The MySQL Acquisition and "Save MySQL"
Sun bought MySQL for about $1 billion in 2008, then Oracle bought Sun; fearing its biggest competitor would let MySQL languish, Monty Widenius forked MariaDB and campaigned to save MySQL.
Cautionary Tales and Curiosities
The failures, dead ends, hype cycles, and true anecdotes - the bad compilers, the language wars, the things that almost worked.
78 entries, all primary-sourced
The 2010 Flash Crash
On May 6, 2010, U.S. equity markets briefly collapsed and recovered within minutes, with the Dow Jones Industrial Average falling roughly 1000 points before rebounding, as a large automated sell program interacted with high-frequency trading algorithms in thin, volatile markets.
The Stuxnet Worm
A sophisticated worm discovered in 2010 that spread through Windows zero-days to reprogram Siemens industrial controllers - widely regarded as the first cyber-weapon built to cause physical destruction.
The OpenOffice Fork
How Oracle's 2010 acquisition of Sun Microsystems led the OpenOffice.org community to fork LibreOffice and form an independent foundation, while the original codebase passed to Apache and slowly faded.
Toyota Unintended Acceleration
Reports of Toyota vehicles accelerating on their own led to recalls and lawsuits between 2009 and 2011; a NASA-led review of the engine-control software for NHTSA found no software cause of high-speed runaway, but later expert testimony described stack overflow risks, single points of failure, and tangled code in the throttle system.
The NASDAQ Facebook IPO Glitch
When Facebook went public on May 18, 2012, a race condition in NASDAQ's IPO Cross system caused the opening auction to loop and fall behind, delaying the start of trading and leaving tens of thousands of orders in limbo for hours; NASDAQ later paid a 10 million dollar SEC penalty.
The 2012 Leap-Second Outage
When a leap second was inserted at midnight UTC on July 1, 2012, a livelock bug in the Linux kernel's leap-second handling sent CPUs spinning at full load, hanging Java services and servers at Reddit, Mozilla, and others until operators reset clocks or rebooted.
The Knight Capital Trading Disaster
On August 1, 2012, a botched software deployment left dead Power Peg code active on one of Knight Capital's servers, which fired millions of erroneous orders into the market and produced losses of more than 460 million dollars in about 45 minutes, nearly bankrupting the firm.
The Flat Design Shift
The early-2010s industry move away from skeuomorphism toward flat design, marked by Microsoft's Metro, Apple's iOS 7 redesign in 2013, and Google's Material Design in 2014.
Flappy Bird
Dong Nguyen's punishingly simple mobile game became a global phenomenon in early 2014, then he abruptly pulled it from the app stores at the peak of its success, saying it had become too addictive to leave up.
The Mt. Gox Collapse
In February 2014, Mt. Gox, then the dominant Bitcoin exchange, suspended trading and filed for civil rehabilitation in Tokyo, announcing that roughly 850,000 bitcoins had gone missing. The company blamed a Bitcoin protocol quirk called transaction malleability, but the deeper story was years of undetected loss, weak controls, and mismanagement.
Heartbleed
A critical 2014 bug in OpenSSL's TLS heartbeat extension (CVE-2014-0160) let attackers read 64KB of a server's memory at a time - leaking keys, passwords, and data - and exposed how fragile under-funded open-source infrastructure can be.
Rowhammer
A 2014 study showed that repeatedly accessing one row of a DRAM chip can flip bits in adjacent rows without ever touching them; a hardware reliability flaw that researchers soon turned into a security exploit.
The left-pad Incident
In March 2016 a developer unpublished his npm packages, including the tiny left-pad, breaking builds across the JavaScript ecosystem.
The Dyn DNS DDoS Attack (2016)
On October 21, 2016, the Mirai botnet of hijacked internet-of-things devices flooded DNS provider Dyn with traffic in successive waves, making Twitter, Reddit, Netflix, Spotify, and many other major sites unreachable across much of the United States.
The GitLab.com Database Deletion (2017)
On January 31, 2017, a tired GitLab engineer ran rm -rf against the production database directory by mistake, and then discovered that all five of the team's backup and replication methods had silently failed, leading GitLab to live-stream its recovery in public.
The AWS S3 us-east-1 Outage (2017)
On February 28, 2017, an Amazon engineer ran a debugging command with a mistyped input that removed far more servers than intended, taking down core S3 subsystems in us-east-1 and cascading across a large slice of the internet for hours.
The Equifax Breach
The 2017 breach that exposed the personal data of roughly 147 million people, caused by Equifax failing to patch a known Apache Struts vulnerability (CVE-2017-5638), a textbook case of the cost of unpatched software.
The React Patent Clause Controversy
The 2017 dispute over the patent-retaliation clause in Facebook's BSD+Patents license on React. The Apache Software Foundation banned the license as Category X, and after community backlash Facebook relicensed React, Jest, Flow, and Immutable.js under the plain MIT license.
Spectre and Meltdown
Two 2018 vulnerabilities that exploited speculative execution in modern CPUs to leak memory across security boundaries, affecting nearly every processor made in two decades and forcing costly mitigations that slowed machines.
The TSB Bank Migration Failure
In April 2018 the British bank TSB attempted a big-bang migration of its core banking systems from a Lloyds-derived platform to a new Sabadell platform called Proteo4UK; the cutover failed, locking out and disrupting service for around 1.9 million digital customers for weeks and costing the bank hundreds of millions of pounds.
The Post Office Horizon Scandal
For two decades, faulty Fujitsu accounting software called Horizon showed phantom shortfalls in the accounts of UK subpostmasters, and the Post Office prosecuted around 900 of them for theft and false accounting. The 2019 High Court judgment in Bates v Post Office found Horizon was not remotely robust, exposing one of the worst miscarriages of justice in British legal history.
The Demoscene
A European computer subculture that produces real-time audiovisual 'demos' to show off coding and art skill under tight hardware constraints, recognized as intangible cultural heritage in Finland, Germany, and other countries.
The Boeing 737 MAX MCAS Disasters
Two Boeing 737 MAX crashes - Lion Air 610 in 2018 and Ethiopian 302 in 2019 - killed 346 people when a flight-control system called MCAS repeatedly trimmed the nose down based on a single faulty sensor; the aircraft was grounded worldwide for about 20 months.
The Death of Flash
Adobe Flash powered rich web media for a decade, then was killed off after Apple refused it on the iPhone and HTML5 replaced it; Adobe ended Flash on December 31, 2020.
The Elasticsearch License Change
Elastic's 2021 move of Elasticsearch and Kibana from Apache 2.0 to the SSPL and Elastic License, aimed at cloud providers such as AWS, which responded by forking the code into the open source OpenSearch project. In 2024 Elastic returned to open source by adding the AGPL.
The Fastly CDN Outage (2021)
On June 8, 2021, a latent bug in Fastly's content-delivery network, planted by an earlier deployment, was triggered by a single valid customer configuration change and took down a large share of major websites worldwide for about an hour.
The Facebook BGP Outage (2021)
On October 4, 2021, a maintenance command severed Facebook's backbone, its DNS servers withdrew their BGP routes, and Facebook, Instagram, and WhatsApp vanished from the internet for about six hours while the outage even locked engineers out of their own internal tools.
The xz Backdoor
In March 2024 a malicious maintainer was found to have spent years planting a hidden backdoor in the xz compression library, nearly compromising sshd across Linux.
The CrowdStrike Falcon Outage (2024)
On July 19, 2024, a faulty CrowdStrike Falcon content update crashed roughly 8.5 million Windows machines worldwide with the blue screen of death, grounding flights and disrupting hospitals, because a validator bug let defective channel-file data ship to production.