Thanks for pointing this out. This makes it much more likely that someone messed up a server/firewall configuration than that Musk is ripping out network cables at NIH.
I’m a little late to this thread; but is PubMed really one of the most reliable services in the history of the internet?
I worked on the underlying infrastructure that powers PubMed in the 2010’s at the National Library of Medicine.
I was all up in that thing converting legacy pneumatic Johnson Control systems to Siemens PXC’s, and didn’t actually realize its historical importance online. That’s pretty cool to see this comment.
We had full access to the Datacenter at the National Library of Medicine, and as a young apprentice I really had no idea what PubMed was at the time lol.
I only realized how important of a system it might be when we saw the realtime traffic analytics on the screens outside of the data hall.
Pubmed is essentially Google for scientists. Anytime you search for scientific publications you usually use Pubmed. Of course there are alternatives, but until now you didn't really have to know about those. Everyone just used Pubmed, I'd bet that even most European scientists didn't know the local alternatives until now.
And there's a lot more functionality made available to scientists by the NIH.
I almost never use pubmed, while I use Google Scholar everyday (for neuroscience/medical/computer science research). But I admit that all medical researchers I know only use pubmed.
Apparently the FAA database that tracks accident investigations is down also, and probably a bunch of other systems that regular people aren't aware of that various organizations rely on.
If this was a Chinese cyberattack, it would be the scandal of the decade. But it's on purpose.
So looking at this from a technical point. NIH.gov has three name servers. Each host are still up, but only answering dns on TCP and not UDP. All three are located under the same AS, which implies that there is a single operator responsible. No ipv6. From the outside I can't see any sign that they have delegated operation of either the servers or the service to any external company.
Doing some more looking around, it seems like NIH has a department/group/structure called Center for Information Technology, which is the IT support side of NIH and are the operators for the DNS servers.
I'm going to regret this, I bet, but here we go: Many years ago I was the manager of the team inside NIH/CIT that ran both the border firewalls and the DNS servers in question (to be specific, at the time it was NIH/CIT/DNST/NEB/NSS). Obviously, since I'm not there anymore I don't have any special inside information, but given that the DNS servers were responding to TCP and not UDP during the outage, my bet would be a simple firewall screwup, rather than malice.
Stuff happens - maintenances have unintended consequences, people typo stuff, etc. Don't freak out about every event - save your powder for the real outrages (like 18F).
Interesting, those IP addresses are under a different AS and under a different organization, that of National Library of Medicine. They don't seem to use the IT infrastructure of nih.gov.
For quick reference, BLAST refers to the 'Basic Local Alignment Search Tool' that's a commonly used part of the bioinformatics toolkit. You 'BLAST' sequences by sending a query sequence of interest against a database of other sequences to find similarity hits.
I have been out of the field for some time, so I am not sure how much BLAST is used these days.
Therer was a time when BLAST-ing a DNA and protein sequence you have is like doing a Google search on it: it simply tells you where the sequence might come from. This is useful especially when your research is to figure out what that specific sequence is doing. It won't give you the answer immediately (otherwise why bother doing the research at all), but it certainly gives context: sequence similarity often hints at similar / related functions.
As an analogy: imagine if StackOverflow is suddenly down and you don't know *if* it's going to be up again.
My sibling is a molecular biologist working in the industry and they do use BLAST data. She's been telling her company for months they need to secure access with an alternative source or offline backup, hopefully their software team started it in time.
Fair, and to be totally clear, even when I was in the field (an age ago), sequence stuff was never really my thing. However, sequence comparison is a fairly fundamental tool.
Of course, yes you can run these things locally, other providers (such as EBI Europe and Japan) have them, etc. It's still a bad sign on the pile of other bad signs, IMO.
Not a professional, but still use it like that. They also have a new smartblast thing, which works much faster (really, really like Google!) but only on highly similar proteins.
NIH/NSF pages have always gone down periodically for maintenance or otherwise, where this tends to happen over the weekend. It seems like this reaction by the HN community is a bit hasty. I've been reading HN since 2008 or so, and I feel like the comment quality is not what it once was....
Readit News
Given that the service is still partially operational (albeit not in a useful way), it's difficult to say from the outside what is going on.
Thanks for pointing this out. This makes it much more likely that someone messed up a server/firewall configuration than that Musk is ripping out network cables at NIH.
I worked on the underlying infrastructure that powers PubMed in the 2010’s at the National Library of Medicine.
I was all up in that thing converting legacy pneumatic Johnson Control systems to Siemens PXC’s, and didn’t actually realize its historical importance online. That’s pretty cool to see this comment.
We had full access to the Datacenter at the National Library of Medicine, and as a young apprentice I really had no idea what PubMed was at the time lol.
I only realized how important of a system it might be when we saw the realtime traffic analytics on the screens outside of the data hall.
And there's a lot more functionality made available to scientists by the NIH.
If this was a Chinese cyberattack, it would be the scandal of the decade. But it's on purpose.
Doing some more looking around, it seems like NIH has a department/group/structure called Center for Information Technology, which is the IT support side of NIH and are the operators for the DNS servers.
Stuff happens - maintenances have unintended consequences, people typo stuff, etc. Don't freak out about every event - save your powder for the real outrages (like 18F).
I can't ping 130.14.55.128
Therer was a time when BLAST-ing a DNA and protein sequence you have is like doing a Google search on it: it simply tells you where the sequence might come from. This is useful especially when your research is to figure out what that specific sequence is doing. It won't give you the answer immediately (otherwise why bother doing the research at all), but it certainly gives context: sequence similarity often hints at similar / related functions.
As an analogy: imagine if StackOverflow is suddenly down and you don't know *if* it's going to be up again.
Of course, yes you can run these things locally, other providers (such as EBI Europe and Japan) have them, etc. It's still a bad sign on the pile of other bad signs, IMO.
https://europepmc.org/
https://www.ebi.ac.uk/ena/browser/home
https://www.ensembl.org/
Denmark's ecosystem is definetly a North Star for this.
That said, BLAST seems to be up [0]
[0] - https://blast.ncbi.nlm.nih.gov/Blast.cgi
Perhaps "unreachable" in the title is a figure of speech
I have no problem reaching these websites and can provide IPs to anyone who needs them
For example,
www.nih.gov 23.41.4.71 (Akamai)
www.nih.gov 2.22.31.155 (Akamai)
www.nih.gov 60.254.143.7 (Akamai)
www.nih.gov 95.101.74.96 (Akamai)
www.nih.gov 88.221.24.17 (Akamai)
www.nih.gov 184.51.148.226 (Akamai)
www.nih.gov 54.235.145.223 (Amazon)
pubmed.ncbi.nlm.nih.gov 34.107.134.59 (Google)
blast.ncbi.nlm.nih.gov 130.14.29.110
Usage example
echo 130.14.29.110 blast.ncbi.nlm.nih.gov|busybox sed -i -e 1r/dev/stdin -e1N /etc/hosts
echo 34.107.134.59 pubmed.ncbi.nlm.nih.gov|busybox sed -i -e 1/r/dev/stdin -e1N /etc/hosts
NIH/NSF pages have always gone down periodically for maintenance or otherwise, where this tends to happen over the weekend. It seems like this reaction by the HN community is a bit hasty. I've been reading HN since 2008 or so, and I feel like the comment quality is not what it once was....
which is unreachable
23.41.4.71 shows the following text
"Invalid URL The requested URL "[no URL]", is invalid.
Reference #9.47532217.1740935192.27b71986
https://errors.edgesuite.net/9.47532217.1740935192.27b71986"
Deleted Comment