Broadband Developments

Here is the press release from the Infoblox and Cisco event that I went to yesterday. I got some good video from Cisco on their ‘moving up the stack’ views and what ‘modernize your datacenter means’.. Doug Gourley was on the panel and I had a chance to talk to him after. I was impressed with Cisco guys Doug Gourley and Omar Sultan both are active bloggers at Cisco. I was impressed with their social outreach on doing some collaborative blogging together. I’ll have that video up tomorrow.

Meanwhile here’s the text from the Edge DNS solutions from Cisco that now includes Infoblox. In essence reduces the amount of hardware at the branch.. very ‘green’ solution since reduction of equipment and power are big focuses right now in enterprise infrastructure.

SANTA CLARA, CA–(MARKET WIRE)–Jan 15, 2009 — Infoblox Inc., a global leader in appliance-based platforms for highly secure, manageable and robust core network services — including domain name resolution (DNS), IP address assignment (DHCP), and IP address management (IPAM) — announced today in a live video web cast “Unleashing the Power of Dynamic Infrastructure” event that its virtual software module is now available on the Cisco Application Extension Platform (AXP) for the Cisco Integrated Services Router (ISR).

Now, enterprises can take advantage of Infoblox’s core network services, offering powerful, cost-effective and highly reliable and manageable DNS, DHCP and IPAM services on the Cisco ISR. The solution is ideal for highly distributed organizations, such as retail, healthcare and manufacturing verticals with multiple branch offices and a critical requirement for local survivability and automation of core network services at those sites.

“For robust delivery and management of core network services at the branch office, companies that have already standardized on Cisco’s ISR for branch routing can easily add Infoblox’s virtual software to the system,” said Jon Oltsik, Senior Analyst, Enterprise Strategy Group. “This can be especially prudent for organizations that consider local survivability and automation at the branch a high priority, but are strapped with requirements to reduce footprint, and operational and administrative costs.”

Further, highly reliable and automated core network services provide the essential foundation for the transition from a static network — configured largely by hand and tracked with spreadsheets — to an intelligent and dynamic infrastructure, which can automatically, fluidly and seamlessly adjust to movement of users and servers. This is critical to support advance applications like virtualization and cloud computing at the data center and branch offices.

“Driven by new system and endpoint demands as well as new IT initiatives like cloud computing and virtualization, network infrastructure will need to meet new automation and intelligence requirements,” said Infoblox Vice President of Marketing Richard Kagan. “Infoblox’s robust core network services platform in conjunction with the Cisco ISR, which provides an excellent combination of resiliency, management automation and flexibility, can provide organizations the dynamic infrastructure necessary to support their new system, end point and IT initiatives.”

“Integrating Infoblox’s technology into Cisco Integrated Services Routers can provide local survivability of essential services like DNS, DHCP and IPAM at the branch office, reduce footprint and operational costs, while optimizing the network for greater visibility and control,” said Rahul Tripathi, Director, Cisco Access Routing Technology Group. “In teaming with Infoblox, customers with millions of Cisco ISRs are provided with intelligent core network services that will help drive their transition to an even more automated and dynamic branch office offering.”
Availability

Infoblox virtual software for the Cisco ISRs is currently available from Infoblox’s global network of channel partners.

Cisco and Infoblox will showcase the joint solution at several upcoming industry events:

– “Unleashing the Power of Dynamic Infrastructure in the Data Center
and Beyond” - a live virtual meeting Thursday, Jan. 15, 2009,
featuring Cisco Senior Director Doug Gourlay, Cisco Director,
Rahul Tripathi and Infoblox CTO Stuart Bailey; to register, visit:
http://www.infoblox.com/news/event-detail.cfm?eventID=84.
– Cisco Networkers - Infoblox and Cisco are demonstrating the solution
in booth #E16 at the Cisco Networkers, January 26-29, Barcelona,
Spain; for more information, or to arrange an appointment, visit:
http://www.infoblox.com/news/events.cfm.

About Infoblox Appliances and Grid Technology

Infoblox pioneered core network services appliances and delivered a number of industry firsts, including the first appliances to integrate DNS, DHCP, and IPAM, TFTP/FTP/HTTP file delivery, NTP, and other services in hardened, easy-to-manage network appliances.

