Suppose I had a teleporter and a pair of bolt cutters. How many different cables in different places in the world would I have to cut to take down a really major website (Google, Facebook, Amazon) without affecting the rest of the internet?
Probably dozens, for a “really major” website. Redundancy, multi-site co-location, content distribution networks…
And yet, you see sites (even major ones) go down. So there must be a certain degree of vulnerability to disruption.
And, of course, you are not hypothetically proposing any action which is illegal in the jurisdiction in which you’d be hypothetically be performing it, right? Just to be clear.
Forget dozens, probably hundreds. Big sites have multiple centers, akamai backups, multiple pipes in each center, yadda yadda yadda.
Most of the time a site goes down, it’s because something software was pushed internally without being tested, that was pushed to all the datacenters at once. It is incredibly rare to hear of a site going down from a hardware issue.
Are there really entire copies of all of Facebook’s data in hundreds of distinct locations around the world? I mean, I guess I don’t see why there couldn’t be, but 100s as opposed to dozens seems like overkill. If you had 6 top-of-the-line datacenters in 6 geographically diverse parts of the world, each one capable of “being” Facebook all by itself, why would you need hundreds?
(I’m sure at some point the answer is basically “it’s a trade secret”…)
Forget the bolt cutters. All’s you need is that (hypothetical, of course) teleporter and sufficiently large quantities of cyanide-laced hamster kibbles.
easy, just cut the cable which prevents the us of a from nuclear murder mega death ultra bombing everyone
Not possible. Too many things are dependent on these major sites (Google for hosting, Amazon for cloud services, etc.) to take them down without affecting the rest of the internet.
However, if you teleport to the house of Google’s lead administrator and physically threaten him with your bolt cutter, you might get him to take down their main site without affecting any other services.
Facebook has an interested data model where all of it’s various database models are “eventually consistent” - meaning none of them get all the updates at once, but they do talk to each other, and a status update you made on Node A will eventually get propagated to nodes B and C, and then to Nodes D and E and F, and so on, for however many copies they have.
When I say hundreds, I mean hundreds of cables to cut, not that there are hundreds of datacenters. One datacenter doesn’t just have one outbound fiber bundle, ya know? 
It’s a bit meaningless to refer to Facebook, Google or Amazon as “a website”. While they each might conceptually seem to be a single entity, with all the redundancy and replication and caching going on, none of them really exist in a single place.
Hundreds, no. I’d say 8-10 is a good safe bet with at least 2 or 3 being overseas. And no, it’s probably not a trade secret, it’s a publicly traded company with a ton of advertisers. They might not want to tell you where all the locations are, but they probably aren’t that shy about telling you how redundant their systems are. Maybe they’ll short the number by one just to keep a few tricks up their sleeve, but they need to be telling people who give them money how sure they are their ads will always be on display and that the system will never go down for hours at a time because there was an earthquake or a power outage or the new kid was tapping his feet on the ethernet cable that ran under his desk.
Are there any jurisdictions where taking down someone else’s website is not illegal, or is “illegal” only in the sense that someone can sue you for taking down their website but no crime has been committed? Sometimes the police won’t care enough or won’t have enough resources to pursue every allegation of website takedown and people will go unpunished, but is there anywhere where it is really and truly-o legal?
Well, the kind I was proposing, involving breaking into a datacenter and snipping wires, is breaking all kinds of old-fashioned laws, even ignoring the cyber aspect of it.
Although it’s an interesting question whether the laws have adapted enough to cover “and by snipping THAT cable he brought down our website and cost us a jillion dollars” in some way.
Yeah. There might be jurisdictions where the law would only consider the damage to the cable itself rather than the economic damage caused by taking down the website, making it a $5 destruction of property case rather than a $1M cybercrime case. What about just pulling the plug? Is there anywhere were just yanking the plug out of the back in such a way that you did no physical damage would be 100% legal?
