Drive: Photo by John Loo

My experiences with ProfitBricks: Negative review

A few months ago, the organization I work for decided to investigate new hosting providers: I spent several hours reviewing our possibilities, and we decided to go for the company ProfitBricks.
For a number of reasons, we prefer our data to be on servers in Germany, and ProfitBricks seemed to offer this at a good price. The company writes on its website that 24×7 support is included (unlike other cloud-based hosts): “When you have a technical question, who better to ask than a senior system administrator who understands your issues and can offer clear solutions directly and without delay?“.

I had some talks with ProfitBricks’ friendly sales team, discussed the architecture with them etc., and finally, my company decided to move our servers. I recall at our final IT meeting before signing up that I found it odd that I couldn’t find any neutral or negative reviews online. It just seemed a little too perfect.

I set up two servers just for testing, and my colleague set up a third server, which was the first we wanted to go into production.
After the server was set up, everything worked as it should for a little less than a week: On Sunday morning, I received an alarm that the server was having file system issues.
I logged on to investigate the problem, restarted the server to run fsck, which resulted in the server not coming back up.
I then called ProfitBricks, and after a brief conversation, I received the first email.

Sent: February 9th, 2014 09:27
Thank you for your Phone call and bringing your server issue to our attention. I have informed Sysops of the issue of your Server being in RO FS mode and we are starting an investigation into the issue. Thank you for your patience in this matter.

4½ hours later, I received a message with a proposal on some things I could do (booting up using a DVD image). I tried that, but it didn’t work. Called them again later in the afternoon to get a status. They promised to follow-up by email. That didn’t happen, and at night, I called again for a status. They told me that the ticket was pending their staff in Germany. It had been down for about 13 hours at that time, and I didn’t feel that the “core team” really cared about the system. I had called them 4 or 5 times during that Sunday to ask about the ticket, and kept receiving promises that they would get back to me, and that they were already working on the ticket.

I asked my German colleague to set up the server at a new host, but left the incident ticket open.
Then, 28½ hours after I opened the ticket, I received the first question that indicated that the server was actively being looked at:

Sent: February 10th, 2014 12:57
What file syustem is the OS using? ext3 ? ext4 ?

A few minutes later:

Sent: February 10th, 2014 13:00
Did you delete [server-name] server ?

And a few hours later:

Sent: February 10th, 201415:57
What Guest OS he used
To paste (if possible) relevant line (s) in the guest OS kernel log
Link and attach pictures to IO latency statistics for that volume 10 min prior and after going read-only

I had not deleted the server at the time he wrote, and these emails made me so mad that it was impossible for me to write back the same day. Instead, the following day, I asked for a full refund, which they never responded to.

Conclusion

Although this is generalizing based on a single case, I will still not recommend ProfitBricks to anyone. The offer of having system administrators on call 24×7 at a reasonable price was simply too good to be true.
ProfitBricks’ marketing and sales teams seem to be doing a lot better than the operations team.

Based on this experience, I have sent ProfitBricks’ billing department two separate messages asking to get a refund – they have not gotten back to me, which is not a big surprise to me.


Luk internetadgangen for computere i botnet

En af de store risici for IT-sikkerheden er de såkaldte botnet, som er navnet på et stort netværk af inficerede computere. Der er tale om en slags “virus”, der ikke ødelægger noget på den inficerede computer, men som ligger i dvale indtil den aktiveres udefra. Et botnet, der kan bestå af titusinder af computere, kan bruges til at angribe specifikke servere (fx et firma/en regerings website) eller vital infrastruktur for Internettet. Computerworld skriver i dag om at det svenske svar på IT&Telestyrelsen har udgivet en rapport (Oversat til “dansk”), der anbefaler at man kan lukke for internetforbindelsen, for computere, der kan være til skade for infrastrukturen – og først tillade adgangen i det øjeblik computeren er renset for sikkerhedstrusler (Afsnit 2.3.3 i rapporten). Computerworld skriver det meget præcist:

Man kan for eksempel spærre for det meste trafik, men tillade adgang til et websted, hvor brugeren kan hente sikkerhedssoftware og få renset sin pc.

I Danmark skal man have synet bilen for at den må køre rundt påvejene – ellers kan man være til fare for sig selv og andre – med andre ord højnes færdselssikkerheden.
Jeg kan se en tydelig parallel til IT-sikkerhed: Hvorfor sørger man ikke for, at inficerede computere, ikke kan komme på informationsmotorvejen, så længe de er til fare for andre?


