{"id":139669,"date":"2025-12-23T17:29:26","date_gmt":"2025-12-24T01:29:26","guid":{"rendered":"https:\/\/xira.com\/p\/2025\/12\/23\/the-day-that-chatgpt-died-lessons-for-the-rest-of-us\/"},"modified":"2025-12-23T17:29:26","modified_gmt":"2025-12-24T01:29:26","slug":"the-day-that-chatgpt-died-lessons-for-the-rest-of-us","status":"publish","type":"post","link":"https:\/\/xira.com\/p\/2025\/12\/23\/the-day-that-chatgpt-died-lessons-for-the-rest-of-us\/","title":{"rendered":"The\u00a0Day That ChatGPT Died: Lessons For The Rest Of Us"},"content":{"rendered":"

\u201cCause the players tried to take the field
The marching band refused to yield
Do you recall what was revealed
The day the music died?\u201d<\/em> \u2014 Don McLean, American Pie<\/a><\/p>\n

That musical metaphor was painfully apt on November 18, when my own digital world temporarily went silent.<\/p>\n

On that day, I,\u00a0like\u00a0a lot of\u00a0people, experienced\u00a0the outage of several LLM tools like ChatGPT and Claude.\u00a0At first, I didn\u2019t think all that much about it. But there are some real lessons here about technology and reliance on it we should all heed.<\/p>\n

The\u00a0<\/strong>Day It Died (Temporarily)<\/strong><\/p>\n

November 18 started like any other day. I was up early to\u00a0finish some articles to meet a deadline.\u00a0I was in the middle of\u00a0doing so\u00a0and needed\u00a0some information\u00a0to\u00a0finish\u00a0them. I figured that information would be easy and quick to get\u00a0from ChatGPT\u00a0so I had\u00a0procrastinated\u00a0doing the work.\u00a0<\/p>\n

Just what I needed:\u00a0when I opened\u00a0ChatGPT\u00a0on my laptop, I\u00a0got some strange message about my\u00a0credentials\u00a0being invalid.<\/p>\n

My\u00a0immediate\u00a0reaction was yikes! I\u00a0checked\u00a0my phone and was able to open ChatGPT on it. I\u00a0explained\u00a0the problem\u00a0to ChatGPT hoping for some solution. We went through about 45 minutes of instructions on how to change various\u00a0security settings on my laptop, none of which worked, of course. What wasn\u2019t suggested was that there was an outage and hang tight for a bit.<\/p>\n

Of course, we all later found out the outage was caused by a\u00a0failure\u00a0of something called\u00a0Cloudflare.\u00a0What\u00a0Cloudflare\u00a0does is protect its customers which are many, not just\u00a0ChatGPT,\u00a0from malicious security attacks like\u00a0credential stuffing, cross-site scripting, SQL injection, bot attacks, and API\u00a0abuse. When\u00a0it\u00a0failed, it blocked access\u00a0temporarily\u00a0to many of its\u00a0customers like\u00a0ChatGPt\u00a0and Claude sites.<\/p>\n

The outage\u00a0was corrected\u00a0and most of us went about our business.<\/p>\n

But for the deadline-driven\u00a0and exacting business\u00a0lawyers and legal professionals are in, it\u2019s right to hit pause and\u00a0understand what actually happened.<\/p>\n

And in doing so, there are a couple of lessons not just for ChatGPT and\u00a0Cloudflare\u00a0but for the rest of us as\u00a0well. Lessons about\u00a0cybersecurity and\u00a0reliance on technology.<\/p>\n

So What Happened<\/strong>?<\/strong><\/p>\n

One of the most astute observers of the\u00a0cybersecurity\u00a0scene is\u00a0the journalist and investigative reporter\u00a0Brian\u00a0Krebs<\/a>. He\u00a0writes\u00a0a\u00a0blog\u00a0called\u00a0Krebs on Security<\/a>. It\u2019s a blog worth reading on a regular basis since it\u00a0brings the\u00a0myriads\u00a0of\u00a0security\u00a0risks we all\u00a0otherwise unknowingly face every day.\u00a0He talks\u00a0regularly\u00a0about security incidents, cyber-attacks, vulnerabilities, and related threats.<\/p>\n

