Slashdot Mirror

← Back to Stories (view on slashdot.org)

Sony Forgets To Pay For Domain, Hilarity Ensues

Posted by samzenpus on from the turning-the-lights-back-on dept.

First time accepted submitter Dragoness Eclectic writes Early Tuesday, gamers woke up to find out that they couldn't log in to any Sony Online Entertainment games--no Everquest, no Planetside 2, none of them. Oddly, the forums where company reps might have posted some explanation weren't reachable, either. A bit of journalistic investigation by EQ2Wire came across the explanation: SOE forgot to renew the domain registration on SonyOnline.net, the hidden domain that holds all their nameservers. After 7 weeks of non-payment post-expiration, NetworkSolutions reclaimed the domain, sending all access to Sony's games into an internet black hole. Sony has since paid up. SOE's president, John Smedley, has admitted that the expiration notices were being sent to an "unread email" address.

34 of 277 comments (clear)

  1. Black hole? by djupedal · · Score: 4, Interesting

    Hole in someone's head, maybe - after all, a simple spreadsheet to track something this basic or a reminder in a calendar with alerts with someone assigned to keep an eye on things would take care of things like this. They're lucky it wasn't held hostage...

    1. Re:Black hole? by Anonymous Coward · · Score: 4, Insightful

      You want to assign someone to keep an eye on things that can be fully automated? Is your hair pointy?

    2. Re:Black hole? by lgw · · Score: 4, Insightful

      Same thing happened to Turbine a couple years back: DDO, LotR, etc all down for exactly the same reason. You wouldn't think this would be that hard to get right, but chances are no one in dev at either company survived from the early days to when the problem happened, so the tribal knowledge was lost.

      --
      Socialism: a lie told by totalitarians and believed by fools.
    3. Re:Black hole? by geekoid · · Score: 5, Insightful

      " simple spreadsheet to track something"
      that is the bane of corporations. Important info sitting in a spreadsheet, somewhere.

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
    4. Re:Black hole? by Anonymous Coward · · Score: 3, Insightful

      When I fire someone, I redirect their email to their supervisor. It's right there in their employment contracts that their work email address and any correspondence are the property of the company (as if that wasn't obvious, but CYA applies). For things like this we have title addresses like dnsadmin@example.com, noc@example.com etc. which are broadcast to several staff responsible for the management of such affairs.

      Also payments such as these are lodged in our recurring expenses ledger and paid by accounts payable. You can't incur recurring expenses here without making a ledger entry as the account would not get paid thus the domain name would never have been registered. I guess if you were a total dick you could try and sneak a recurring expense invoice past AP as an NRE, though I kind of hope our AP people are clueful enough to catch shenanigans of that sort.

    5. Re:Black hole? by theskipper · · Score: 4, Informative

      There's no law per se, but there is a recent ICANN requirement called "Whois Accuracy Data Specification". It requires registrars to contact the registrant and click an emailed link as validation that their whois info is correct. The domain can be suspended if the validation isn't done within 15 days.

      The intent is good but the implementation is pretty mindboggling. They're expecting every owner of a domain name to check that the email sent to them is not a phishing attempt...how that's supposed to work reliably is anyone's guess.

      So, yeah, owners are supposed to verify to the registrars that the info is accurate which you could say is "ICANN's law". But not legally. Here's one of many articles that goes deeper into the issue:

      http://blog.easydns.org/2014/0...

    6. Re:Black hole? by raftpeople · · Score: 4, Funny

      Good point, I better print the email reminder and place that in the three ring binder that sits behind my desk.

    7. Re:Black hole? by Qzukk · · Score: 3, Funny

      This is apparently my president's nightmare because he will call me at midnight and ask me when our domains and SSL certs expire.

      --
      If I have been able to see further than others, it is because I bought a pair of binoculars.
    8. Re:Black hole? by LordKronos · · Score: 3, Informative

      Actually, 10 years is the max registration. And that's exactly what I do. Throwaway domains that I'm experimenting with might only get a year or 2, but once anything becomes important to my business, it gets renewed for 10 years. The same is true for my personal domain. And every couple years I go through and bump it back up to the max. I'd literally have to go 10 years without remembering to renew a domain before one would expire. I can't see why any business would do otherwise.

    9. Re: Black hole? by pla · · Score: 3, Informative

      here's the law. you want me to do any of your other homework for you?

      Not the GP, but yeah, I do - Can you explain what an anti-domainsquatting law that specifically deals with trademarks and identity theft, and absolutely nothing to do with simply giving fake info to a registrar, has to do with your original claim that giving ACCURATE contact info counts as US law?