Gmail er offline: Man får hvad man betaler for

Talrige medier rapporterer i dag at Gmail er nede. Computerworld er endda venlige at påpege at solen skinner udenfor. Nedbruddets årsag kendes pt. ikke, og det kan egentlig også være ligegyldigt for brugerne: De er enormt frustrerede. Googles troværdighed lider i dag et stort knæk.
Google skriver selv:

2/24/2009
We’re aware of a problem with Gmail affecting a number of users. This problem occurred at approximately 1.30AM Pacific Time. We’re working hard to resolve this problem and will post updates as we have them. We apologize for any inconvenience that this has caused.

Brugerne har glemt to ting

  1. Gmail er stadig i beta. Det kan derfor forventes at servicen ikke er klar til seriøs brug.
  2. De har aldrig betalt en krone for at benytte Gmail: There is no such thing as a free lunch. Man får hvad man betaler for.

Apache2 + Internationalized Domain Names (IDN)

Since I couldn’t find any documentation regarding Apache2-support for Internationalized Domain Names (IDN), I realized that it’s not at all hard to configure.

You can just set the ServerName or ServerAlias-property to the punycode-value of the domain name, i.e. æøå.tld would become xn--5cab8c.tld. A converter is available at VeriSign.
After converting, save the apache2 virtualhost configuration file, (eventually run a2ensite config_file.tld , if you have chosen to config your web sites that way) and run:
apache2ctl graceful

The web server should start serving the web site immediately.


Trådløst netværk er ikke uden sorger

Jeg er medforfatter til en artikel om IT-situationen på Institut for Statskundskab på Århus Universitet (side 28-29), som blev bragt i institutbladet Kandestøberen.

Særligt interessant for ikke-statskundskabsstuderende skriver jeg afsnittet “Trådløst netværk er ikke uden sorger” på side 29.

Essensen er, at der kan være store problemer ved at bruge webtjenester når man er logget på et ukrypteret netværk – det er vigtigt kun at indtaste sit kodeord på de hjemmesider, der har en hængelås ved adressebjælken i browseren, fordi dette betyder at der anvendes kryptering til at beskytte datatransmissionen.


Pirate Bay skal måske ikke spærres alligevel

Det er en meget interessant diskussion der er startet i kølvandet på Fogedrettens påbud om at Tele2 skal spærre for adgang til The Pirate Bay – et sted med henvisninger til fortrinsvis ulovligt materiale. Man skal dog hæfte sig ved, at der også findes lovligt materiale, for ikke at tale om materiale (fx en ældgammel spillefilm eller cd’er) der ikke længere kan købes.

The Pirate Bay lancerede i kølvandet på denne fogedretsdom The Jesper Bay, hvilket på lidt morsom vis lukrerer på navnet på IFPIs advokat og fortæller hvordan man, fuldt lovligt, kan undgå den simple tekniske spærring: OpenDNS stiller gratis ucensurerede DNS-servere til rådighed.

Formanden for Telekommunikationsindustrien i Danmark, Ib M. Tolstrup, ser dog (meget fornuftigt) dette som en kæmpe glidebane og siger til Politiken “Hvis man skal spærre for thepiratebay.org, skal man også spærre for adgangen til for eksempel Google. På begge søgetjenester ligger der såvel lovligt som ulovligt materiale, og spærrer du for lovligt materiale, gør du indhug i ytringsfriheden. Og vi vil gerne have en meget stringent juridisk afgørelse på, om det er teleselskabernes opgave”.

Derfor er det med glæde jeg kan læse at Telebranchen bakker op om at Pirate Bay-sagen bliver trukket i byretten.


Firefox 2.0 – med stavekontrol

En lækker og opgraderingsværdig feature ved Firefox 2.0 er, at der er stavekontrol, både på dansk og engelsk.
Man skal bare huske selv at skifte sprog – eller helt slå det fra.
Fx i dag, hvor jeg skrev noget SQL, skrev jeg “auto_increment” – den danske stavekontrol foreslog “kagecremen, inkrementelle, ekskrement, ekskrements og ansigtscremen”. Det kunne nemt give nogle syntaxfejl.