In his post on\u00a0November\u00a019, Krebs talked about the outage. The post was\u00a0entitled\u00a0The\u00a0Cloudflare\u00a0Outage May be a\u00a0Security Roadmap<\/a>.\u00a0The title itself suggests why we need to be a little cautious.<\/p>\n

Krebs\u00a0provides a timeline for the incident which\u00a0Cloudflare described as \u201can internal service degradation.\u201d\u00a0Cloudflare\u00a0and Krebs\u00a0were\u00a0quick to point out that the outage\u00a0was not\u00a0due to\u00a0a cyberattack or any sort of malicious activity. But that doesn\u2019t mean the incident didn\u2019t have some significant\u00a0security wrinkles.<\/p>\n

The Outage Impact<\/strong><\/p>\n

So\u00a0you say, so what?\u00a0The system failed but people couldn\u2019t access the LLMs anyway. Not so fast,\u00a0according\u00a0to Krebs.\u00a0Like me with my cell phone, lots of people were still able to access tools like ChatGPT with workarounds,\u00a0particularly\u00a0those with some knowledge about how to do it (which was not me, I just got lucky).\u00a0<\/p>\n

Since\u00a0Cloudflare\u00a0protects not just ChatGPT but a whole host of\u00a0entities,\u00a0that means there were a lot of folks exposed during the limited time of the\u00a0outage. And\u00a0many of these\u00a0entities themselves pivoted away from\u00a0Cloudflare\u00a0during the outage\u00a0so their sites remained accessible to\u00a0customers and others. This created a window of\u00a0opportunity\u00a0for\u00a0bad guys\u00a0that were\u00a0previously\u00a0kept at bay\u00a0by\u00a0Cloudflare.<\/p>\n

The bottom line, if the\u00a0Cloudflare\u00a0customers relied\u00a0only\u00a0on the\u00a0Cloudflare\u00a0protections and didn\u2019t have\u00a0adequate\u00a0back-up protections,\u00a0they and\u00a0their customers were\u00a0exposed,\u00a0and they need to\u00a0check\u00a0to see if they were attacked\u00a0during that time period.<\/p>\n

So\u2026.<\/strong><\/p>\n

Two lessons\u00a0for\u00a0the rest of us. First, when it comes to cybersecurity, you need to have\u00a0double\u00a0or even triple protections. The\u00a0problem\u00a0with\u00a0technology\u00a0is that it can fail and\u00a0fail\u00a0quickly and in unpredictable ways. I can\u2019t tell you how many times I have stood up to give a\u00a0presentation\u00a0only to have the technology I was going to rely on fail. I\u00a0learned\u00a0a long time ago as a trial lawyer that when you are going to present evidence to a judge or jury, you need to have several\u00a0contingency\u00a0plans. The same is true here. Remember the concept of\u00a0a\u00a0belt AND\u00a0a pair of\u00a0suspenders.\u00a0When it comes to\u00a0cybersecurity,\u00a0maybe it\u2019s belts and\u00a0pairs of\u00a0suspenders.<\/p>\n

Second lesson. We need\u00a0to think\u00a0before we become overly\u00a0reliant\u00a0on any technology\u00a0but particularly GenAI. Why\u00a0particularly\u00a0GenAI?\u00a0It\u2019s getting\u00a0significant\u00a0publicity and traction anywhere and everywhere these days. The\u00a0revolutionary potential of it has us all\u00a0salivating\u00a0as we picture\u00a0a changed world.<\/p>\n

That may be so. But it\u2019s still technology that can fail \u2014 fail\u00a0unpredictably\u00a0and\u00a0spectacularly. The\u00a0Cloudflare\u00a0outage didn\u2019t impact me\u00a0all that much\u00a0other than some\u00a0inconvenience. I got the research I needed in old-fashioned\u00a0ways. It\u00a0just took longer.\u00a0\u00a0<\/p>\n

