What we’ve learnt since then is that there was a DNS-related¹ outage of an Amazon service. Apparently misconfiguring DNS in a single region can lead to widespread outages all around the world. The scale of the disruption was remarkable—services that millions of people rely on daily simply stopped working because of a configuration error in one AWS region.

And again, if you’re anything like me, you were wondering: why does so much depend on a single service? Why does so much depend on a single AWS region? Even other cloud providers were affected. Every so often it really baffles my mind how a decentralised system such as the internet can be so centralised in a single AWS region. The irony of a globally distributed network being brought down by a single point of failure isn’t lost on anyone paying attention.

Everything Is Affected

It looks like almost everything² was impacted. Even Signal—which doesn’t use AWS infrastructure for everything—had some problems. The outage demonstrated just how deeply AWS has embedded itself into the fabric of the modern internet.

PSA: we're aware that Signal is down for some people. This appears to be related to a major AWS outage. Stand by.

Now, with the ongoing digitisation of everything, when a large part of the internet goes offline, it unfortunately always affects a bit of everyone. And while it’s funny when a smart bed goes offline, it’s much more serious when it’s your bank. I, personally, don’t really carry cash anymore, so if I can’t pay with my plastic money, I really can’t pay at all. The shift to a cashless society has made us vulnerable in ways we’re only beginning to understand when these outages occur.

And whilst Reddit and Snapchat going offline is probably not much of an issue, if your doorbell is offline, you should probably question your dependency on big tech. There’s something deeply unsettling about not being able to answer your own door because a server farm thousands of kilometres away has a problem.

Learning?

Look, I don’t think tech or other big companies will learn from this. Frankly, it doesn’t hurt them enough to change their practices. The financial impact of a few hours of downtime is negligible compared to the cost of building truly resilient, multi-provider infrastructure. And of course, hiding amongst the crowds and saying, “Well, everyone was offline” will work quite well as a defence. But then, I do think we need to differentiate between different services and their importance.

Some things need to be available as much as possible. Some of these websites, such as the UK’s official government website, are rather essential. When critical government services go down because of a third-party infrastructure failure, we need to ask serious questions about digital sovereignty and resilience.

And frankly, if you’re a bank, you need to learn to build a more resilient system than depending on a single cloud provider based in the US. Banks have regulatory requirements around uptime and availability, yet many seem content to outsource their entire infrastructure to a single vendor. And because banks are not going to act by their own volition, I guess we need regulations to force them to. It’s not only a question of resilience but also of caring for your customers and protecting their interests and privacy. Perhaps it’s time for financial regulators to mandate multi-cloud strategies or require proof of failover capabilities that don’t rely on a single provider’s infrastructure.

The centralisation of the internet onto a handful of cloud providers—with AWS leading the pack—represents a systemic risk that we’re only beginning to grapple with. Until the pain of outages exceeds the cost of building redundancy, I suspect we’ll keep seeing these incidents. And each time, we’ll collectively shrug and move on, until the next one.

The protection of anonymity

Anonymity gives you a layer of protection. It means you can say and do things, and express opinions, without them being easily traced back to you. And it doesn’t follow you forever. It means you can leave things behind.

Countless people use a pseudonymous identity to protect themselves-from the repercussions of politically oppressive regimes, or from communities that might disapprove of their choices.

I understand all that. Anonymity protects your sanity and your safety, and it lets you speak more freely. There’s a reason the names of witnesses or victims aren’t always part of the public record. There’s a reason some people in cybersecurity prefer to remain anonymous.

And there’s a reason people cover their faces in a world of cameras everywhere. There’s a good reason to cover your face when protesting a dangerous political regime.

Anonymity means protection.

But of course, that protection doesn’t only apply to people with good intentions. Anonymity also protects law enforcement agencies breaking all kinds of laws. It also protects some of the worst people online: people spreading hate speech, people doxxing peaceful protesters, and people harassing others to the point of suicide.

So I’m not a massive fan of anonymity, but I very much see the necessity of it.

Speaking up

I’m generally of the opinion that people should stand behind what they say and stand for what they believe. I’d like to think I’m usually a reflective person, and I think about what I say. I also have a bit of privilege, so I feel it’s my job to stand up for others and stand by what I say.

I’m happy to do all that. I’m happy to voice my opinion. And I’m happy to stand behind it, as long as I’m in a democratic country that protects my rights accordingly. I’m willing to take some risks, but they need to be proportionate. I’m fine with being detained at a protest in Switzerland. Even though it sucks and feels deeply violating to be detained at a peaceful protest, that’s a risk I’m willing to take-a risk I’m willing to take for the right thing.

But am I happy to do that in more repressive countries? Saudi Arabia? Probably not. China? No. Russia? Hell no-not going there currently.

So what about the US?

Well, to be honest, right now I would still feel safe going to the US. But speaking up against the current regime there? Most likely less so.

So what now

I think this is one of the big things that has changed. One of the largest democracies appears to be willing to cancel due process for some people. That’s something we should all be terrified of.

I might still be willing to go to the US. I’m not willing to be detained at the border-something this blog might make more likely.

So here we are. I have, to the best of my abilities, cut all links to my real-life identity. Will it prevent a state actor from finding the links between my blog and my identity? No. But it will make it a bit harder for everyone else to make the connection.

So here we go: a new pseudonymous identity. New nom de plume. Nice to meet you; my name is Oli.