Mar 02 4:22 PM PST We are providing an update on the ongoing service disruptions affecting the AWS Middle East (UAE) Region (ME-CENTRAL-1) and the AWS Middle East (Bahrain) Region (ME-SOUTH-1). Due to the ongoing conflict in the Middle East, both affected regions have experienced physical impacts to infrastructure as a result of drone strikes. In the UAE, two of our facilities were directly struck, while in Bahrain, a drone strike in close proximity to one of our facilities caused physical impacts to our infrastructure. These strikes have caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage. We are working closely with local authorities and prioritizing the safety of our personnel throughout our recovery efforts.

In the ME-CENTRAL-1 (UAE) Region, two of our three Availability Zones (mec1-az2 and mec1-az3) remain significantly impaired. The third Availability Zone (mec1-az1) continues to operate normally, though some services have experienced indirect impact due to dependencies on the affected zones.

Would you rather have a smoke alarm that goes off 33% of the time you make toast, or one which never goes off when there's a fire ?

Re: 1/3 wrong of 60 is progress (?)
The problem is not with the "smoke alarm" it's with the fire engine.

1 day
MOH

Re: 1/3 wrong of 60 is progress (?)
When I'm making toast, I'm making toast.

I'm aware of what I'm doing and ensuring that the toast making doesn't escalate to a house fire.

If it does, that is fully on me.

I don't need a wonky security camera setting off a fire alarm for times a day because my dark brown slippers have vaguely the same shade as burnt toast and it blindly assumes a fire is in progress.

1 day
Yet Another Anonymous coward

Re: 1/3 wrong of 60 is progress (?)
But it could be useful if you're very confused and might be about to put marmalade on your slippers

As NASA prepares to send four astronauts around the moon for the 10-day Artemis II mission, a veteran space flier's unexplained illness in orbit is spotlighting one of the biggest risks of deep-space travel: the need for medical systems in case of emergencies.

NASA astronaut Michael Fincke said a sudden episode aboard the International Space Station (ISS) in January left him unable to speak and forced NASA's first-ever medical evacuation from the orbiting laboratory. Doctors have ruled out a heart attack, Fincke told the Associated Press, but they still don't know what caused the medical issue.

NASA was able to get Fincke (along with the three other members of the crew) back to Earth relatively quickly from the ISS. But that may not be the case for the longer lunar missions the agency envisions under the Artemis program.

Secure Boot is a feature of UEFI, and it's a requirement for any computer that wants to run a modern version of Windows. It exists to protect us against malware that infects your computer's bootloader. There's a security certificate stored in the UEFI which your computer uses to check the Windows bootloader, to ensure it's legitimately signed by Microsoft, and not an imposter.

So far, so good, but what happens when the certificate in your UEFI expires? Well, we're all about to find out.

Mar 02 4:22 PM PST We are providing an update on the ongoing service disruptions affecting the AWS Middle East (UAE) Region (ME-CENTRAL-1) and the AWS Middle East (Bahrain) Region (ME-SOUTH-1). Due to the ongoing conflict in the Middle East, both affected regions have experienced physical impacts to infrastructure as a result of drone strikes. In the UAE, two of our facilities were directly struck, while in Bahrain, a drone strike in close proximity to one of our facilities caused physical impacts to our infrastructure. These strikes have caused structural damage, disrupted power delivery to our infrastructure, and in some cases required fire suppression activities that resulted in additional water damage. We are working closely with local authorities and prioritizing the safety of our personnel throughout our recovery efforts.

In the ME-CENTRAL-1 (UAE) Region, two of our three Availability Zones (mec1-az2 and mec1-az3) remain significantly impaired. The third Availability Zone (mec1-az1) continues to operate normally, though some services have experienced indirect impact due to dependencies on the affected zones.

Greg Kroah-Hartman can't explain the inflection point, but it's not slowing down or going away. //

No one is quite sure what's behind it. Asked what changed, Kroah-Hartman was blunt: "We don't know. Nobody seems to know why. Either a lot more tools got a lot better, or people started going, 'Hey, let's start looking at this.' It seems like lots of different groups, different companies." What is clear is the scale. "For the kernel, we can handle it," he said.

"We're a much larger team, very distributed, and our increase is real – and it's not slowing down. These are tiny things, they're not major things, but we need help on this for all the open source projects." Smaller projects, he implied, have far less capacity to absorb a sudden flood of plausible AI-generated bug reports and security findings – at least now they're real bugs and not garbage ones. //

The trick for Kroah-Hartman and his peers will be to keep AI as a force multiplier, without drowning the open source maintainers.

IanRS
Bigger problems
In my work as a security architect I occasionally get asked by an assurer or auditor why I think running AWS infrastructure in just two availability zones without a second region is enough. The latest was just earlier this week. It shows that they do not understand risk/impact balance outside their own little box. I have to point out that if something can take out two geographically separated data centres simultaneously then the impact is not restricted just to their website, and they probably have bigger problems to worry about. Some of them accept this. Some still think another region would help.

20 hrs
Anonymous Coward

Re: Bigger problems
I worked for a small public sector body. An auditor once asked what would happen if both our main and DR sites went dark. I said if that happened, something very big & bad was happening and no-one was going to care about our organisation.

Auditor ticked their box as we had clearly considered the possibility and we had a plan. (Do nothing is still a plan!)

I received an email / billing notification from AWS this week that may be the most diplomatically crafted communication in the history of cloud computing. Here it is, stripped of the usual boilerplate around it:

"AWS is waiving all usage-related charges in the ME-CENTRAL-1 Region for March 2026. This waiver applies automatically to your account(s), and no action is required from you."

No explanation. No mention of the Iranian drone strikes that physically destroyed two of three availability zones in the region on March 1st. No reference to the 109 services that went down, nor the customers who spent weeks unable to terminate EC2 instances via the console because the control plane was as dead as the hardware underneath it. No acknowledgment that an entire month of cloud infrastructure effectively ceased to exist. Not even a link to their remarkably short (presumably because it wasn't insulting the Financial Times' reporting) corporate blog post explaining that you probably shouldn't expect that region to be working reliably again any time soon.

Just: we're waiving the charges. You're welcome. Move along.

I want to be clear: I have no problem with this. It's a tough situation, and it's not AWS' fault, given that there is not yet an Amazon standing military force.

But here's the part that caught my attention. The email continues: "You will not see any March 2026 usage for the ME-CENTRAL-1 Region in your Cost and Usage Report or Cost Explorer once processing is complete."

They're not just waiving customer charges for a month; they're erasing the billing and inventory data! //

For most organizations, the AWS bill isn't just an invoice. It's the canonical record of what infrastructure exists, where it's running, and how long it's been there. The Cost and Usage Report (CUR) is the closest thing many companies have to a single source of truth that accurately describes their cloud footprint.