But if I were sweating a filing deadline\u00a0and had no back-up plan, the result could have been\u00a0catastrophic.\u00a0As\u00a0previously written<\/a>,\u00a0let\u2019s\u00a0pause\u00a0and get a reality grip\u00a0here.\u00a0To take\u00a0vendor\u00a0promises with a grain of salt. For a whole host of reasons\u00a0Melissa Rogozinski<\/a>\u00a0and I\u00a0discussed\u00a0in a several\u00a0recent\u00a0Above the Law articles<\/a>, the promises don\u2019t always match reality.\u00a0<\/p>\n

As\u00a0discussed\u00a0before,\u00a0the margin for error in law is exceedingly small. And the impact of error is\u00a0exceedingly\u00a0large. That means we can\u2019t be complacent about technology, especially\u00a0one seeming capable of doing so many things that were previously done either by people or various technologies. That meant failure of\u00a0either\u00a0a\u00a0human or\u00a0one piece of\u00a0technology\u00a0would\u00a0not\u00a0be\u00a0quite as impactful as the\u00a0potential\u00a0failure of an LLM\u00a0that does so many things.<\/p>\n

We need to all remember that as we rush to wholesale adopt GenAI in our work and everyday life.<\/p>\n

Let\u2019s Not Forget the Day the Music Died<\/strong><\/p>\n

Don\u2019t overrely\u00a0on GenAI or any tech for that matter. Have back-up and contingency plans. Don\u2019t fall for the idea that\u00a0any tech, just like any human, can\u2019t fail from time to time.\u00a0<\/p>\n

That\u2019s the nature of tech.\u00a0It doesn\u2019t mean we don\u2019t take advantage of it, it means we do so with eyes open.<\/p>\n

Let\u2019s not forget the day our tech music died. Keep playing American Pie in your head.\u00a0And\u00a0yes,\u00a0if the song is\u00a0in\u00a0your head today, you can blame me.<\/p>\n

\n

Stephen Embry is a lawyer, speaker, blogger, and writer. He publishes\u00a0TechLaw Crossroads<\/a>, a blog devoted to the examination of the tension between technology, the law, and the practice of law<\/strong><\/em>.\u00a0<\/p>\n

The post The\u00a0Day That ChatGPT Died: Lessons For The Rest Of Us<\/a> appeared first on Above the Law<\/a>.<\/p>\n

\u201cCause the players tried to take the field
The marching band refused to yield
Do you recall what was revealed
The day the music died?\u201d<\/em> \u2014 Don McLean, American Pie<\/a><\/p>\n

That musical metaphor was painfully apt on November 18, when my own digital world temporarily went silent.<\/p>\n

On that day, I,\u00a0like\u00a0a lot of\u00a0people, experienced\u00a0the outage of several LLM tools like ChatGPT and Claude.\u00a0At first, I didn\u2019t think all that much about it. But there are some real lessons here about technology and reliance on it we should all heed.<\/p>\n

The\u00a0<\/strong>Day It Died (Temporarily)<\/strong><\/p>\n

November 18 started like any other day. I was up early to\u00a0finish some articles to meet a deadline.\u00a0I was in the middle of\u00a0doing so\u00a0and needed\u00a0some information\u00a0to\u00a0finish\u00a0them. I figured that information would be easy and quick to get\u00a0from ChatGPT\u00a0so I had\u00a0procrastinated\u00a0doing the work.\u00a0<\/p>\n

Just what I needed:\u00a0when I opened\u00a0ChatGPT\u00a0on my laptop, I\u00a0got some strange message about my\u00a0credentials\u00a0being invalid.<\/p>\n

My\u00a0immediate\u00a0reaction was yikes! I\u00a0checked\u00a0my phone and was able to open ChatGPT on it. I\u00a0explained\u00a0the problem\u00a0to ChatGPT hoping for some solution. We went through about 45 minutes of instructions on how to change various\u00a0security settings on my laptop, none of which worked, of course. What wasn\u2019t suggested was that there was an outage and hang tight for a bit.<\/p>\n

Of course, we all later found out the outage was caused by a\u00a0failure\u00a0of something called\u00a0Cloudflare.\u00a0What\u00a0Cloudflare\u00a0does is protect its customers which are many, not just\u00a0ChatGPT,\u00a0from malicious security attacks like\u00a0credential stuffing, cross-site scripting, SQL injection, bot attacks, and API\u00a0abuse. When\u00a0it\u00a0failed, it blocked access\u00a0temporarily\u00a0to many of its\u00a0customers like\u00a0ChatGPt\u00a0and Claude sites.<\/p>\n

