Update: GoDaddy says service is completely restored, and that the outage was not the result of a hack. Full statement here.
On Monday, GoDaddy experienced a major outage, and a a result, many sites went down. Many users and businesses had a lot of complaints, as you can imagine. The company has not confirmed the reason for the outage, but a member of Anonymous, going by Anonymous Own3r, has been taking credit for an attack.
It appears that GoDaddy is still working to repair the damage, but the company says service is back for most of its customers. GoDaddy tells WebProNews in an email:
At around 10:25 am PT, GoDaddy.com and associated customer services experienced intermittent outages. Services began to be restored for the bulk of affected customers at 2:43 pm PT.
At no time was any sensitive customer information, such as credit card data, passwords or names and addresses, compromised. We will provide an additional update within the next 24 hours. We want to thank our customers for their patience and support.
ICANN, or the Internet Corporation for Assigned Names and Numbers, entered into the .com Registry Agreement between themselves and Verisign in 2006. This allowed Verisign to operate the .com top-level domain for a number of years. If allowed to go forward, Versign would be in charge of .com domains once again for years to come.
In the spirit of transparency, ICANN is inviting the public to submit their thoughts on the renewal of the .com agreement. The current agreement will end on November 30 of this year, so they ask that all comments be submitted before April 26.
The major changes between the 2006 agreement and the proposed agreement for 2012 is a pretty hefty list. There’s a lot here, but it’s more important to read it yourself and form an opinion on it.
Changes to Modernize the 2006 Agreement
1.1. Functional and Performance Specifications revised to:
1.1.1. Require support for IPv6: registry operator will accept IPv6 addresses as glue where applicable, and will offer IPv6 access to the Shared Registration System (e.g., EPP), Whois, and DNS servers.
1.1.2. Require removal of orphan glue records in connection with malicious conduct: consistent with advice from ICANN’s Security and Stability Advisory Committee, registry operator will remove a orphan glue records so they can’t be used to support malicious conduct.
1.1.3. Require support for DNSSEC: registry operator will implement Domain Name System Security Extensions (DNSSEC) to sign its TLD zone files and accept public-key material from child domain names in a secure manner; providing the ability to authenticate the data published in the DNS.
1.1.4. Require publication of registry abuse contact information: registry operator will provide its accurate contact details including a valid email and mailing address as well as a primary contact for handling inquiries related to malicious conduct in the TLD.
1.1.5. Require the parties to periodically negotiate in good faith regarding implementation of new escrow, Whois and technical specifications: registry operator and ICANN agree to engage in good faith negotiations, at least once every eighteen months, regarding possible implementation of new RFCs related to Data Escrow, Whois, and other Technical and Functional Specifications.
1.1.6. Require compliance with IDNA and IDN guidelines: registry operator will comply with the latest technical standards regarding Internationalized Domain Names, follow the ICANN IDN implementation guidelines, and publish its IDN tables with IANA.
1.1.7. Allow ICANN to use multiple monitoring locations for DNS and to monitor TCP queries: allows ICANN to implement a new Service Level Agreement monitoring system (also to be used for new gTLDs) to monitor DNS service from registry operator.
1.2. Whois: added a provision (in Appendix 5) requiring adoption of a replacement of the WHOIS protocol, if and when it is standardized in the IETF. It is expected that this new protocol will support internationalized domain names and data, standardized query, response, and error handling, etc.
1.3. Monthly Reports Specification: revised monthly report format (Appendix 4) to include more data.
1.4. Audit: added provision giving ICANN broad contractual audit rights to facilitate contractual compliance efforts.
Changes to Align with Other Large Registry Agreements
2.1. Service Level Agreement: enhance performance specification, comparable to the performance specifications required in the .net registry agreement
2.2. Threats to Security and Stability: added new provision that would allow the registry operator to temporarily prevent the registration of one or more names in the TLD in order to respond to an imminent threat to the security and/or stability of the TLD or the Internet.
