Well?

You're not alone. Amazon's EC2 setup in Ireland got clobbered by a lightning strike at the weekend. Took all of our production servers down with it :/

This one was a multi million user site, hundreds of thousands spent to prevent the issues we'd had in the past, several secure and pci compliant data centres with non pci backup if need be to ensure the site could actually work.

Went down on day 3

It's quite common in a lot of AES implementations to simply store the IV at start of the ciphertext so the lack of a seperate column doesn't mean that a standardised IV is being used.

I'm with you there - AES is only as good as your key storage and storing that securely on an web server while still being able to actually use it is a serious headache. AFAIK the forgot password functionality on PH just generates you a random password so if it were me I'd just be using an SHA implementation with a per-user salt (just to make life harder for all the Rainbow Table enthusiasts out there)

NB: I'm not criticising PH here! Just a topic I'm interested in (although woefully out of touch lately)

It turned out there were some major errors in how the main site dealt with the mirror, both were corrupted. I'm not a tekkie! As I understand it code was changed on the main site which meant the database was being accessed very inefficiently. An incident occurred which led to 10x traffic and db requests, should not have been a problem as we expect this. The code had been copied to the mirror and emergency sites - so no point in having them!

Eta: of couse when I rang various people they were already working on it. Sods law that I was rang in the pub by our American owners.

All I'll say is I've not come across a business that allows their staff members to post regarding an outage in the way Stuart has here before. If you have a question I'm sure he will answer, you don't have to use this website.

Not al al;l. No such suggestion was implied or intended. I never thought that at all

I simply applaud the efforts to tell the users what is happening.

Every business suffers IT problems.

I do not wish to suggest for a moment that any of the Pistonheads staff are not genuinely trying to be helpful. Nor do I intend to impune the honesty of any individual whatsoever.

However I do think it is better when dealing with a problem to admit to it and state that everything is being done within resources to resolve this difficulty.

I learnt in business that the abscence of confirmation can appear to be a denial

The early reports of difficulties on Pistonheads suggested a temporary difficulty lasting a few minutes.

A few days later it seems that all is still not well.

Good communication requires straightforward statements which are regularly and accurately updated.

I do think this problem could have been handled better but no doubt my many of my former clients would say the same of me.

It is not a perfect world as I know to my cost.

I frequently quote the epithet to clients:

'When you are up to your Ar-e in Aligators it is not easy to remember that the object of the excercise was to drain the Pi--ng Swamp'

I hope the generally excellent website and service will resume asap.

I feel like i have invested far too much time into this site

The site is really slow and unresponsive right now (17:25 - 17:30)

It took nearly a minute just to load the "Reply to topic" page.

ETA: It took 90+ seconds after clicking "Submit" to process this post.

...v...e...r...y...............s...l...o...w.....................