The outage\u00a0was corrected\u00a0and most of us went about our business.<\/p>\n

But for the deadline-driven\u00a0and exacting business\u00a0lawyers and legal professionals are in, it\u2019s right to hit pause and\u00a0understand what actually happened.<\/p>\n

And in doing so, there are a couple of lessons not just for ChatGPT and\u00a0Cloudflare\u00a0but for the rest of us as\u00a0well. Lessons about\u00a0cybersecurity and\u00a0reliance on technology.<\/p>\n

So What Happened<\/strong>?<\/strong><\/p>\n

One of the most astute observers of the\u00a0cybersecurity\u00a0scene is\u00a0the journalist and investigative reporter\u00a0Brian\u00a0Krebs<\/a>. He\u00a0writes\u00a0a\u00a0blog\u00a0called\u00a0Krebs on Security<\/a>. It\u2019s a blog worth reading on a regular basis since it\u00a0brings the\u00a0myriads\u00a0of\u00a0security\u00a0risks we all\u00a0otherwise unknowingly face every day.\u00a0He talks\u00a0regularly\u00a0about security incidents, cyber-attacks, vulnerabilities, and related threats.<\/p>\n

In his post on\u00a0November\u00a019, Krebs talked about the outage. The post was\u00a0entitled\u00a0The\u00a0Cloudflare\u00a0Outage May be a\u00a0Security Roadmap<\/a>.\u00a0The title itself suggests why we need to be a little cautious.<\/p>\n

Krebs\u00a0provides a timeline for the incident which\u00a0Cloudflare described as \u201can internal service degradation.\u201d\u00a0Cloudflare\u00a0and Krebs\u00a0were\u00a0quick to point out that the outage\u00a0was not\u00a0due to\u00a0a cyberattack or any sort of malicious activity. But that doesn\u2019t mean the incident didn\u2019t have some significant\u00a0security wrinkles.<\/p>\n

The Outage Impact<\/strong><\/p>\n

So\u00a0you say, so what?\u00a0The system failed but people couldn\u2019t access the LLMs anyway. Not so fast,\u00a0according\u00a0to Krebs.\u00a0Like me with my cell phone, lots of people were still able to access tools like ChatGPT with workarounds,\u00a0particularly\u00a0those with some knowledge about how to do it (which was not me, I just got lucky).\u00a0<\/p>\n

Since\u00a0Cloudflare\u00a0protects not just ChatGPT but a whole host of\u00a0entities,\u00a0that means there were a lot of folks exposed during the limited time of the\u00a0outage. And\u00a0many of these\u00a0entities themselves pivoted away from\u00a0Cloudflare\u00a0during the outage\u00a0so their sites remained accessible to\u00a0customers and others. This created a window of\u00a0opportunity\u00a0for\u00a0bad guys\u00a0that were\u00a0previously\u00a0kept at bay\u00a0by\u00a0Cloudflare.<\/p>\n

The bottom line, if the\u00a0Cloudflare\u00a0customers relied\u00a0only\u00a0on the\u00a0Cloudflare\u00a0protections and didn\u2019t have\u00a0adequate\u00a0back-up protections,\u00a0they and\u00a0their customers were\u00a0exposed,\u00a0and they need to\u00a0check\u00a0to see if they were attacked\u00a0during that time period.<\/p>\n

So\u2026.<\/strong><\/p>\n

Two lessons\u00a0for\u00a0the rest of us. First, when it comes to cybersecurity, you need to have\u00a0double\u00a0or even triple protections. The\u00a0problem\u00a0with\u00a0technology\u00a0is that it can fail and\u00a0fail\u00a0quickly and in unpredictable ways. I can\u2019t tell you how many times I have stood up to give a\u00a0presentation\u00a0only to have the technology I was going to rely on fail. I\u00a0learned\u00a0a long time ago as a trial lawyer that when you are going to present evidence to a judge or jury, you need to have several\u00a0contingency\u00a0plans. The same is true here. Remember the concept of\u00a0a\u00a0belt AND\u00a0a pair of\u00a0suspenders.\u00a0When it comes to\u00a0cybersecurity,\u00a0maybe it\u2019s belts and\u00a0pairs of\u00a0suspenders.<\/p>\n

