Archive for the ‘ Amazon ’ Category


Why Amazon is rebooting 10% of its cloud servers

Written by admin
September 26th, 2014

Amazon says a patch is needed to fix Xen hypervisor issue

Amazon Web Services issued a blog post on Thursday providing some more details of why the company needs to reboot up to 10% of its cloud servers in the coming days, and it doesn’t have anything to do with the so-called Shellshock vulnerability.

Amazon says that about Elastic Compute Cloud (EC2) servers from across the globe will be impacted by what it calls a “timely security and operational update” related to its open source Xen hypervisor. The blog post explains:

“As we explained in emails to the small percentage of our customers who are affected and on our forums, the instances that need the update require a system restart of the underlying hardware and will be unavailable for a few minutes while the patches are being applied and the host is being rebooted.”

The full blog post can be read here.
It appears to be just a coincidence that an update to the open source Xen Hypervisor is happening at the same time that security experts have identified a major vulnerability in Linux code known as the Bash Bug, which some are dubbing Shellshock. AWS officials say the two events are unrelated.

Amazon likely deals with many vulnerabilities each day and week, but Jesse Proudman, founder and CTO of cloud provider Blue Box says this Xen bug is different because it effects the hypervisor that creates virtual machines. The only way to appropriately patch the system is to reboot it.

AWS goes on:
“While most software updates are applied without a reboot, certain limited types of updates require a restart. Instances requiring a reboot will be staggered so that no two regions or availability zones are impacted at the same time and they will restart with all saved data and all automated configuration intact. Most customers should experience no significant issues with the reboots. We understand that for a small subset of customers the reboot will be more inconvenient; we wouldn’t inconvenience our customers if it wasn’t important and time-critical to apply this update.”

Amazon says that the updates must be done before October 1, when details of the Xen flaw are made public as part of the Xen update XSA-108 release. Expect at that time AWS and the Xen community will have more details as to the specific security flaw that is being patched.

Proudman suspects the issue is likely related to flaw CVE-2014-7155 In the Xen code, which was first announced on Wednesday. It was found that the bug can be exploited by a hacker to escalate its privileges, allowing the hacker to potentially glean access to other virtual machines. In contrast, an issue like Shellshock is something that can be patched in the Linux code and does not require a reboot of the machine.

Proudman says the CVE 7155 has been in the Xen code since the 3.2 release, which was in 2008. Still, he says that customers should not be too worried about the situation since Amazon will be updating all of its impacted machines before more details about the security vulnerability are publicly released on October 1. Proudman says AWS is absolutely doing the right thing by updating its systems and rebooting customer machines, even if that may cause some stress in the coming days.

The big takeaway for customers is that a subset of AWS instances will be rebooted at some point in the next five days. Cloud consultancy RightScale expects the reboots to begin at 10 PM ET on Thursday and run through Sept. 30 at 7:59 PM ET. Customers don’t necessarily have to do anything, but they should be prepared for their EC2 instances to go down for a few minutes if they’ve been notified by AWS. RightScale advises AWS users to test their system for a reboot. “It’s going to test the operational prowess of a lot of systems,” Proudman says.


 

MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com

 

 

 

First look: Amazon’s new Fire Phone

Written by admin
June 20th, 2014

firephone

No, really!
Amazon has finally released its own smartphone. The Fire Phone, which runs on Amazon’s Android-based Fire OS 3.5 and incorporates a host of features designed to make shopping your life easier, debuted Wednesday in a Seattle event hosted by Jeff Bezos. Here’s a look at what’s been brewing behind the scenes for all this time.

The look of the thing
At its core, the Fire Phone isn’t much different than any other high-end handset on the market right now – 2.2GHz quad-core processor, 2GB RAM, 4.7-inch 720p screen, 32GB of base storage, and so on. But Amazon has gone out of its way to include some unique bells and whistles, as we’ll see.

Rubberized construction
Given that we’ve had glass, plastic, and metal phones already, it was inevitable that Amazon would do its best to set the Fire Phone apart with a unique rubberized build. Oh, and it also blends in Gorilla Glass, stainless steel, and aluminum. So it’s got most of the build bases covered, really.

Cool camera
While it’s hardly unique, the Fire Phone’s 13MP main shooter is still impressive, packing HDR and optical image stabilization capabilities, along with a wide aperture lens. The coolest part of the camera, however, might be the…

Unlimited cloud photo storage
Yeah. Unlimited storage in Amazon’s cloud for your photos and videos, automatically backed up wirelessly and available on other Fire devices and Cloud Drive apps, may be the main eyebrow-raiser in the Fire Phone’s imaging suite.

Mayday button
The Mayday feature introduced in the latest models of the Kindle Fire tablet line has made it to the Fire Phone, allowing users to summon live Amazon tech support via video link at the touch of a button.

Firefly
This will likely be Amazon’s most talked-about Fire Phone feature. Take a picture of a product, and Amazon searches for pricing and availability. It also recognizes music, movies, and TV shows from their audio, can capture phone numbers and email addresses from advertisements, and rubs your back when you’re stressed. (Last thing may not be true.)

Dynamic perspective
The Fire Phone uses four small but sophisticated cameras, located at each corner of the device’s front, to track head movements and gestures, allowing users to exercise a degree of one-handed control over the device.

A free year of Amazon Prime
Users can get a free year of Amazon’s Prime service if they pre-order soon enough – the device will ship July 25, and pre-orders are already open. Tough luck if you’re not an AT&T fan, though – the Fire Phone is an AT&T exclusive. The 32GB model will cost you $200 with the usual two-year contract, or $650 without a subsidy.


MCTS Training, MCITP Trainnig

Best Microsoft MCTS Certification, Microsoft MCITP Training at certkingdom.com