Now, I'm the first to say that a massive Domain Name behemoth like Register.com should be well-prepared to hold up against even a large-scale DDoS so I think it's only fair to ask those folks to be forthright and honest with the customers about what happened, how it happened, and what they are doing to build more resiliency into their infrastructure. I realize that there are some proprietary company secrets in there they would rather not disclose publicly but in the name of transparency and positive PR they should make a best-effort and really push for openness.
My personal feelings here, as a customer of theirs affected by this outage, is that something should have been done to make sure I was at least getting minimal service during this massive outage. While you can't control things like a DDoS we know after years of research that there are technologies that can aide in holding back the flood-waters of a DDoS and at least let some transactions function.
As this article clearly points out there are at least two different ways that such an outage can be handled in the PR arena... both of them were terrible. Denial is not good because customers and analysts can see right through it - quite obviously; and radio silence (a la no information) is just as bad... I've been urging the Register.com folks (Nick Dellis posted a comment previously on this blog) to come clean and give us at least some information on what took place. I'm not asking for every intimate detail, I just want to know what/how/why and why it won't happen again... as a paying customer I feel that is my right.
So to the Register.com folks, I'm posing this request, please reply either privately or publicly to this blog with the following information...
- Please explain to us with as many technical details as you are able WHAT happened
- Please provide the scope, length and nature of the attack
- Please tell us what Register.com is doing to make their service resilient against this type of attack going forward
There are a lot of DNS services out there, and quite honestly I don't think silence is an acceptable response. If Register.com doesn't feel the need to share some of this information... I don't feel I want to continue as a customer - it's only fair. I'm fairly sure I won't be alone in that regard.