Smartsizing Blog
Don't put all your digital eggs in one basket
Diversify your work stack 
Updated in light of AWS going down 21 Oct 2025
Signal messenger app is one of many operations that rely on Amazon Web Service (AWS) - aka 'the Cloud', and this dependency was highlighted during the recent AWS outage on October 20, 2025 This disrupted various messaging services, including Signal, WhatsApp, iMessage, and X Chat as well as regular mobile networks and ISPs such as Vodafuck and its dependents such as Lebara.
This AWS snafu underscored the risks associated with centralized cloud infrastructure, where a single point of failure can cripple a wide range of services. The incident exposed the vulnerabilities of relying on a single cloud provider, as it led to widespread disruptions and raised questions about the resilience of digital communications during emergencies. And yet a further illustration as to why redundancy is important and why the old copper-wire 'home telephone' network should never have been abandoned. The vulnerability of Signal due to its reliance on AWS is a significant concern, as it means that the app's availability and functionality are dependent on the stability of AWS's infrastructure. This centralization creates a single point of failure, which can be problematic during outages or other disruptions
Jaguar 'Hackuar' debacle
In a follow up piece to the scandal of Jaguar Land Rover being hacked, claiming no sensitive date was stolen then 'U-turning' on that and admitting that
they did in fact have a sexual relationship that was not appropriate
'some data was affected'...
The Register warns about businesses being over-reliant on one external eco-system, in this case Microsoft:-
Many businesses rely entirely on Microsoft's ecosystem – 365, Azure, and Active Directory. While this offers seamless integration, it creates vulnerabilities, including increased supply chain risk and dangerous vendor lock-in.
Monocultures breed risk and major software supply chain incidents are becoming more prevalent. When attackers compromise one component, like a legacy test account, Microsoft's deep interconnectedness allows them to move laterally and gain access to other critical systems, as seen in the "Midnight Blizzard" attack on Microsoft itself.
Furthermore, companies shouldn't be forced to stay with vendors due to restrictive licensing and prohibitive switching costs. This lock-in problem is so severe that it has prompted significant regulatory scrutiny, but the Competition and Markets Authority (CMA) must go further on its enforcement, ensuring businesses can diversify without punitive exit costs.
It's the same overall message that we push here of resilience. Many businesses large and small rely - nay overrely - on outsourcing all their digital eggs, including security, to one bigtech basket. When that basket fails, companies scramble to cover themselves, often not really knowing the cause or what to do because it's not 'their' system. The bigger the target - eg Microsoft Azure - the more it will be targetted for vulnerabilities and attack vectors because it's relied on by so many. Employees and managers are often complacent that they are safe because they're basket is in the hands of a big giant. And this giant looks after everyone else's baskets. They all trust the giants hands, so that must mean it's a safe pair of hands, right? Er...
Links and alternative links:
- Archive of Cryptonomist article on Signal/Musk clash
- Jaguar Land Rover breach
- Jaguar Key Lessons full article