It is shitty for infrastructure. 99.9% server uptime means your site might be down for about 44 minutes per month, through no fault of your own--i.e. that does not even take into account scheduled downtime, application problems, DDOS attacks, etc.
I do count scheduled downtime and DDOS attacks in my uptime, which is why I wouldn't tolerate 44 additional minutes of downtime from my infrastructure provider.
yeah, my argument is that scheduled downtime (scheduled by the infrastructure provider) and ddos attacks (against the infrastructure provider or other customers of the infrastructure provider) should count against the infrastructure provider's uptime.
The current balance of power is tipped, right now, so hard in favor of the attackers that if anyone wants to take /you/ out, well, it's pretty difficult (read: expensive) to stop them, and if you are some $20/month customer, your upstream is probably going to just finish the job and cut you off... but if the guy next to you gets attacked and you are collateral damage? You should count that against your service provider. There are usually things we can do (as service providers) to limit collateral damage, even in the cases where we are unable to protect the target. If nothing else, providers who tend to tolerate sites that get attacked often, well, they suffer collateral damage from attacks, generally speaking, more often than sites that are less tolerant. It's sad, really 'cause sometimes the targets are not doing anything really wrong, but you've gotta protect your network.
There is some advantage of scale here, too... The DoS that is hardest to fight is the pipe-filling attack. If the attacker can fill your upstream port(s), then there isn't really much you can do, besides blocking the target at your upstream, (I mean, assuming the source is random, as it often is.) The larger your upstreams are, the more you can absorb before you have a choice between cutting off the target customer and having all your customers cut off.
