24

LOL Have I Been Pwned has pwned itself, cost-wise. Here the steps:
1) Go all in on cloud shit like Azure
2) Think you're a smartass
3) Trick the cost side with even more cloud, this time Cloudflare
4) Be not quite as smart as you think
5) Enjoy your 7000 EUR bill
6) Make some tweaks and continue with step 2.

Source: https://troyhunt.com/how-i-got-pwne...

Bonus laughter: he's a "Microsoft Most Valuable Professional", though not an actual employee.

Comments
  • 1
    Lesson 1 for not getting pwned by bandwidth costs:

    1. Use Oracle Cloud for any kubernetes and bandwidth-heavy stuff

    2. Use Azure Expressroute to connect your Azure stuff to Oracle Cloud and vice versa with Oracle Fastconnect for bidirectional low-latency connection, no rearchitecting needed

    3. Enjoy your low-cost multicloud with the fancy stuff of Azure and the savings of Oracle Cloud when you want to pinch pennies
  • 2
    @homomorphicanus Pretty much the same and falls also under "they never learn" - only that it's even worse because it involves Oracle.
  • 6
    I do think that cloud services enable to do things you normally could not afford. But like a mortgage it is something you have to do intelligently and well monitored.
    If not you could be in way over your head.
  • 1
    @hjk101 That's part of the business plan.
  • 4
    Just...
    Don't use Azure.
  • 2
    @GyroGearloose I appreciate the irony of an MS fanboy getting ripped off by MS.
  • 3
    Lol
    I wanted to use Azure services a few years ago, the imagine recognition software module.
    This was before Face time and such apps (meaning I could had the first camera that could recognize stuff in pics and people mood...
    I don't remember how much it was, but they were asking a lot for bulks of 3000 images.
    So, I would have to pay a huge amount if I made such app free.
    And every user would have to pay a few dollars for each image.
    This for a joke app...
    Fk them with a huge fire extinguisher... And hot souce as lube.
  • 8
    Have no cost alert or bandwidth alert on infrastructure that can cost you millions of dollars to run.

    What could happen?

    He paid very little money for that mistake.

    What you do first on cloud account you set your bill alert lol.
  • 3
    I'm sure he's good for $11K. I remember when he told his story about trying to sell HIBP, paying $1m to an accounting firm, and then deciding not to sell.
  • 5
    Meh, it wasn't the most ridiculously stupid mistake of all time. He was really screwed by Cloudflare anyways and the cache file size limit
  • 1
    Why the hate on Azure here? It was a misconfigured cache in cloudflare.

    Ofcourse you can expect your cloud costs to rise if your caching layer just stops running. That would be true for any cloud.

    Fanboys just wanna hate on microsoft for no reason. (Yes i know there are many good reasons, but this is not one of them)
  • 1
    @Heliarco Yeah, what's not to love about a solution that was pretty cheap, and suddenly you get a 7000 EUR bill? How about, dunno, Azure should have issued a warning instead of such a bill?

    Maybe you can actually configure that, but if even a die-hard MS fanboy failed on that, the conclusion is that it's a deliberate cost trap.
  • 1
    If said costs were due to hardware costs....
    But thers similar services for really cheap and fixed prices...
    Not with all the services that Azure has tough.
  • 5
    @Fast-Nop It takes literally 3 minutes to set up:

    Go to subscription -> Budget -> create budget -> Create alert rule from budget, enter your email / phone number / whatever.

    Wanna also stop budget overruns, add an action group to the alert rule that changes public access rules to the storage account / recycles SAS keys depending on how the public download acces was granted.

    You can start making this at 8am, finish at 9am and spend the rest of the day on devrant shaking your head at people complaining about a tool they don't bother learning to use properly
  • 1
    @Heliarco Its literally a part of the azure developer 101 course (Az-204 atm) how to set up these protections
  • 2
    @Heliarco These experiences are so common also with other cloud services like Amazon that "user error" doesn't compute. I rest my case that this is a deliberate part of the business model, including blaming the user.
  • 2
    @GyroGearloose so you blame people running a lot of hardware and cost to develop cutting edge technology for charging you something because you want to make a fun app for free...
    Somehow that does not compute with me
  • 1
    @Fast-Nop they made it easy to setup but not mandatory. That does make it feel like it is pretty of a business model.
    If you are a responsible adult you are fine. If not you likely sooner or later pay a hefty fine.
  • 5
    @hjk101 Reminds me of mobile data traps some 10 years or so ago, in particular with roaming. Same kind of scam.

    And btw., Troy Hunt isn't some clueless noob.
  • 0
    @dontbeevil yey yep that's exactly it
  • 0
    Sorry for the delay...
    Well I wanted to make money by offering a free and fun app...
    So I wanted to spend 0....
    Just think, a kid installs the app and uses it 20 times a day...
    Multiply it for 1000 kids...
    Compare the spent money with the ad revenew and you can start writing the bankrupt papers.
  • 0
    Ya... But for that prices it's impossible... Even a comercial app wouldn't be commercially viable :(
    Like, I understand for professional services... But Azure prices are just outrageous...
    I never liked Microprose anyway... Damn Evil Corp. When I wanted a cheap vps to learn I got myself one that costed like 15€ a month... Azure version, for the time I used said server (8 to 10 daily hours for a few months) I would had to pay way way way more...
Add Comment