2.3. Use of Traffic Data: clarified that the use of traffic data would be limited to “thin” registry model data even if registry were to follow the “thick” registry model.
2.4. Prohibition on Universal Wildcard Functions: clarification that prohibition on “SiteFinder” or other universal wildcard functions does not prohibit provision of name service or any other non-registry service for a domain or zone used for other than registration services.
2.5. Indemnification of ICANN: added broad indemnification rights in favor of ICANN.
Other Changes
3.1. Registry Fees: replaced lump sum quarterly fee with a fee based on $0.25 per transaction in the TLD. This is a substantial increase in Verisign’s contribution.
3.2. Cooperation with Compliance Actions Against Registrars: added a provision requiring the registry operator to implement ICANN ordered registrar suspensions to facilitate ICANN’s contractual compliance efforts.
3.3. Price Caps: no substantive changes to price cap and price increase provision; agreement updated to reflect the current fee cap of $7.85.
Update 3: Now the State Department is quoted as saying it will issue aformal "demarche" to the Chinese government. From the Register:
"We will be issuing a formal demarche to the Chinese government in Beijing on this issue in the coming days, probably early next week," US State Department spokesman P.J. Crowley told reporters Friday. "It will express our concern for this incident and request information from China as to an explanation of how it happened and what they plan to do about it."
The top American official in China says the U.S. government will stay out of negotiations between Internet giant Google and the Chinese government. At the same time, though, he stressed that the issue of Internet freedom is related to free speech, which is a core American value. …
He said the U.S. government sees the American company’s negotiations with China as a business matter and therefore will not get involved.
Update:
According to multiple sources, the attacks exploited a new security hole in Microsoft’s Internet Explorer. Microsoft is working with Google and other partners o patch the hole. The attackers called the attacks "Operation Aurora", according to McAfee.
Original Artilcle: There has been a lot of confusion and mixed reporting going on around this whole Google China situation. Verisign, whose iDefense team who has researched the attacks took note of this and put up a blog post trying to clear the air. Read that to get a clear summarization of what the firm knows. Within that, Verisign says:
The attack bears significant resemblance to a July 2009 attack in which attackers launched targeted e-mail campaigns against approximately 100 IT-focused companies. The July attack employed a PDF file that exploited a zero-day vulnerability in Adobe Reader. The malware associated with the summer attacks communicated with Command & Control Servers configured similarly to the Command and Control Servers involved in the Google attacks. In fact, the C&C servers from the Google attacks are within the same subnet and six IP addresses apart from the Command and Control server addresses in the summer attacks.
Considering the similarity of the two attacks, it is likely that the summer attacks and the Google attacks originate from the same actor and that the organizations targeted in the Silicon Valley attacks have been compromised since July. It is not much of a stretch to speculate (This is the speculation part) that both attacks leveraged an Adobe vulnerability although that has not been confirmed and Google is not talking.
According to reports, iDefense declares that the Chinese govenrment was behind the effort, which explains Google’s actions, and the involvement of Secretary of State Hillary Clinton, who said:
We have been briefed by Google on these allegations, which raise very serious concerns and questions. We look to the Chinese government for an explanation. The ability to operate with confidence in cyberspace is critical in a modern society and economy. I will be giving an address next week on the centrality of internet freedom in the 21st century, and we will have further comment on this matter as the facts become clear.
"The Chinese government administers the Internet according to law and we have explicit stipulations over what content can be spread on the Internet," Foreign Ministry spokeswoman Jiang Yu said at a regular briefing in Beijing today. Chinese law prohibits hacking and other forms of online attacks, she said, declining to say whether that law also applies to state agencies.
…
"Effective guidance of public opinion on the Internet is an important way of protecting the security of online information," Wang Chen, director of the State Council Information Office, said in a question-and-answer session with reporters, a transcript of which was posted on the office’s Web site today.
Google.cn is still accessible (at least from here in the U.S.), and it is no longer censoring search results. Among the other companies affected by the attacks were Yahoo and Adobe.