Infoblox grids link a group of member appliances into a unified, centrally managed system with unique resilience and automation functions. For example, the software for all appliances in a grid can be updated in a single operation. Parameters for DNS, DHCP, and all network services can be set at a grid-wide level. Data from all members and services can be viewed and managed from a single location. Additionally, advanced functionality, such as automated failover to and from disaster recovery sites, is built in.

For more information about Infoblox products, visit: http://www.infoblox.com/products/.

About Infoblox

Infoblox delivers highly reliable and manageable platforms for core network services like domain name resolution (DNS), IP address assignment (DHCP), IP address management (IPAM) and more. Infoblox solutions — essential for the move from static networks to dynamic infrastructure and applications — are used by over 2,700 organizations worldwide, including over 100 of the Fortune 500. The company is headquartered in Santa Clara, Calif., and operates in more than 30 countries.
Contact:

Media Contacts:
Jennifer Jasper
Infoblox
408.625.4309
Email Contact

Efraim Schwartz over at ComputerWorld reported back in July the results of various studies that indicate that IT jobs will drop in 2009.  Contractors, projects, overall spending down.  The news is dire: “Almost no investment in cloud computing”.

Well, I don’t have any studies to refer to just gut predictions.
Like that old sly cop with the corduroy jacket on your favorite TV show, I got some hunches.

Shining up my crystal ball:

YES…….
Economy is kinda clouding things up, but yes, a few things seem clear..

1. Yahoo – Microsoft will scoop them up
2. Windows 7 – Unfortunately for Microsoft, this will probably dud, too many factors against it.
3. Ipod Touch Tablet – An internet-capable touch screen tablet –March or June
4. Chrome 2 – will run on cell platform and desktop, instant browser sync
5. Digg – Google property
6. Giants win the Super Bowl – not a tech prediction-that just popped in there.

Again, 1-5 are based on nothing but hunches here people.  #6 is something else entirely.  (We make no claims to the validity of any of these predictions, however)

Side note – Gizmodo posted this rumor about Steve Jobs on their website.  Nothing that wasn’t said before, but there are alleged reliable sources here.  Jobs is the Walt Disney of Computing™, let’s hope this rumor is not true.  Long live Jobs and I will take one of those Touch Tablets please…

Have a good 2009..

Yeah, Everyone does these.  Top 10 – etc.

I thought about it.  Techmeme did a nice job of the biggest stories.  Thanks end the end-of-year read.   So, I’ll analyze it.

1. The Yahoo-Microsoft Story – Yeah this had to be the story of the year.  Microsoft overbids it turns out for Yahoo.  Yahoo plays hard-to-get.  Yahoo cozies up to Google.  That doesn’t turn out so well.  Yahoo is worth a fraction of what Microsoft bid for it.  This one is not over by a long shot.
2. Apple Announces last year at MacWorld – The fanboys will be onboard anyway and this was their event.  (FYI – I carry an iPhone)  Apple has plenty of press nowadays, this is not much of a big deal.
3. Google Chrome – So far it has been ho-hum.  There was a big splash, some people tried it, but this is not a world changer as it turns out.  (FYI- it’s my second browser and I love it)
4. Apple Developer Connection – The App Store is the single greatest thing about the iPhone.
5. Google Spoken iPhone App – Cool and wow.  I like the sound of that and it sums up that app nicely.  It really does work well.  Now is this a story of the year?  Um.  It could lead to lots of exciting things, but to me, not really a story of the year.
6. Google/Valve buy – an interesting rumor that didn’t come true.  Google with all that money, all that cash and everyone talking about what to buy.  Kinda funny isn’t it?
7. RIAA Music lawsuits – Dropping the lawsuits against Grandma Jones, it means little as I expect the RIAA to increase the pressure on the internet providers.
8. Google>Microsoft> Digg – Once again see Comment for #6
9. Windows 7 – Reports are saying its a glossy version of Vista.  I think the timing of this OS may be unfortunate for Microsoft – with the economy stumbling and tech/personal spending in a crunch.  If Windows 7 is not a game changer, then this baby may thud.
10. iPhone 3G – This was a story that deserved to be way higher on the list.  Apple finally put it all together and delivered again a “game changer”.

Wasn’t there an Olympics or something?  What about LinkedIn?  I’ve been on that for maybe 2/3 years now, but it seems to really have blown up now.  Facebook anyone?  Twitter?  Not really news, but their influence and presence has grown..

Microsoft is now shedding a little more light on the zero-day XML vulnerability.  It seems some Hong Kong-based pornography sites are dropping the trojans Trojan:Win32/VB.IQ.dr and Trojan:Win32/VB.IQ on unsuspecting PC users.   This in addition to exploits discovered on a popular Taiwan search engine.  The details are here. A release to patch this vulnerability is to be released today.

(BTW I wonder what that job is like – “Just checking on potential viruses chief”)   I digress – really I appreciate all the MS team does to keep us in the dark keep us up to date on this serious security flaw in every instance of that little blue E on all the desktops in the world.  I mean if Hong Kong porn is not safe, then who is…?

All kidding aside can we stop the Patch Tuesday nonsense?  We now have a second “out of band” update this year.   Hackers are now celebrating “Exploit Wednesday” - look it up.   Some environments take weeks to approve these type of updates, even emergency ones.  I bet there are plenty of steamed folks out there about this little escapade.   Reports say this XML exploit started the day after the last regular patch.

I know things get exploited – fine.  And don’t start with the Mac and Linux tripe.  It’s just a fact that everything can be pwned.  I just have issues with the notification and resolution.  How you deal with it is what really determines how protected an organization is.  Patch Tuesday must die.  It’s like putting a sign on your lawn that says, “I am not home from the hours of 8am-530pm”.  Let’s put the call out today to put a nail in this thing.  Stop Patch Tuesday.  We need updates as they happen.  30 days is too long think about it.  Think about all the little vulnerabilities that don’t get the press.  Hacker releases exploit on Wednesday, if it gets found, it might make the next round of patches.  IT gets the update, tests on systems, releases to production – That could be 6 weeks of password-stealing, PC Zombie fun.

NOTE: I know there are crews at MS that have busted to get this thing identified and fixed – Thank you.  Again, I just don’t think the announcement strategy is working.  I know I will get some flames for this and some people who agree.  If someone has a better way, then speak up.

The Zero-day XML vulnerabilities once reported to only be affecting IE7 targets are now prompting warning from Microsoft to its customers across all supported versions of its Internet Explorer Web Browser.

http://www.microsoft.com/technet/security/advisory/961051.mspx

Workaround centers on setting Internet security settings to high and disabling the Ole32db.dll via ACL - not an end user-friendly operation.  Apparently the noted attacks have predominantly been noted against IE7 and on Chinese sites.  It exploits the way IE handles XML.  The exploit could potentially be used to access several types of sensitive data, however thus far it is only reported to be stealing passwords for computer games.

There are reports that Microsoft is considering fixing the flaw through an emergency software patch outside of the standard “Patch Tuesday”.

Now is a good time to give Google Chrome a try.

Yahoo was hit by a massive DNS problem today reported by GigaOm.

Some are saying quietly that there was a DNS cache poisining that effected Yahoo’s main DNS nameservers.  Yahoo is not talking to me about this.  Of course I’m interested in this because of all the recent DNS security risks which have been well documented by the DNS industry leading company Infoblox.

I will try to dig into this and see if Dan Kaminsky has any insight into this.

DNS problems went mainstream after I started reporting about it here and then John Markoff reported about it on the NYTimes.

Some more info here

Top-line results indicate that despite the fact that most organizations are running recent versions of BIND and no longer using Microsoft DNS Servers for their external DNS servers, many organizations have not taken the necessary precautions to limit access to recursion or secure zone transfers. In addition, many still have not upgraded to the latest DNS software to protect against the recently discovered Kaminsky vulnerability and associated risk of DNS cache poisoning.

“Given the heightened awareness of DNS server vulnerabilities due to the recent Kaminsky discovery, it is surprising to see how many organizations are still leaving their DNS systems as potential victims of attack,” commented Cricket Liu, Vice President of Architecture at Infoblox and author of O’Reilly & Associates’ DNS and BIND, DNS & BIND Cookbook, and DNS on Windows Server 2003. “Even if an enterprise has gone to the trouble of patching against the Kaminsky vulnerability, there are many other aspects of configuration, like recursion and open zone transfers, that should also be secured. If not, organizations are essentially locking their door to their house, but leaving the windows wide open. Organizations clearly need to pay more attention to configurations and deployment architectures that are leaving their DNS infrastructures vulnerable to attacks and outages.”

