Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Every SRE knows that the leading cause of outages by far is someone making a change to the system. Twitter isn’t shipping many new features right now or even doing much maintenance. But eventually they will have to.

So the analogy becomes, the new boss sold all the fire extinguishers and also placed a short temporary ban on cooking in the building. But eventually people are going to start turning on stoves again… and then…



This is correct, but also: a sudden decline in maintenance is a kind of change in its own right. Even automated processes have humans in the loop and manual sign-offs; there's always some cronjob or short-lived certificate somewhere that a human was dutifully maintaining.

Those things aren't going to fail any sooner than they would have anyways, but they're going to fail a lot harder due to the loss of institutional knowledge.


Welp, their TLS cert expires second week of the new year. I really hope for them that’s an automated process.


Except that he at the same time demanded that people invent an entirely new dish by the end of the week, and now they are scrambling to try to figure it out. Already the DMCA auto-takedown bot is apparently broken and people are posting entire movies on Twitter. I would expect other peripheral systems to start breaking down as nobody is maintaining them even as other parts of the system are being changed.


Are we in support of DMCA now?


I don't think you really think that's what OP is saying.


2FA as well


oh noes! Not the DMCA auto-takedown bot!

Said no-one in the entire world except a hand-full of Hollywood studio owners.

That bot shouldn't have existed in the first place, but I know that that falls under "just world fallacy" and is a naive thought.


I interpreted the GP's comment less as a moral claim ("the DMCA bot is good") and more as a claim that the DMCA bot's failure is a strong indicator of internal instability (given that it sits directly at the intersection between Twitter's profit interests and microservices architecture).

Put another way: being unable keep a little bot running, one that keeps an entire industry happy, doesn't bode well for other components of the service.


No it’s proof that people will take anything and run with it. This bot likely had low priority and that’s all


Run with what?

It seems self-evident that the bot was considered low priority, since it isn’t working anymore. But nobody is disputing that: they’re saying that the fact that it is low priority does not bode well.


> This bot likely had low priority and that’s all

If it was a prerequisite to land $100M ARR from all the media properties’ marketing budgets to advertise the multi-billion dollar pipelines of the movie and entertainment industry, that lil’ bot was the gate to $11,415 per hour of revenue at risk if its uptime failed to sufficiently please the attorneys and auditors from those customers.


I mean, does Twitter want to be a party to a copyright lawsuit? If not, following legitimate looking DMCA notifications (and legitimate looking DMCA counter-notifications) and responding to suponeas as necessary gets you an affirmative defense for copyright infringement.

You may not like it, but having a bot do that probably saves a lot of legal hassle.


Content providers cannot be held liable for user generated content under section 230. Try again.


Hm? Intellectual property is explicitly carved out of 230, and even if it wasn’t: it isn’t user generated. Content providers are regularly found liable for infringement on their platforms, especially when the plaintiff can demonstrate willful negligence (which in this case would include discontinuing a seemingly effective scanning system.)


§230(e)(2) says

> (2) No effect on intellectual property law

> Nothing in this section shall be construed to limit or expand any law pertaining to intellectual property.

If section 230 from the CDA of 1996 provided immunity from copyright claims, there would be no reason to include procedural requirements for processing claims in the DMCA of 1998.


Twitter is a global company.

Many jurisdictions take an even harsher line when it comes to being complicit in intellectual property abuse. We saw this famously with The Pirate Bay, Napster etc.


youtube literally been sued over this exact issue multiple times.


Well, Disney won’t care why their copyrighted material is publicly available, noone likes this sort of copyright, but if Elon wants to avoid huge fines he better (make someone) fix it ASAP.


I wonder whether this handful of Hollywood studio owners will have any influence on Twitter's revenue at all...


Well it is exposing them to significant legal risk if they no longer comply, isn't it?


> Twitter isn’t shipping many new features right now

Is that true? I thought one of Elon’s big pushes was launching the whole Blue Tick subscription thing. That doesn’t feel like a small feature.


Given that Twitter already offered premium API access, they've got billing in place, so now they add a new form that, once your credit card is verified, flicks a boolean on an account that was previously flicked by another process.

It might not be small, but it's not exactly huge.


It’s more than that. For one it’s not an existing boolean, there are now two different kinds of blue tick that are presumably stored separately. Blue is also supposed to give the user fewer ads (while making them more relevant) as well as additional weight in feed ranking algorithms. It’s also intended to be offered worldwide which adds a lot of complication to things like payment flows.

I’m not saying it’s going to bring the site down tomorrow but that one feature touches on a lot of services.


I imagine their premium API was also available worldwide.

Okay, so two booleans, and checks of those booleans in a couple of algorithms.

This still isn't a huge change, it's not completely new functionality. Once again, not saying it's small, but it definitely isn't huge.


Clearly worldwide payments is an issue otherwise they’d have rolled it out worldwide day one, and they didn’t. There must be something holding that back.

Plus I really don’t think you can compare B2B payments for premium API access to end user payments. Not least because they aren’t going to be going the same route: a huge number of them will be via Apple or Google in-app purchasing. Ask anyone who works with those systems, it isn’t a quick plug and play job.

In general though, a new subscription tier, feed algorithm changes, UI changes… if these aren’t, what is a big change in your book?


Blue is paid by in app purchase that seems to haven't implemented until that. Its functionality is far from premium API access.


As I said, a new form.

They already had billing integration, even if you're accessing it via a new route, and they already had a boolean on your account.

Like I said, not small, but not exactly huge either.


Except there was a crapload of social engineering testing around this feature that was just skipped altogether.

Suddenly that simple change had the potential for catastrophic consequences.


Yep, doing it right would've been harder, but Musk was after doing it right now.


I guess you could say doing it right wasn't exactly rocket science.


/golf clap.


I was just about to make the same analogy. The chance that anything will break when there are no new commits is way lower


> Twitter isn’t shipping many new features right now

When was the last major new feature? The site has always seemed pretty stagnant.


They outright built me-too versions of both Clubhouse and IG Stories, and a lot of stuff trying to encourage people to be nice.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: