news US telco gets $3 million fine for forgetting to renew domain name

[Kate]

Telco forgot to renew its web domain, broke deaf folks' video calls – now gets a $3m paddlin'

Sorenson dinged after cockup blocked emergency calls

A US telco will cough up $3m after a web domain screwup caused it to drop potentially emergency and other essential video calls from deaf and hearing-impaired people.

Sorenson Communications in Utah will pay America's comms watchdog, the FCC, a $252,000 fine as a result of the blunder. It will also reimburse $2.7m to the regulator.

Sorenson's video relay service (VRS) is used by deaf and hearing-impaired Americans to place calls through an operator via sign language or captioning. The biz receives money through the FCC's Telecommunications Relay Services (TRS) fund to operate the VRS as an essential communications service for emergency calls.

According to the FCC, on June 6, 2016, Sorenson suffered a three-day outage that began when it forgot to renew its domain name registration. When the domain was deactivated, customers were unable to connect to the VRS to make calls, cutting them off from emergency numbers and running afoul of FCC availability requirements for essential phone service.
...

Source: http://www.theregister.co.uk/2017/09/29/sorenson_fined_3m_outage/

 

[BostonDomainer]

speechless

 

[WhoaDomain.com]

I see you used "telco" in your title. always wondered if

"telcom" is a generally accepted word or is it always "telecom"? only reason I asked is because you used "telco" in your title. thanks.

 

[Kate]

Actually telco stands for telephone company.

I digged the case a little bit.
The settlement is published here: http://transition.fcc.gov/Daily_Releases/Daily_Business/2017/db0929/DA-17-941A1.pdf
Excerpt:

5. Sorenson.com is a domain name Sorenson uses to provide access to SVRS. On the morning of June 6, 2016, Sorenson experienced a VRS Service Interruption that resulted from a preventable, internal operational failure.
10 This failure led the domain registration for Sorenson.com to expire and be deactivated. After the deactivation occurred and before Sorenson could correct the situation, some Internet Service Providers (ISPs) updated their records to reflect that the domain was expired. If a user’s ISP updated its records while the domain was shown as expired, that user could not make or receive calls routed through Sorenson.com — including VRS, 911, Dial-Around, and Point-to-Point calls — during at least part of the outage.
6. Upon discovery of the VRS Service Interruption, Sorenson took immediate steps to correct the problem and notify callers. Once the domain name was reactivated, each caller’s ISP had to take certain steps to ensure that calls were routed through Sorenson.com. To expedite this process, Sorenson reached out to multiple large ISPs, such as Verizon and Comcast, and posted information about the VRS Service Interruption on its website and social media outlets. The VRS Service Interruption continued for some callers through the morning of June 8, 2016.

So we can see that in spite of their swift reaction, restoring full service took 3 days due to caching and latency in the DNS.

Now a lengthy but useful technical discussion.

Just for kicks I had a look at their DNS configuration. Here it is:

dig -t ns Sorenson.com

; <<>> DiG 9.11.2 <<>> -t ns Sorenson.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41055
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;Sorenson.com.            IN    NS

;; ANSWER SECTION:
Sorenson.com.        300    IN    NS    glb2.Sorenson.com.
Sorenson.com.        300    IN    NS    glb3.Sorenson.com.
Sorenson.com.        300    IN    NS    glb1.Sorenson.com.
Sorenson.com.        300    IN    NS    glb4.Sorenson.com.

4 name servers. Nice but...

dig -t a +short glb2.Sorenson.com.
65.37.253.207
dig -t a +short glb1.Sorenson.com.
65.37.253.207
dig -t a +short glb3.Sorenson.com.
65.37.253.208
dig -t a +short glb4.Sorenson.com.
209.169.244.207

In fact 2 NS are pointing to the same IP address (no redundancy here), and the third is on the same subnet.
So you actually have 3 NS here, not 4. I wonder who configured the DNS ?
No IPv6 addresses are defined.

