A bug is an error, flaw, or failure that causes a computer program to produce an incorrect result. Hackers often use these weaknesses to compromise systems.
Glitches cause service to stop or compromise privacy. No company is immune to coding problems. Even cloud providers run into problems due to programming issues. To prove the point, here are the five worst cloud bugs to have hit since 2011.
The Heartbleed bug didn’t hit any single cloud provider, but it is one of the best known software vulnerabilities ever to be documented. It was introduced in 2012 but not disclosed until April 2014.
Heartbleed is a security bug in the OpenSSL cryptography library, and was commonly used as part of the Transport Layer Security Protocol. When the code was originally designed, it was made for TLS as a way to test and keep secure communication links active. However, the code’s bug went unnoticed and put into service.
Heartbleed allows anyone to access and steal information that would normally be protected by SSL/TLS protocols. At the time of discovery, some 600,000 servers had this vulnerability in their OpenSSL code. The real danger is that violations are not recorded.
Dropbox Link Bug (2014)
While there is no official name for this bug, it was very dangerous because potentially sensitive information was leaked online. In May 2014, The Five Worst Cloud Bugs Since 2011 began blocking shared links in an effort to protect their clients. It was discovered that due to a web vulnerability several documents were viewed by unintended recipients.
The files that were disclosed had an error in the referrer header created when a user shared. All of these documents had third-party links that, once activated by the receiver, shared information with anyone.
Documents such as tax returns and mortgage applications were found to be viewable by strangers online. These files contained personal information that could have been stolen and exploited.
Amazon Web Service Outage (2012)
In 2012, Amazon Web Service suffered an outage that was originally brought about by a hardware failure. While a lightning strike was the main cause, an undiscovered software bug made restoration of services difficult.
Due to the bug, one data center failed to switch to backup generators. This failure caused a depletion of power cells in the uninterruptible power supply, crashing the hardware in that region.
The software problems didn’t stop there. This bug also caused a bottleneck in the boot process causing significant delays in bringing the system back online. Instead of a simple restore, it became an ordeal lasting several hours.
Dropbox Selective Sync Bug (2014)
Dropbox is no stranger to bugs, as yet another problem has crept up for the popular cloud company in 2014. This time, however, instead of sharing files with the world, the issue is data loss.
The bug affects Dropbox’s Selective Sync software causing folders not to synchronize as intended. Instead, files which were supposed to reside on Dropbox only are actually removed from both the user’s hard drive and their online account.
The real problem is not just that the files are gone; a further glitch makes it appear data transferred as requested, folders are created and everything looks okay. When the user realizes their documents contain 0 bytes, it’s often too late for Dropbox to help.
Microsoft BPOS Bug (2011)
Microsoft is not immune to an occasional glitch. However, in May 2011, a hiccup in their system caused all BPOS collaborative services customers to be booted off their email. Customers were unable to read, write, or even access their accounts and no one, not even CEOs were left untouched.
When this occurred, BPOS was just beginning to gain momentum and Microsoft was still working on convincing people to move to online exchange server. Not only did the outage upend business communication for a time, there was never a true identification of the bug responsible.
The only explanation given was a problem within email Exchange.
No software is perfect. It is only as good as the person who writes the code. Because there is a human component, bugs have been known to affect systems.
It makes cloud services more vulnerable than users might care to think. The best way to make sure information is protected is to backup in multiple spots and never put all your precious files in one place.