DO NOT USE Oracle Cloud if you care about security, integrity, or your and your customer's private information because it won't be secure with Oracle Cloud! (Oracle Cloud Infrastructure Review )

If you're a programmer or anyone needing a backend. I would not suggest Oracle Cloud. If you're a stockholder or looking to invest in Oracle. I wouldn't. They are far behind in the times. Their cloud infrastructure is crumbling.

This is a review that might I add is protected by the FTC therefore Oracle cannot take it down, and if any evidence is needed. I have plenty. This situation led to the banning of my account after I upset tech support, but in exchange, they went into my server and took data and then sent me an attack script straight from the Oracle support board. Experience: computers 18 years. Internet Security 9.5 years. AWS 5 years. Oracle 4 mo. Languages: PHP, JS, C, HTML, CSS. (do those last two even count anymore?)

Since this is a programming reddit. Here's a tidbit to those who have moved to the light away from Apache: NGINX 1250 pm.max_children / 400 pm.max_requests / pm.start_servers 64 / pm.min_spare_servers 32 / pm.max_spare_servers 64 - auto | this was on a server with 24 cores, 256GB of RAM, and this handled 125,000 connections and was able to process 3,400 new connections with a 2Mb download per connection per second. You will also need access to a 50Gbps port as well to handle that many connections per second. So, anyway, Oracle decided to go digging around my server:

I signed up for the Oracle Startup program as I wanted to get away from AWS. I think AWS has some really great services, but I also can see the cost of their services is way beyond the price they should be. That's not what deters me from Amazon though. I think Amazon has too much power and I don't like the ethics of his company. They recently started favoring direct purchases from China but this is another story.

I signed up for Oracle Cloud (OCI) with my application that directly stated I was working on a social network that also was to be a hub for crypto securities. A place where you can inspect the rating of sellers, and contacts to make sure you're not getting scammed.

I saw they had a GPU instance, which I needed for the development of my project. It was the worst mistake of my life. The first thing was that they told me it was impossible to get Windows on a GPU4.8 instance which makes absolutely no sense. Their website proclaims that you can use any OS with their GPUs and even bring your own.

Yet, they still wouldn't. I made a fuss about this because Linux is not my favorite. I've used it for 5 years securing web servers but my experience is namely NGINX, SSL, Docker, Firewalls, IPTables, OpenVPN, Mining, Routing, etc. you know, web server stuff.

So, I started using Linux to set things up. Nothing worked. It crashed 25 times to the point I had to terminate the instance and get a new one. I have only had a server fault on me once and that was my fault when I blocked my own IP in IP tables. That was the only time I've ever been locked out of a server. Around my 5th try, I decided to test some mining pools, so I could start one of my operations which was ledger accountability. Out of pure redundancy, I proxied my connection with a VPN to my servers at OVH and routed it onion style to the pool. My connection should have been completely secure and unseen. All traffic from the server would have just been a connection to my other server of which they should not have seen any contents.

Alas, that instance failed, and that was the last time I mined, but I had enough data to proceed with the accountability. I was using machine learning to route every transaction from the pool with their ending accounts, and I ultimately found that one pool was sending money to a scam account (it had many comments, and reviews all over the internet about how this account never pays them for converting their cryptocurrency) and then that scam account would send 4 big transactions (from the same block reward that was sent to it) to different accounts, of which all sent their balance to the same account of which had hundreds of Ethereum in it. It also turned out that the scam website that the scam Ethereum wallet that converted the coins into bitcoin for their "miners" belonged to the same person. The reason I found this out was that they both used the same server, had the same kind of code, same generic design, and same web miners as all of the other ones. The guy makes the best fake sites you'll find, but his style is deadly obvious. Still, when you use the same server for all of your projects, someone is going to find out. I did alert the pool, but then 8 faceless profiles appeared in the chat out of nowhere attacking the credibility of the report even though there were a lot of people complaining about not being paid out for a block. You can actually see there the pool was stealing whole blocks at a time, of which none of the rewards was paid out to anyone. But the guy completely washed away the conversation by spamming his fake profiles.

I had too much to do so I didn't waste my time. And I'm not sure if I mentioned this. I did ask permission to mine before I mined and they told me that many of their customers were in Crypto and that they fully support it. That was obviously a lie. I did look for every Term of Use, Acceptable Use, and Policy that I could find, and not one mentioned Crypto Mining.