DNS servers are essential network infrastructure that map domain names (e.g., yahoo.com) to IP addresses (e.g., 66.94.234.13), directing Internet inquiries to the appropriate location. Domain name resolution conducted by these servers is required to perform any Internet-related request, whether for Web browsing, email, ecommerce, or cloud computing. Should an enterprise or organization’s DNS systems become compromised by attacks, the results can be devastating, ranging from loss of a company’s Web presence, inability of employees to access any outside Web services, and perhaps most damaging, redirection of Web and email traffic to bogus sites, resulting in data loss, identity theft, ecommerce fraud and more.

Following are the key 2008 DNS survey results, which are based on a sample that included 5 percent of the IPv4 address space, nearly 80 million addresses.

GOOD NEWS

--  90% of name servers that run BIND run one of the most recent versions
    of BIND 9; a small but significant number of administrators continue to run
    older versions of BIND on Internet-facing name servers, putting their
    organizations at risk.

--  Only .17% still rely on Microsoft DNS Server, down from 2.7% (2007);
    usage of unsecure Microsoft DNS Servers connected to the Internet is
    vanishing.

--  Support for Sender Protection Framework (SPF) within DNS for spam
    reduction increased from 12.6% of zones sampled to 16.7%; despite the
    complexity of SPF configuration, validating email senders is increasing in
    importance and organizations are taking email fraud seriously.

BAD NEWS

--  One in four DNS servers does not perform source port randomization --
    the "patch" for "the Kaminsky vulnerability"; the effort by vendors and the
    Internet's DNS community to encourage administrators to upgrade their name
    servers after the announcement of the Kaminsky vulnerability paid off;
    however, a surprising number have not been upgraded and are very vulnerable
    to cache poisoning.

--  More than 40% of Internet name servers allow recursive queries; there
    are still millions of open recursors on the Internet, a danger both to
    themselves and others -- they are vulnerable to cache poisoning and
    Distributed Denial of Service attacks.

--  30% of DNS servers surveyed allow zone transfers to arbitrary
    requestors; this leaves servers as easy targets for denial-of-service
    attacks.

--  Only .002% of DNS zones tested support DNSSEC; administrators have not
    been convinced of its importance -- perhaps intimidated by its complexity
    -- but new mandates could mean a significant change in the near future.

MISC.

--  Usage of IPv6 name servers continues to increase from .27% to .44%;
    while enterprises are investigating IPv6 and concerned about increasingly
    scarce IPv4 address space, adoption of IPv6 is still low -- address
    scarcity isn't yet considered a serious concern and they feel no urgency to
    adopt IPv6.

Call to Action

Based on these statistics, there are some clear calls to action for organizations with external DNS servers. Instead of waiting until they are attacked, all organizations should assess their DNS infrastructure and immediately take the necessary steps to make them more reliable and secure. Infoblox provides a number of free, automated tools that enable organizations to test their DNS infrastructure and identify weaknesses and vulnerabilities.

uTorrent has released an alpha client that uses UDP for P2P traffic delivery. UDP makes up roughly 2% of all Internet traffic today, and generally isn’t used for data delivery because it doesn’t guarantee either the delivery or the quality of the data being delivered (nor is it quite as easily managed). While the migration to UDP could potentially make filtering of P2P more difficult — raising the hackles of some anti-network-neutrality ministers and ISPs — BitTorrent tells us the decision was aimed at actually making BitTorrent more friendly.

According to posts at the uTorrent forum, the new version lays uTP, the micro transport protocol, on top of UDP, which provides for better flow control and prevents the kind of TCP RST packet attacks Comcast has used to throttle upstream P2P traffic. Robb Topolski, the DSLReports user who first discovered Comcast’s packet forgery tactics, thinks the shift to uTP/UDP is a good one:
It’s a very good thing for the network. This new protocol YIELDS to other streams. In other words, it’s less aggressive. The idea, eventually, is that background file transfers are handled like — well — background transfers — similar to the way that background processes take a lighter toll on the CPU while you’re actively using the computer. P2P users have the same concerns — this change keeps their interactive uses snappy, and during crunch time it ought to help others as well.
Yet Richard Bennett, perhaps the Internet’s most vocal opponent of network neutrality, pens a piece over at The Register proclaiming that the shift will result in an Internet meltdown — and worries that network neutrality laws would prohibit ISPs from taking on this new throttling challenge. The author quietly states his case by suggesting that those who would support the use of UDP for P2P transfers (like apparently, BitTorrent creator Bram Cohen), are little more than selfish junkies, mindlessly braying for the looming apocalypse:
Some of the people who use this system are spoiled children with no more concern for the greater good than junkies looking for their next fix. They can’t be allowed to spoil it for the rest of us, and the only practical means to prevent their doing so is to unleash effective management upon them. . .The best way to ensure that uTP doesn’t kill the internet is to throttle it at the source, and any law that stands in the way of ISPs exercising that level of management is deadly to the internet.
Simon Morris, head of Product Management at BitTorrent, thinks Bennett is a little confused.