      Now, ICANN can enforce its policies on the registrars themselves, simply by virtue of the fact that a registrar requires ICANN's continued blessing to operate. But the only recourse they have about (non-identity-stealing) fake registration info comes down to taking the domain away from you. For someone like Sony, that might look like an end-of-the-world scenario. For someone who just wants a named place to stick stuff online for my own personal use? Meh, worst case, I've lost $10-$15 and I have to wait three days for a new domain to propagate (and not always even out the money - Much to my surprise, I actually had GoDaddy refund me when I flatly refused to send them a photocopy of my license, three months into a registration).

    10. Re:Black hole? by Nevo · · Score: 3, Interesting

      Yes, somebody should absolutely be assigned responsibility to keep up with things like this. Because when no one's assigned the responsibility, well, then you get things like domains expiring.

    11. Re:Black hole? by TitusGroan8856 · · Score: 4, Insightful

      have you heard of automated systems breaking? this is why someone should be assigned and responsible for it.

    12. Re:Black hole? by Antique+Geekmeister · · Score: 3, Interesting

      I'm afraid that the current "whois" practices were deliberately set up to allow plausibility deniability, to protect the domain owners from being actually reached by the spammers and numerous sales people or lawyers with cause to contact domain owners. The domain vendors benefit from this: they can follow the letter of the law, but not actually support contacting the domain owners to handle criminal or abuse behavior, and wait for days, weeks, or years while lawyers collect the evidence and chain of repeated contact failures before a court order can be obtained.

      In the meantime, they're collecting the registration fees, in bulk, for the relevant domain and all the related domain names. The current system is a critical revenue stream, which the domain and SSL key vendors have no need or desire to encumber by enforcing legitimate contact information.

    13. Re:Black hole? by DigiShaman · · Score: 4, Interesting

      I've fucked up and forgot when an SSL cert was about to expire. I found out the next morning when their iPhones could no longer access the Exchange server. Shit happens. This time I include SSL, Domain, and Server hardware warranty expiration notices scheduled way in advanced in my calendar as an event.

      --
      Life is not for the lazy.
    14. Re:Black hole? by ketomax · · Score: 4, Informative

      I bought mine for 10 no problems.

    15. Re:Black hole? by ArcadeNut · · Score: 4, Informative

      Network Solutions offers it:

      http://www.networksolutions.co...

      --
      Visit the Arcade Restoration Workshop @ http://www.arcaderestoration.com
    16. Re:Black hole? by cryogenix · · Score: 4, Insightful

      100 year registration is dirt cheap compared to what happened as a result of it expiring :)

    17. Re:Black hole? by cryogenix · · Score: 5, Insightful

      It wouldn't hurt to have a distribution group for this and then make yourself and others a member of the group, even if it's your boss. Best case scenario, he gets the alert and says, Bob, did you see the alert about... Already took care of it this morning. Good man.

  2. Re:ring ring by Zaelath · · Score: 4, Insightful

    I immediately thought this too, but you try ringing one of these corporations and see how far you get.

  3. 7 weeks? by MrLogic17 · · Score: 5, Insightful

    Wow, giving the company 7 weeks before Network Solutions took the site down? That's going way above & beyond. The average luser like me would be taken down the day of expiration.
     

  4. Black hole? by Bovius · · Score: 5, Insightful

    This sort of lapse has happened in every company I've worked in, big and small, when the person formerly responsible for this kind of thing leaves the company and someone else has to pick up their responsibilities. Sloppy, unorganized? You betcha. Also what I've come to expect.

  5. Re:ring ring by rudy_wayne · · Score: 3, Insightful

    you try ringing one of these corporations and see how far you get.

    Exactly. Unless you know someone or have some inside connections, it is virtually impossible to contact someone, who actually knows something, using publicly available information. And I'm sure that NetworkSolutions really doesn't want to spend time calling everyone who lets their registration lapse.

    The real problem is that Sony couldn't be arsed to register the domain names using a working e-mail address that actually goes to the person at Sony who is responsible for such a thing.

  6. Re:ring ring by perpenso · · Score: 4, Insightful

    ]The real problem is that Sony couldn't be arsed to register the domain names using a working e-mail address that actually goes to the person at Sony who is responsible for such a thing.

    Not quite, it should be a special purpose email like domain_registration@sony.com rather than an employee email. However the special purpose email should forward to those responsible, involved or overseeing the particular thing. The special purpose email should not be something that someone is supposed to log in to.