Later I tried to SSH into the server and it again crashed, so I used the Oracle Cloud SHELL to make a temp connection. The connection refused, even with a newly generated key. I rebooted and tried off and on for 2 hours. This was going to be a reoccurring theme for 3 weeks.

You also have to ask ORACLE to do anything. And I really mean anything. You know how on AWS you basically do what you want more or less as long as you pay when they ask you to? Yeah. No. Everything is locked on Oracle Cloud. You have to get approval for EVERYTHING. The system is so buggy that after I received approval to make a GPU4.8 instance, I had to go to support because it wasn't showing up. It took a week for them to fix it. That was the only time out of 20 support requests that they actually did something.

I was getting to the point where I was so angry that my eyes were twitching. Not my eye-lids. My eyes. And it was the strangest feeling ever because it looked as if everything was kind of bouncing.

I have never seen such an incompetent support team in my life! I hate AWS but guess what? I am never dissing them again. At this point. I don't care if they charge me 10x more than what Oracle does. The support and services beat them. You get what you pay for, and if you want headaches, constant server crashing, bad support, lazy support, and to be spied on, go to Oracle Cloud!

For 3 weeks, I had nothing but headaches with their system. And if you don't know anything about CIDR, routing, DNS, VCN, etc. don't even try to use Oracle Cloud. They are not user-friendly at all unless you specifically know about things from the 90s that no one uses anymore. They really need to streamline their system as Amazon does.

I finally found out what happened with my bare metal instance. I happened to be looking at a live log file as I was about 20 hours in. One line said process failure. Then it kept coming down.

1. Time and Date Service Failure

2. Hostname Service Failure

3. Virtualization Daemon Failure

4. NVIDIA Daemon Failure

5. Time Dated Systemd Failure

6. Uptrack Prefetch Failure

7. g_str_has_prefetch: "assertion 'str !=NULL ' failed (72 times it posted this in a minute)

8. Could not find home directory: $HOME is not set and user database cannot be read

9. Can't load configuration file /etc/udisks2/udisks2.conf

10. Failed to load config files: Failed to get contents of the config dir (/etc/libblockdev/conf.d/)Error opening directory "/etc/libblockdev/conf.d/"

11. udisks daemon version 2.9.0 starting

12. Requested start of the logical partition overlaps with extended partition metadata. Start of the partition moved to 1. (which made no sense because I didn't execute any command like this)

13. Unmounted dev/sda2 on behalf of UID 0

This all happened within 3 minutes, which by the end of it, my server completely stalled. I rebooted and logged into the cloud shell to see what it was doing on bootup.

It seemed normal until it started saying "failure" of which then booted me out of SSH and refused to connect. I rebooted and still refused to connect.

I tried every instance because this kept happening every 20 or so hours. I installed webmin, a great web server tool that I would recommend to everyone. I booted up the partitions on a fresh install (well not really because ORACLE tainted it with their software so each Distro is basically Oracle Linux and if you didn't know, even NVIDIA refuses to support Oracle Linux because of how restrictive and broken their distro is) Amazon Linux is fully supported by NVIDIA though. Which. Would normally pain me to say but I have no issues referring anyone to AWS now after the onslaught of disaster that I experienced with Oracle.

So each one would basically destroy itself when using the GPU4.8. I brought this up to them a few times of which they seem to care very little of. Then magically one time when I needed permission to move my instance (from which I already had approval but I needed approval again for some reason) and I requested to use Windows as the operating system as it says on their site. They had all of the time in the WORLD! They were very fast to respond, but they only asked me questions about the failing instances. Their zoom call had 8 people on it which has never been the case before. After I gave them the information about the failing operating systems and where to look, they completely ghosted me. 14 hours went by. Still no response. I sent them 4 messages over an 8 hour period. No response.

They closed my ticket randomly without even responding. Then I tried to reopen the ticket and told them that I was going to contact corporate and 1 hour later they banned my account for crypto mining.

So here's the thing. Oracle Instances are supposed to be encrypted. I got an email from them stating that there is ABSOLUTELY NO WAY FOR ANY OF THEIR EMPLOYEES, NONE, TO ENTER CUSTOMER SERVERS. Okay, that's funny. Because the only time I mined was 2 weeks ago, so it would be weird that you found that 2 weeks later if you were constantly that far behind, you would actually be years behind right now since they started how long ago. If it took them 2 minutes to process 1 minute of traffic, they would be behind 6 months in one year. At which case makes no sense. They also have instant "security" on their cloud so you would be able to detect any mining activity ON THE SPOT.