While it’s true that a UDP-based P2P network will cause some problems for ISP throttling (something confirmed by our users), that isn’t the goal. “We’re doing this to implement our own more sensitive congestion control on top of UDP,” he notes. “We felt that TCP’s congestion control was problematic in that it relies on looking for packet loss as an indication of congestion. TCP spots the problem only after it has occurred.”

“By contrast, our prototype UDP-based protocol (called uTP) detects congestion by measuring transmission times between peers – if packet delivery *slows down* then we infer that congestion may be about to occur and immediately throttle back on delivery speed,” he says. “The point here is a protocol that is more sensitive, NOT a protocol that is more greedy,” insists Morris. “The idea we’d “declare war” is unfortunately sensationalist nonsense.”

Yet according to Bennett, “even the downloading fiends who haunt the message boards at Broadband Reports” can see the use of UDP for P2P transfers will result in an Internet implosion. Any thoughts, haunting downloading fiends?

Update: The reviews are in!

GigaOM notes that when it comes to Richard Bennett, “a little scaremongering can go a long way to make the case for an ISP-based network management clampdown on P2P traffic.”

Torrent Freak proclaims that a significant chunk of what Bennett’s saying simply isn’t true (but it does get the Register plenty of hits).

The Industry Standard says Bennett offers broad assumptions with few references.

Writer Robert Hallock pens an interesting explanation of TCP vs. UDP in a counter piece to Bennett, suggesting “we wait to attack the potential problem with data and evidence rather than suppose and conjecture our way into the unforgiving embrace of network non-neutrality.”

The music industry’s requests for more personal information regarding the identity of several accused file-sharers have been shot down by a federal judge. Judge Nancy Gertner quashed a subpoena this week in the infamous London-Sire v. Does 1-4 case, saying that the IP addresses of three anonymous Boston University students could not be handed over because the university had “adequately demonstrated that it is not able to identify the alleged infringers with a reasonable degree of technical certainty.”

The legal system has been chipping away at the London-Sire case all year, starting this spring when Judge Gertner said that making files available on a P2P network does not equal copyright infringement. At that time, she also noted that IP addresses can’t always be traced to a particular individual and that, if Boston University were compelled to turn over a list of possible infringers, it could give a green light to RIAA fishing expeditions.

More from ArsTechnica

MLB just this week announced that it is switching from Silverlight to Flash for video streaming.  MLB is the most successful online video site with massive profits from baseball fans.  Also MLB is considered a “bellweather” in the online video space.  This is a big move and a major blow to Microsoft.

Many users were not happy with the installation process for Silverlight verses the seamless viewing of flash.

Streaming Media has a post that has them wondering about this deal.

Adobe got a big customer win this week when they announced that MLB.com would move from the Silverlight platform back to Flash for all their live and on-demand video. The two-year deal, which kicks off in 2009, will also see MLB providing a rich Internet application (RIA) built using Adobe AIR that will give viewers access for yet to be announced features outside of a browser. The new rich Internet application will not replace the current MLB TV Mosaic app and will be a completely new piece of software.

That being said, there are quite a few interesting questions one has to ask based on this new deal, which unfortunately MLB won’t answer at this time. For starters, since the majority of content delivery networks still charge more to deliver Flash streaming over Silverlight, is MLB’s cost to deliver video now going up? And if it does, will it have any real impact on the cost of MLB TV? Looking at the MLB.com website, I can’t find any pricing yet for the MLB TV service in 2009. Also, since the Flash Media Server can’t scale as well as Windows Media in a live environment, I think a real possibility exists that MLB could move to a dual-vendor strategy for their video delivery. While Akamai has all of MLB.com’s video business today, I would not be surprised if over time, some of MLB’s traffic was split between Akamai and another provider.

The CTO of Amazon is blogging the new service from Amazon called CloudFront. I love this approach for obvious reasons but the question remains about reliability and security. In talking to Mendal Rosenblum this past weekend he and I both agreed that many are afraid of pushing information in the cloud. Mendal is the leader in pushing large scale computing and his observations ring true for many corporate enterprises. No doubt Amazon is great for startups but the open question remains for reliability and security.

When those two issues are lock solid then the era of cloud computing will be mainstream.

Here is the information on Amazon CloudFront.

Hello Amazon CloudFront, the new Amazon Web Service for content delivery. It integrates seamlessly with Amazon S3 to provide low-latency distribution of content with high data transfer speeds through a world-wide network of edge locations. It requires no upfront commitments and is a pay-as-you-go service in the same style as the other Amazon Web Services.

Amazon CloudFront has been designed to be fast; the service will cache copies of the content in edge locations close to the end-user’s location, significantly lowering the access latency to the content. High sustainable data transfer rates can be achieved with the service especially when distributing larger objects.

Amazon CloudFront will be useful for many different application scenarios such as giving your customers low-latency access to popular objects and protecting your site from popularity surges; other popular examples are low-cost delivery of rich media and sustainable fast transfer rates for software distributions.

See also the posting on the AWS Developer weblog and at Rightscale.

Amazon has seen success with the scalability, reliability and cost-effectiveness of Amazon S3 and now with the integration with Amazon EC2 it is easy to distribute Amazon S3 content world-wide. The combination of the two services is really powerful: Amazon S3 will give you durable storage of your data, and the network of edge locations on three continents used by the Amazon CloudFront will deliver the content with low latency from the most appropriate location.

The network of edge locations

To ensure low-latency delivery, Amazon CloudFront uses a network of edge locations world-wide:

• United States: Ashburn (VA), Dallas/Fort Worth, Los Angeles, Miami, Newark, Palo Alto, Seattle and St. Louis
• Europe: Amsterdam, Dublin, Frankfurt and London
• Asia: Hong Kong and Tokyo

These edge locations work together to direct customers’ requests to the edge location that can provide the response with the lowest latency.

Simplicity

Because Amazon CloudFront follows the core principles of all Amazon Web Services it is a unique content delivery service. The simplicity in getting started has been described by many of our early customers as a very important feature.

Using Amazon CloudFront is dead simple:

1. Put your objects in an Amazon S3 bucket.
2. Call the CreateDistribution API with the name of the S3 bucket, which will return your distribution’s domain name.
3. Use the new domain name in urls on your web or in your application. Whenever these urls are accessed CloudFront will determine the optimal edge location from where to serve your content.

The second Amazon Web Services principle that sets Amazon CloudFront apart is that no upfront commitments are necessary and you only pay for what you have used. There are no upfront fees or high volume requirements and no negotiations are necessary because we have published low prices from the start. This brings content delivery in the hands of all businesses, and you can exploit the benefits of Amazon’s world-wide network of edge locations, regardless of whether you are a highly popular website, a small blog, a complex enterprise application or a developer doing some prototyping.

A core distributed systems component

It is not uncommon to think about a service for content delivery such as Amazon CloudFront only in the context of media distribution for web sites, but it actually plays a more fundamental role.

There are two main technology components to such a service; the first is intelligent request routing, which routes requests to the location that can best serve the user given a series of requirements and the status of the network. The second technology component is that of object caching, which is a fundamental building block in both operating systems and in distributed systems.

Caching is an essential technique that is used to make sure that components can operate at the fastest speed possible, to overcome the performance differences that exist in systems. For example CPU’s have caches that are much faster than memory, memory works as caches for disks, local disks can function as caches for remote disks, etc.

In distributed systems caching is primarily used to provide fast access to popular objects that are located in remote storage servers. These systems of caching servers often cooperate to create massive aggregate world-wide capacity to provide low latency access. And by using globally decentralized cache servers for distribution, very high data transfer speed can be achieved.

Caching technology has long been the center piece of computer systems research and in Amazon CloudFront we use the type of highly advanced algorithms for reliability and scale that you have come to expect from our Amazon services.