Uptime Bug Risks Huge Data Loss for HP Customers

HP firmware issue: The technology manufacturer Hewlett Packard has announced a firmware issue that could affect thousands of enterprise users. A series of solid-state drives sold by the company, at their 32,768th hour of operation will fail and potentially cause massive and irretrievable data loss.

The “critical firmware update” needed to avert the SSD uptime bug, was announced by the manufacturer with the warning that should customers and systems administrators fail to implement the firmware fix within the almost 4 year window of operation, “ neither the SSD nor the data can be recovered.”

Additionally, any SSDs operationalised at the same time (a real possibility in many enterprises), will likely fail at the same moment – meaning backups made to the same hardware will also be lost.

Integrity and Availability

The cause of this HP firmware issue is likely a simple, yet avoidable mistake of trying to save memory by only programming what is known as a signed integer, to a bit length not fit for purpose. Essentially a minor version of the same problem that caused the fateful ‘millennium bug’, it is somewhat surprising that bugs such as this still make it out into the wild.

Though it’s likely that most system admins will patch the bug in time, this announcement is a stark warning to those using uniform hardware and firmware across their networks. As we all know, the implementation of reliable backup systems is critical to enterprises who take information security seriously.

The infosec trinity of Confidentiality, Integrity and Availability (CIA) is greatly dependant on a good degree of forward thinking and contingency planning. Principles that are well illustrated by preventable bugs such as this.

The Importance of Backups

Secure and reliable backing up should be considered a fundamental to any Information Security Officer (ISO) and Chief Technical Officer (CTO), though to the average user, the importance of this practice can sometimes be lost.