Aside from that. My server's traffic should have been completely hidden under two different proxies for redundancy. The first line went to my server at OVH so the connection would have been non-suspicious. And that line was also proxied to the pool.

The thing that erked me was that they kept saying that there is no way for them to enter or see anything on our servers. Which is funny, because one time, a random IP entered my server using an SSH key as the root user, and forced logged me out, and kept doing it for 2-3 minutes until I forced logged out that user. I checked to see what they were up to, and it was empty. The IP address used to login to my instance though was, you guessed it, from Oracle.

Here is the reply I received from Oracle Support:

______________________________

Hello Andrew,

Kindly be informed that no one from Oracle can access the servers, instances or resources which belong to our customers. If such an event took place on your servers, it was not determined by Oracle.

Please provide the details requested in my previous message so that I can continue the investigation on your request.

I am looking forward to your update.

Thank you and have a nice day!

Kind regards,

Cosmin

______________________________

Which okay, I believed him.

But then all this stuff happened and support was being the worst like they always are, and then they banned me for mining, of which I did on an encrypted server with all ports and incoming IP addresses blocked (well: drop) except for those who request access via an SSH key on port 22 to which then makes that IP address an established connection.

From my understanding, they have zero access? It says it all over their website and their forms. But this support team seems very sketchy to me because I had actually just moved Ethminer, an open source project that I had been updating from my desktop to my server via sftp and the name of zip was just source.

I had blocked and erased on my instance that Oracle uses for "analysis" and then also turned off their monitoring and other tools they use, as well as uninstalled any software that sent my logs elsewhere. That in itself is just a violation of privacy.

So, here I have some miner software with folder $HOME/docker/d/source/*ethminer

The only way they could have found that was if they had access to my file system. Which is completely and utterly unacceptable as then that exposes my PASSWORDS, any CUSTOMER DATA, and PRIVATE INFORMATION that a server holds. And I get why there should be some reporting metrics on a server, but really to that extent? If they have can log into these users to get the connection to send reports, then ANYONE at Oracle has front door access to your server. They also have a USB plugged into their Linux bare metals partitions of which you cannot see the contents.

I would warn any business using Oracle Cloud Infrastructure to MIGRATE your data and sanitize any backdoors that they may have, or that an employee may have put onto your instances.

Because I find the support team to be very sketchy:

1. They don't have a clue what they're doing. Seriously. I've been on the phone with these "tech experts" for hours and they don't have a clue what they're talking about. I've had to teach them how to do their job. It's that bad.

2. A cybercriminal doesn't need to be smart, they just need to know how to follow instructions

3. Any access to your server can be exploited to gain full access

4. An IP address that is owned from Oracle SSH'd into my account as ROOT and tried to log me out. The log says the user didn't do anything, but that would be strange since I was logged out, 4 times until I was able to type "sudo killall -9 -u ROOT"

5. They were very attentive when their machines were failing but when it came to actually help me, I got ghosted again... And this had happened 3 to 4 times before this.

6. An hour after I tried to reopen a closed ticket from which they kept ignoring and said I was going to contact corporate about how incompetent their team was and how awful their coding abilities were. They banned me; of which they claimed there was crypto mining traffic. But the report they sent me, was blank, and for some reason when I opened the JSON file, my computer blocked a connection to a random IP.

Upon further review of this JSON file. It was instructed to do a TCP Amplification Attack. It was sending it to IP: 66.220.41.79 which is Mighty Oak Technology. I have never heard of them. They aren't accredited at all. I have ZERO software that is associated with them. The last time they posted anything on their site was 2019.

Oracle IS NOT SECURE. Do not HOST anything there. After what I have seen from their employees, they HAVE ABSOLUTELY NO CLUE WHAT THEY'RE DOING! Zero! I almost cried when I returned to the Amazon console because I have never felt so safe. And you have no idea how painful it would normally be to say that. I cannot stand Amazon. I refuse to buy from them and if you find my Facebook, half of my posts are about bashing Amazon. But I have experienced the worst customer experience and the worst violation of my personal data I have ever witnessed, that it joys me now to refer AWS compared to the experience I had with Oracle.