Sorenson.com proper resolves to only one IPv4 address:

dig -t a +short Sorenson.com.
209.169.238.143

No IPv6 address defined.
So we have a single point of failure here. If that IP address/route is unavailable (or simply DDOSed), there is no fallback.
At least one good point: some of their IP addresses are advertised across 2 different autonomous systems (AS7018, AS11133).
Plenty of sites have an inferior setup actually, but for a critical service this is not redundant enough.

And if you think this is an isolated case, think again. Stuff like that happens on a regular basis, even with prominent domain names.
15 Fortune 100 companies have domains that expire this year

 

[Charles Carreon]

Great work illuminating the technology behind this.

What occurs to me, as we deal with Extreme Weather events, communication becomes ever more important. Islands in particular, like Puerto Rico, are very vulnerable to loss of communication, and with loss of communication, loss of life follows inevitably.

The one thing I wonder about in this situation, is why the wrist-slap fine? A quarter-million fine? The rest of the "fine" is just what it cost to get them to admit wrongdoing. Regulatory capture at work again.

 

[Dealhopp]

Great work illuminating Technology Behind this

 

[Md. Imon Hossain]

$3 million I always renew my domain 1 month before expired date.

 

[drakeholm]

businesses are still media savvy first cultivating their big picture profile. Drilling down into the specific details is for the peons.

 

[drakeholm]

co

Actually telco stands for telephone company.

I digged the case a little bit.
The settlement is published here: http://transition.fcc.gov/Daily_Releases/Daily_Business/2017/db0929/DA-17-941A1.pdf
Excerpt:

So we can see that in spite of their swift reaction, restoring full service took 3 days due to caching and latency in the DNS.

Now a lengthy but useful technical discussion.

Just for kicks I had a look at their DNS configuration. Here it is:

dig -t ns Sorenson.com

; <<>> DiG 9.11.2 <<>> -t ns Sorenson.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41055
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;Sorenson.com.            IN    NS

;; ANSWER SECTION:
Sorenson.com.        300    IN    NS    glb2.Sorenson.com.
Sorenson.com.        300    IN    NS    glb3.Sorenson.com.
Sorenson.com.        300    IN    NS    glb1.Sorenson.com.
Sorenson.com.        300    IN    NS    glb4.Sorenson.com.

4 name servers. Nice but...

dig -t a +short glb2.Sorenson.com.
65.37.253.207
dig -t a +short glb1.Sorenson.com.
65.37.253.207
dig -t a +short glb3.Sorenson.com.
65.37.253.208
dig -t a +short glb4.Sorenson.com.
209.169.244.207

In fact 2 NS are pointing to the same IP address (no redundancy here), and the third is on the same subnet.
So you actually have 3 NS here, not 4. I wonder who configured the DNS ?
No IPv6 addresses are defined.

Sorenson.com proper resolves to only one IPv4 address:

dig -t a +short Sorenson.com.
209.169.238.143

No IPv6 address defined.
So we have a single point of failure here. If that IP address/route is unavailable (or simply DDOSed), there is no fallback.
At least one good point: some of their IP addresses are advertised across 2 different autonomous systems (AS7018, AS11133).
Plenty of sites have an inferior setup actually, but for a critical service this is not redundant enough.

And if you think this is an isolated case, think again. Stuff like that happens on a regular basis, even with prominent domain names.
15 Fortune 100 companies have domains that expire this year

coke.com , Lockheed martin and FedEx were the big shockers for me. What, no I.T. czars at those companies?

 

[HotKey]

I see you used "telco" in your title. always wondered if

"telcom" is a generally accepted word or is it always "telecom"? only reason I asked is because you used "telco" in your title. thanks.

There is no telcom.
Telco refers to a telephone company.
Telecom refers to the telecommunications industry.

I find it ironic, a communication company screwing up their communications medium.