Pages

Wednesday, September 12, 2012

The GoDaddy Debacle: Why Email Was Down Monday

Monday morning is rarely slow for OCC. On top of that, vacations are over; our clients are back to work in full force. Around noon central time, the calls started coming in. "Email is down" was the first report, "VPN isn't connecting" the second. At the fourth or fifth, Jeff called the ISP's. Time Warner said they had been getting calls just like ours, as had AT&T... this is big......

Most clients, as is their rightful disposition, had little tolerance for our careful search for answers. They, after all, pay us to make sure the systems run as dependably as possible. Why was not a question they needed answered. After 2-4 hours of misery, it was all over of course; unsettlingly to no credit of ours.

As these things go, explanations can be equally unintelligible and overzealous. If I might attempt to avoid both pitfalls, indulge me in a simple explanation:

GoDaddy does many things, but most famously it provides domain name registration services. This allows Danica Patrick and millions of others to buy their domain names on a site that, while creeping us out on an advertising level, beats the competition on price. Domains purchased through GoDaddy typically use their domain name servers (DNS). Think of DNS as a phone book, it pairs domain names (Domain: www.google.com) with their number (IP: 74.125.227.38). This phone book is so large that it doesn't make sense for all of us to have one, just to check with our ISP's phone book, constantly updating with all the other phone books in the world. GoDaddy's DNS suffered what appears to be an attack by a hacker. GoDaddy's "phone book" was inaccessible for a number of hours, and as the only such phone book, none of those listed in the phonebook could be reached traditionally for that time. This meant emails missed, websites down, and connections unestablished.

Hackers were at it again. A specific hacker as it turns out. To avoid adding to the desired publicity of such individuals, I will respectfully decline to include the hacker's twitter handle here. What you should know is that the individual associates with ANONYMOUS, but denies membership in the aforementioned collective (insert eye roll).  GoDaddy has often upset ANONYMOUS with its public support of SOPA, the "Stop Online Piracy Act" that the hacker group characterizes as limiting online freedom.

Then... it got even more interesting........

Yesterday, GoDaddy officially said the attack was caused by internal errors, and not a hacker. We simply don't believe it. Such a failure would be inconceivable for a provider as large as GoDaddy. It was reported on Monday that GoDaddy only got their DNS back up after they crawled to their competitor Versign to take control of some of their responsibilities, a company that also specializes in the type of attack that is suspected. Why would they lie? After all, if you had a restaurant that was set ablaze by an arsonist, why would you say it was a kitchen fire? Simply because the general public sees hacking as one thing, and one thing alone: invasion of privacy.

It's true, of course. Well at least it can be.

Hacking can come in a bunch of different varieties. The real world analogies are akin to theft and vandalism. Theft removes irreplaceable value or release of private information. This type of attack has been in the news with the Apple UDID story already in progress. Most attacks, however, are of the vandalism variety, as is likely true with GoDaddy. Known as Distributed Denial of Service (DDoS) attacks, these simply make services unavailable and don't entail any privacy concerns. The hackers are never privy to sensitive information, but they prevent the target from performing business as usual. To the general public, many of whom host websites and email with sensitive information on GoDaddy host servers, the word "hacked" sounds ominous.

From our position, the image is flipped ironically. If in fact a DDoS attack shut down GoDaddy's DNS servers than we expect preventative measures will likely make them a more secure DNS provider in the future. If however they were responsible for inconceivable infrastructure oversights as they claim, we will no longer chose to do business with such a poorly run operation. In short, if GoDaddy is lying, its a good thing, and if they are telling the truth, it's very bad. As it stand, we chose to wait and see what GoDaddy's next moves are before we drag our clients and reputation around an increasingly hostile environment.


Ted Hughes
Managing Director
OCC Service Incorporated
tedhughes@occaustin.com