage on 'latent bug' (techcrunch.com)
submitted 1 day ago by tonytins@pawb.social to c/technology@lemmy.world
31 comments fedilink hide all child comments
 

Around the same time, Cloudflare’s chief technology officer Dane Knecht explained that a latent bug was responsible in an apologetic X post.

“In short, a latent bug in a service underpinning our bot mitigation capability started to crash after a routine configuration change we made. That cascaded into a broad degradation to our network and other services. This was not an attack,” Knecht wrote, referring to a bug that went undetected in testing and has not caused a failure.

you are viewing a single comment's thread
view the rest of the comments
[–] fushuan@lemmy.blahaj.zone 1 points 1 day ago (1 children)

You don't get hacking protection from bots, you get protection from DDoS attacks. Yeah some customers would have gone down, instead everyone went down... I said that instead of crashing the system they should have something that takes an intentional decision and informs properly about what's happening. That decision might have been to clo

You can keep the policy and inform everyone much better about what's happening. Half a day is a wild amount of downtime if it were properly managed.

Yes, bot detection is not the most critical....

So you agree that if this were controlled instead of open crahsing everything them being able to make an informed decision and opening or closing things, with the suggestion of opening in the case of not detection is the correct approach. What's the point of your complaint if you do agree? C'mon.

[–] groet@feddit.org 1 points 1 day ago

You don't get hacking protection from bots

I disagree. I don't know the details of cloudflares bot detecion, but there are many automated vulnerability scanners that this could protect against.

I said that instead of crashing the system they should have something that takes an intentional decision and informs properly about what's happening.

I agree. Every crash is a failure by the designers. Instead it should be caught by the program and result in a useful error state. They probably have something like that but it didn't work because the crash was to severe.

What's the point of your complaint if you do agree?

I am not complaining. I am informing you that you are missing an angle in your consideration. You can never prevent every crash ever. So when designing your product you have to consider what should happen if every safeguard fails and you get an uncontrolled crash. In that case you have to design for "fail open" or "fail closed". Cloudflare fucked up. The crash should not have happened and if it did it should have been caught. They didn't. They fucked up. But, i agree with the result of the fuck up causing a fail closed state.