Second lesson. We need\u00a0to think\u00a0before we become overly\u00a0reliant\u00a0on any technology\u00a0but particularly GenAI. Why\u00a0particularly\u00a0GenAI?\u00a0It\u2019s getting\u00a0significant\u00a0publicity and traction anywhere and everywhere these days. The\u00a0revolutionary potential of it has us all\u00a0salivating\u00a0as we picture\u00a0a changed world.<\/p>\n

That may be so. But it\u2019s still technology that can fail \u2014 fail\u00a0unpredictably\u00a0and\u00a0spectacularly. The\u00a0Cloudflare\u00a0outage didn\u2019t impact me\u00a0all that much\u00a0other than some\u00a0inconvenience. I got the research I needed in old-fashioned\u00a0ways. It\u00a0just took longer.\u00a0\u00a0<\/p>\n

But if I were sweating a filing deadline\u00a0and had no back-up plan, the result could have been\u00a0catastrophic.\u00a0As\u00a0previously written<\/a>,\u00a0let\u2019s\u00a0pause\u00a0and get a reality grip\u00a0here.\u00a0To take\u00a0vendor\u00a0promises with a grain of salt. For a whole host of reasons\u00a0Melissa Rogozinski<\/a>\u00a0and I\u00a0discussed\u00a0in a several\u00a0recent\u00a0Above the Law articles<\/a>, the promises don\u2019t always match reality.\u00a0<\/p>\n

As\u00a0discussed\u00a0before,\u00a0the margin for error in law is exceedingly small. And the impact of error is\u00a0exceedingly\u00a0large. That means we can\u2019t be complacent about technology, especially\u00a0one seeming capable of doing so many things that were previously done either by people or various technologies. That meant failure of\u00a0either\u00a0a\u00a0human or\u00a0one piece of\u00a0technology\u00a0would\u00a0not\u00a0be\u00a0quite as impactful as the\u00a0potential\u00a0failure of an LLM\u00a0that does so many things.<\/p>\n

We need to all remember that as we rush to wholesale adopt GenAI in our work and everyday life.<\/p>\n

Let\u2019s Not Forget the Day the Music Died<\/strong><\/p>\n

Don\u2019t overrely\u00a0on GenAI or any tech for that matter. Have back-up and contingency plans. Don\u2019t fall for the idea that\u00a0any tech, just like any human, can\u2019t fail from time to time.\u00a0<\/p>\n

That\u2019s the nature of tech.\u00a0It doesn\u2019t mean we don\u2019t take advantage of it, it means we do so with eyes open.<\/p>\n

Let\u2019s not forget the day our tech music died. Keep playing American Pie in your head.\u00a0And\u00a0yes,\u00a0if the song is\u00a0in\u00a0your head today, you can blame me.<\/p>\n

\n

Stephen Embry is a lawyer, speaker, blogger, and writer. He publishes\u00a0TechLaw Crossroads<\/a>, a blog devoted to the examination of the tension between technology, the law, and the practice of law<\/strong><\/em>.\u00a0<\/p>\n

The post The\u00a0Day That ChatGPT Died: Lessons For The Rest Of Us<\/a> appeared first on Above the Law<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

\u201cCause the players tried to take the fieldThe marching band refused to yieldDo you recall what was revealedThe day the music died?\u201d \u2014 Don McLean, American Pie That musical metaphor was painfully apt on November 18, when my own digital world temporarily went silent. On that day, I,\u00a0like\u00a0a lot of\u00a0people, experienced\u00a0the outage of several LLM […]<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"","_et_pb_old_content":"","_et_gb_content_width":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[16],"tags":[],"class_list":["post-139669","post","type-post","status-publish","format-standard","hentry","category-above_the_law"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/posts\/139669","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/comments?post=139669"}],"version-history":[{"count":0,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/posts\/139669\/revisions"}],"wp:attachment":[{"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/media?parent=139669"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/categories?post=139669"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xira.com\/p\/wp-json\/wp\/v2\/tags?post=139669"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}