  7. An "unread email address"?? by Rone · · Score: 3, Insightful

    If the address was unread now, it must have been monitored originally.

    What are the chances that the original recipients were RIFed at some point to goose the quarterly numbers?

    1. Re:An "unread email address"?? by scsirob · · Score: 4, Funny

      Must have been "support@sony.com"

      --
      To Terminate, or not to Terminate, that's the question - SCSIROB
  8. Re:oops by Anonymous Coward · · Score: 3, Funny

    I want more DRM. It is so nice to see the things I paid for just stop working like that. DRM FTW!!!

  9. "Hilarity Ensues" by steelfood · · Score: 4, Insightful

    Hilarity Ensues

    You keep using that word. I do not think it means what you think it means.

    Now, if some domain squatter had taken over the name the moment the domain expired, that would be funny. Giving them 7 weeks is just ... well, sad.

    --
    "If a nation expects to be ignorant and free in a state of civilization, it expects what never was and never will be."
  10. Also human by Sycraft-fu · · Score: 4, Insightful

    Anyone on Slashdot who gets smugly superior about this and how "stupid companies are" is just being a hypocrite. We have ALL forgotten things in our lives. We've all forgotten an event we were supposed to be at, a bill we were supposed to pay, something we were supposed to bring with us. It happens.

    What's more, everyone has been in a situation where something didn't happen because they, and everyone else, assumed someone else was going to deal with it. You don't go and check on everything that ever happens around you or involving you, you mentally categorize things you are and are not responsible for and ignore the latter.

    So ya, companies, which are made up of people, can fuck up too. It's amusing, but perfectly normal.

    1. Re:Also human by Anonymous Coward · · Score: 4, Insightful

      Thats why you build in redundancies.

      Companies are STUPID because they've gotten hooked on the idea of "employee efficiency" to the point that employee efficiency is being negatively impacted. In the past, when a mistake was made, you could easily nail multiple employees simply because they were supposed to be watching/covering one another. If one (or more) screwed up, it meant the others weren't doing their job so they all got punished. It cost a lot more in payroll, but it made sure the job got done, on time, correctly (as far as procedures were concerned). Nowadays, GM can't even find ANYONE to pin the blame on for the ignition switch recalls.

      So yeah, companies can fuck up too. But when you can't even find someone within the company you can point to say "that person is the one who fucked up", what does that say about the company?

    2. Re:Also human by Opportunist · · Score: 3, Insightful

      This. A billion times this.

      Corporations are stupid for simply assuming that people are automatons. You come to work and do it flawlessly, always following the ISO 9001 standard. Yeah. Sure. And monkeys fly out of my butt.

      People are people and people are making mistakes. Always. Every single day. Anyone in security learns that VERY quickly. And he also learns quickly that you cannot trust humans to be flawless. Not because people are stupid but because people are NOT automatons and make mistakes. Yes, even (actually, especially) if doing the same job for ages. Show me a person who makes no mistakes and I show you a person who does no work!

      Security is FINALLY starting to get wise and build systems that are tolerant of human error. Let's see how long it takes 'til the rest of the system catches on.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    3. Re:Also human by Sockatume · · Score: 3, Insightful

      The whole point of having a corporation (or any other sort of team for that matter) is that you find ways to be less failure-prone than you are as individuals. You have to do this to offset the fact that a failure of the group affects every member - the cost is multiplied.

      --
      No kidding!!! What do you say at this point?
  11. As we suspected by HangingChad · · Score: 4, Funny

    SOE's president, John Smedley, has admitted that the expiration notices were being sent to an "unread email" address.

    The same one used for customer service inquiries.

    --
    That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
  12. Happens all the time... by RoloDMonkey · · Score: 4, Insightful

    I have been doing web work for a decade, and I can tell you this happens all the time. In fact, older employees in marketing have told me horror stories about 800 numbers and mailing addresses that were never set up, misprinted, or never updated.

    I always tell clients that they should set up emails that describe the job/function, like marketing@example.com and webmaster@example.com, and make sure that those emails go to a distribution list that goes to at least two people.

    You wouldn't believe how often critical accounts and webforms are only accessible with the email addresses of Sally the Secretary or William the Webmaster. When they leave, no one knows there is a problem, until it is a big problem.

    --
    Long live the Speaker Bracelet
    Rolo D. Monkey
  13. It's still not working!! by NotDrWho · · Score: 3, Funny

    I'm still not able to log on to Star Wars Galaxies.

    --
    SJW's don't eliminate discrimination. They just expropriate it for themselves.