Oct 14, 2004

PayPal Upgrade Brings Instability... But Its Back (at least most of it)

It seems that it is not a good time to be in the on-line payments business. In addition to exploiting problems with Internet Explorer such as incorrectly showing the secure lock and deceptive domain names, there have also been a lot of DDoS attacks on companies such as Authorize.net [Story] and Worldpay [Story]. While this is disturbing, it is not as disturbing as the latest PayPal saga.

Accord to two Netcraft articles, PayPal's site was redesigned a couple days ago, and this crippled PayPal's site. While performance has improved today, there are still some services that are not fully on-line (SlashDot Article and SlashBack).

With the WorldPay and Authorize.net problems, the problem is not software-related, but with PayPal, this is an unbelievable mistake. Books like Core Servlets and JavaServer Pages make it a point to distinguish between the test environment and the production environment, and I would have thought that an organization like PayPal would not only have a test environment, but also use it. Interestingly enough, to help developers integrate with PayPal services, PayPal does have a developer network that allows you to play with fake money to test your applications (I hope that this service is on a separate server and database), and so it would seem to simply be a practice what you teach-type of situation. It seems strange that a valuable service like PayPal would have testers to ensure that such situations do not occur, or maybe they took this weeks Java Developers Journal newsletter a little too seriously. Who knows.

One of the Netcraft articles states that eBay (PayPal's parent company) can roll-back to a previously stable software version, which PayPal does not yet have that functionality, but in saying this, they also point-out that eBay is running Windows 2003, whereas PayPal is running Linux. I do not see a correlation here, but I also have not done a lot of Web-development with Windows, so maybe it is something that I am unaware of it; to me, it just seems like poor planning and testing.

Filed In