« March 2011 | Main | May 2011 »

April 2011

April 26, 2011

Copilot Executable Erroneously Flagged as Trojan Horse by AVG Resident Shield

We have recently received reports from our Copilot users who use AVG anti-virus software that the Copilot helper and host executables are being flagged as Trojan horse programs by AVG Resident Shield.

We have contacted AVG to request that this behavior be corrected. In the meantime, the workaround is to shut off the anti-virus software temporarily, or to override the flag so as to continue downloading. (Not being AVG users ourselves, we don't have exact steps here. Sorry!)

Copilot has two innate attributes that make it vulnerable to false positives from virus scanning software:

  • Your invitation code is compiled into the Copilot executable, which makes it unique.
  • Copilot uses VNC software to allow you to take control over someone else's computer (which is sort of the whole point of Copilot).

Both of these attributes are essential to the smooth Copilot experience which keeps people coming back. We cannot change them.

Some anti-virus programs, like Norton Insight, use a social model to determine safety. If something has been downloaded by a million people, it's probably safe. If it's never been seen before, it's suspect. Because of the compiled invitation code, our helper and host apps appear to have never been seen before.

Though we don't have confirmation from AVG as to why we're being flagged, we suspect it's because Copilot uses VNC, which allows you to take over someone else's computer, which is a good thing if you mean it, and a bad thing if you don't.

To make up for this, our executables are digitally signed, which means they can be traced back to Fog Creek Software. In a perfect world, this would be enough to be trusted by all anti-virus programs, but sometimes, as we're seeing now, it's not.

Sorry for the trouble.

Posted by Rich Armstrong at 12:52 PM |

April 14, 2011

FogBugz On Demand Maintenance on Saturday, April 16

As a part of our continuing effort to keep FogBugz On Demand running in top form, we will be performing maintenance on the FogBugz On Demand databases on Saturday, April 16 between 6 PM and Midnight EST.  Most customers will not notice, but if the timing is right some will temporarily see an "upgrading" message:

Upgrading

Don't worry, your site will quickly return to normal.

Thank you for your understanding.

Posted by Tim Stewart at 10:20 AM |

April 12, 2011

Benign URL Trigger Exceptions for FogBugz On Demand

We've completed our investigation of the intermittent exceptions being reported by FogBugz On Demand customers this morning.

The exception is for the URL Trigger plug-in, which is installed by default on FogBugz On Demand accounts.

The exception is/was totally benign and should no longer appear. It was cleared by a simple recycling of the application pools on the various web servers.

We are keeping an eye out for the same and similar errors in the future, but do not expect this to recur.

 

Posted by Rich Armstrong at 10:48 AM |

April 05, 2011

Rack Outage Post-Mortem

First, I want to apologize to all of our customers for the outage this morning.  Here's what apparently happened: An electrician working on something completely unrelated to Fog Creek, flipped the breaker that supplies power to two of our racks at our data center.  PEER 1's NOC actually called us about it as soon as it happened, to let us know they couldn't reach our equipment, and then a few minutes later their data center people realized the problem and restored our power pretty quickly.

Regardless of why this happened, it's ultimately our responsibility to mitigate failures in our datacenter.  We take full blame for this issue.

The most obvious problem (contrary to our earlier post) is that we do not have UPSes installed in our datacenter racks.  The data center has them, but we don't have individual ones for our rack.  We will be purchasing these to isolate us from power problems at the data center. 

Secondly, our racks are interconnected in such a way that a power failure in one rack can isolate the remaining racks from one another.  We were already aware of this situation before the power failure and have plans in place to fix it, so this is entirely our fault for not getting that done sooner.  We just hired another sysadmin to help us dig through our workload.

Lastly, our SQL servers are currently single points of failure.  We can lose a web server or load balancer or firewall and everything continues to function.  If we lose a SQL server, all customers on that system will be offline.  Like the switching problem, we already had plans to resolve it and are doubling down our efforts to get it done.  We will be ordering a new pair of database systems to finish out a redundant configuration.

We will keep you in the loop as we implement these changes.  Stay tuned to this status blog and http://blog.fogcreek.com for new information and please call us or email if you have any complaints, suggestions, or feedback.

We're sorry for letting you down this morning and promise to make sure we're prepared next time.

Posted by Tim Stewart at 05:41 PM |

And we're coming back online...

Peer1 shut off the power to our cage.  Apparently they were installing a circuit somewhere and the electrician turned off the breakers.  We have UPS, but they only last for a few minutes until things can shut down.  Systems are coming back up now and we'll keep you updated.

Posted by Michael Pryor at 10:38 AM |

April 04, 2011

Screen shot tool and XML API requests temporarily failing

Screen shots submitted with the FogBugz screen shot tool, BugShooting, and other solutions to FogBugz On Demand were failing with the message "Network path not found" from this morning until 12:20pm EDT.

This is because the screen shot tool uses the XML API to upload the attachment and API requests run through one server in our system. We took the server down as part of routine maintenance and the downtime occurred until we were able to bring it back up.

This downtime has uncovered two hard-coded settings within our code that need to be enhanced to fail gracefully. Our first change, checked in today, and live at the very next push, is to make the address of the API server a registry setting, so that we can redirect requests during planned maintenance, and reactively redirect to another, working server in the case of unplanned downtime.

We will be doing more work to uncover these single points of failure.

Sorry again for the screen shot tool downtime. 

Posted by Rich Armstrong at 10:26 AM |