Well, I guess it depends on what you mean by being Facebook. I’d imagine that my photos aren’t stored in more than a handful of places, but if you took out those places Facebook wouldn’t cease to be. There would just be some isolated data loss. I think you’d have to be quick about it though. I’d imagine that Facebook will detect server failures and recreate the data on other servers.
A Amazon guy says, based on energy data, Facebook has 180k servers and Google 1 million. That was nearly a year ago, so it’s probably much more than that now.
http://gigaom.com/2012/08/13/facebooks-number-of-servers-soar-to-an-estimated-180k/
For the large, public-facing website that most of you have heard of that I help maintain, with the right passwords and a little bit of knowledge, you could take the whole thing down in a matter of minutes. I could, right now, definitely. But I have the right passwords, which is the tricky-but-not-impossible-to-get part.
The knowledge? That’s also hard, but once again, people with the right skillset could probably figure it out.
There is always going to be a sensitive point, no matter how many servers there are or how distributed they are around the world. There has to be, because there has to be a single or small set of points that they use for maintenance and updates. You get access to that, chances are, you’ll be able to bring down the whole thing.
Needless to say, that point is pretty highly guarded.
Programmer here. In my experience, a lot of running enterprise applications would have only a single copy of the database in use at one time. All transactions (e.g. images uploaded by users, orders entered into the website by customers, etc.) would initially go into this one database. At regular intervals, such as every day at midnight, the database would be backed up. Depending on how much the site’s owners were willing or able to pay, copies of these backups could be made nightly and shipped to the four corners of the world and kept under armed guard for ten years in medieval strongholds guarded by crack squads of assault teams with the latest weaponry, reconnaissance equipment, and dogs and bees and dogs with bees in their mouths and when they bark they shoot bees at you, or copies could be sent weekly to a server in the basement of an old, rusting factory in Pittsburgh in a bad part of town, guarded by a single unarmed rent-a-cop, and deleted the next week. Restoring a backup copy to the application after loss of the main database was rarely done and was always a big endeavor that was always done manually. If the DB server was taken down by a criminal with wire cutters, what would normally happen for one of these systems would be that the system would be taken down until repairs were made in situ.
That’s not how Facebook works. They operate on an eventually consistent model. So let’s say I post a comment to Server A and immediately after you request that page from Server B. You won’t see my comment because it hasn’t propagated yet. However, if you had been routed to Server A, you would have seen my comment.
Quite possible. Most of my experience has been with small-time enterprise systems that are used for a specific organizational purpose. When the purpose of your system is so any one of 5000-5500 employees (actual number goes up and down depending on recent hirings and layoffs) can login once a month and request training materials and travel money for conferences and that their managers can login and approve or reject those requests, you typically don’t need that complexity. If the system goes down, an email goes out to “organizational_all_staff” saying that the Employee Career and Travel system is down and that we are working very hard to get it back up and in the meantime, send your training and travel requests manually thanks.
treis is right, on large social networks files and data are widely distributed. Image files will exist in many places, and be distributed further still by edge caches. Backups happen constantly in more or less real time. A web site like Facebook will have tens of thousands of database servers, each with its own copy of some subset of the databases. Replication keeps them in sync.
*WITHOUT *affecting the rest of the Internet? Ouch. Tough.
You’d have to find every server in every datacenter that ran those sites specifically, avoiding all supporting servers (DNS, etc). So… you’re talking hundreds of thousands of cables. Millions possibly.
Remember Google runs dozens of different sites, all of which are mixed-in their data centers. Amazon is behind thousands or tens of thousands of sites, again all mixed-together in the same data centers. Facebook is the easiest of your list, they only own a few different sites and the vast majority of their data center capacity is taken up by Facebook alone. (Well, they recently bought Atlas, and Atlas is mega-huge, but I doubt they’ve had a chance to move those servers from where ever Microsoft housed them yet.)
If you didn’t mind collateral damage, you could do it with a lot fewer cuts. Like you could take an entire Google data center in a few cuts. But then you’re not just taking out Google, but YouTube, DoubleClick, etc.