Use Microsoft's Stumbles

ENT, Feb 26, 2001 by Scott Bekker

Much ridicule has been heaped on Microsoft recently for a particularly ill-timed coincidence: the crash-and-burn of several Microsoft sites right after the launch of an advertising campaign about how reliable Microsoft is becoming.

In mid-January, Microsoft started a $200 million advertising campaign about how its products are enterprise worthy. This campaign included an amusing ad that acknowledged the Blue Screen of Death.

Shortly thereafter, Microsoft's sites became unavailable for most of a week. The company said the problems of the first day was a router configuration problem. The problems of day two and day three were attributed to denial of service attacks.

The proximity of the ad campaign and subsequent Web problems prompted considerable criticism. The following statement was sent to me in an anonymous e-mail. It is representative of the gleeful tone of Microsoft bashers: "Microsoft is spending millions of dollars to convince us that our businesses should be running Windows and SQL Server, but hundreds of millions of Internet users around the world can't even access Microsoft's Web sites due to an internal problem with Microsoft's servers. Hotmail, Expedia.com, Encarta.com, MSNBC.com, and MSN.com are all down. Isn't this ironic?"

Barbs aside, the events of last month should give thoughtful Microsoft customers pause. Can this company be trusted with the corporate jewels?

On the first day, most users couldn't reach Microsoft sites by the usual means of www.microsoft.com and so on. They could, however, reach the sites via numeric IP addresses. Microsoft says the 22.5-hour problem was caused by a configuration change made by one of its technicians. This struck me as disingenuous.

For one thing, it is misleading because it is incomplete. Any international Web business that can be thrown out of whack so completely by one technician's change is very poorly designed. For another, it doesn't seem plausible that it would take that long to detect and fix a mistake committed by one person.

Russ Cooper, editor of the NTBugTraq mailing list, notes that Microsoft's DNS servers were showing up as running on Akamai Technologies' servers early in the ill-fated week. The next week, Microsoft acknowledged it had entered a deal with Akamai to provide backup DNS services for Redmond's sites, and positioned it as a response to the problems of the previous week. Cooper theorizes that the initial problems may have resulted from the effort to configure Microsoft's DNS to fail over to Akamai as a backup. He doesn't say this is fact, and neither do I. I only suggest that something far more complex was going on than the Microsoft statement implied.

The company certainly has a credible interest in hiding details of its network from the public, and even from its customers who need reassurance that the company knows what it is doing.

Need evidence of that? As soon as news of Microsoft's DNS problems emerged, someone launched denial of service attacks that hampered Microsoft's sites for the next two days, according to the company.

Strangely, this all instills in me a confidence in Microsoft's products. Yes, it sounds crazy, but let me explain: Microsoft is a big, fat target. There is probably no other company with as many tech-savvy enemies out there who live to embarrass it. Many of the most difficult problems and sophisticated attacks will hit Microsoft early. Microsoft, in essence, is running a largely unintentional interference operation for you.

But don't let Microsoft's blocks go to waste. Make sure your administrators are paying attention to Redmond's security bulletins, TechNet articles, and white papers about network infrastructure. And make sure they're implementing them right away. You sure don't want to be embarrassed like Microsoft was.