It is true that there really isn’t another cloud provider that they could choose. All of the other cloud providers (major and minor players) are prone to the same sort of systemic failure. But it isn’t true that they didn’t have another choice.
The solution to service failure is redundancy. Making the redundancy as different as possible makes it even more resilient. In this case, that would be having redundant servers on other cloud providers which can be used in the event that the main one fails. Even better if they can use all of them simultaneously to share the load and let failover happen more gracefully.
I don’t think that’s necessarily incompatible with what I suggested. They could just leave the backup servers offline until they’re actually needed which shouldn’t cost them anything (or at least not much; some cloud providers charge for a VM’s storage usage regardless).
Assuming that Signal’s servers were designed by competent engineers, the engineering cost to make a change like this shouldn’t be that bad. Though judging by Whittaker’s comments, that may be a bad assumption.
It is true that there really isn’t another cloud provider that they could choose. All of the other cloud providers (major and minor players) are prone to the same sort of systemic failure. But it isn’t true that they didn’t have another choice.
The solution to service failure is redundancy. Making the redundancy as different as possible makes it even more resilient. In this case, that would be having redundant servers on other cloud providers which can be used in the event that the main one fails. Even better if they can use all of them simultaneously to share the load and let failover happen more gracefully.
Right, OK, but Signal sustains itself on charity.
I don’t think that’s necessarily incompatible with what I suggested. They could just leave the backup servers offline until they’re actually needed which shouldn’t cost them anything (or at least not much; some cloud providers charge for a VM’s storage usage regardless).
Assuming that Signal’s servers were designed by competent engineers, the engineering cost to make a change like this shouldn’t be that bad. Though judging by Whittaker’s comments, that may be a bad assumption.
That is very pricey