back to article Dell forgot to renew PC data recovery domain, so a squatter bought it

Dell forgot to re-register a domain name that many PCs it has sold use to do fresh installs of their operating systems. The act of omission was spotted by a third-party who stands accused of using it to spread malware. The domain in question is www.dellbackupandrecoverycloudstorage.com, which offers anodyne information about …

  1. redpawn

    It's in the Cloud

    so who cares where the data goes or comes from. Just be impressed Dell uses the word cloud. It proves they are on top of things and up to date-ish.

  2. Anonymous Coward
    Anonymous Coward

    Why do companies register entirely new domains for crud like this rather than using a subdomain - what would've been wrong with backupandrecoverycloudstorage.dell.com? Presumably they'd put more effort into ensuring dell.com remained live. There's something like this comes up at least once a year!

    1. Paul Hargreaves

      > Why

      Credit card? 20 seconds. Filling in online request forms to IT, then back-and-forward with managers/directors to get permission? Much longer.

      And this is how shadow IT was born. Because of these sorts of tensions. You'll have one business team who go 'I just need x' and an IT team who have to try to keep everything stable and working...

      1. Roland6 Silver badge

        >And this is how shadow IT was born.

        And how Microsoft grew so rapidly in the 80's and early 90's, which in turn changed the role of IT departments...

        Nothing wrong with working in the shadows, just you need to be able to manage the successful (skunk works) projects into primetime IT systems...

        1. nijam Silver badge

          > Nothing wrong with working in the shadows

          Much better than trying to work with the black hole of IT, in my experience.

    2. Anonymous Coward Silver badge
      Paris Hilton

      Why? It's very simple really... they don't have a clue how things work.

      If they involved the IT people in the decision making process, it'd be a lot smoother. Unfortunately IT people are there to be told what to do, not the other way around.

      1. Hollerithevo

        They do have a clue

        See original comment: IT usually say 'no' or take so long that one loses the will to live.

        1. 404

          Re: They do have a clue

          'loses the will to live'... I'm with you there brother, except it's client-side in my case.

        2. foxyshadis

          Re: They do have a clue

          If IT says "no" to supporting a piece of software that the business bundles, you have much bigger problems. I can't believe Michael Dell wouldn't just summarily fire anyone who would flat out refuse to support a legit business need.

          Some manager in the chain probably got a bonus from giving the support contract to a third-party and saving Dell from having to hire or buy anything, though.

    3. Anonymous Coward
      Anonymous Coward

      'Why do companies register entirely new domains for crud like this'

      Ask us next year after www.equifaxsecurity2017.com....

      1. Anonymous Coward
        Anonymous Coward

        Re: 'Why do companies register entirely new domains for crud like this'

        Shirley you mean www.equifaxsecurity[n+1].com?

    4. Stuart Castle Silver badge

      Re: "Why do companies register entirely new domains for crud like this rather than using a subdomain "

      I agree, but I suspect the reason is that it was easier for the Application Developer to request a new domain, and purchase it directly rather than go through the sys admin who has access to create subdomains on dell.com, and explain why he needed a subdomain.

    5. aks

      "Krebs On Security reports that the domain is administered by a third party, which forgot to re-register it in June 2017."

      Whether Dell should have outsourced this task seems to be the real issue.

      They will certainly have words to say to the third party.

  3. Anonymous Coward
    Facepalm

    Here we go again...

    Yet another company which is way more busy doing "important stuff" than looking after their customers. But, uhm, who do you think brings in your paychecks?

    1. Pascal Monett Silver badge
      Flame

      That is the whole problem - they don't think.

      Management these days is not able to manage, it is just there to give orders and take paychecks.

      True management would have a clue about what is going on, what needs to be done and a plan to get it done that is written on something other than a paper napkin.

      1. Roland6 Silver badge

        ...and a plan to get it done that is written on something other than a paper napkin.

        Up vote for the reference to "The Back of the Napkin" and the management school of thought arising from not reading the book and relying on materials developed by management consultants who also haven't read the book..

        1. zebthecat

          The Back of the Napkin

          Fuck the napkin!

          1. Stoneshop
            Coat

            Re: The Back of the Napkin

            Fuck the napkin!

            It's more commonly used afterwards, but to each their own.

        2. Doctor Syntax Silver badge

          "the management school of thought arising from not reading the book"

          ISTM that reading the book instead of thinking is the problem.

  4. Spinux

    How do domain names expire?

    How is it possible to let a domain name expire (unnoticed). I administer a lot of domain names for customers and they NEVER expire. They are automatically renewed (for .com domains I receive a notification of renewal) and I have to actively terminate them. This is the second time this week I read about this:

    https://www.theregister.co.uk/2017/10/20/ibm_failed_to_renew_three_domain_names/

    Curious

    1. Anonymous Coward
      Anonymous Coward

      Re: How do domain names expire?

      The corporate credit card the account is tied to passes its expiry date, at a guess.

      1. Wolfclaw

        Re: How do domain names expire?

        or the contact has been retired by Dell HR one way or another and nobody bothered to update ?

    2. Nick Kew
      Facepalm

      Re: How do domain names expire?

      It's happened to me.

      Domain is on auto-renew. All is well for many years, you forget all about it. Then your once-competent-and-reliable provider stops its secondary DNS and domain registration service. Whoops!

    3. rmason

      Re: How do domain names expire?

      It happens all the time (I worked for years at an MSP looking after SMEs and several very large UK businesses).

      It is almost always one or another or both of these things:

      1 - company credit card used to buy the domain has expired that year

      2 - Person who registered the domain has left or been fired and reminder notices goto their email address.

      1. Version 1.0 Silver badge

        Re: How do domain names expire?

        Person who registered the domain has left or been fired and reminder notices goto their email address.

        Why does this keep happening? There is no way that anyone with half a working brain cell uses a personal email address for significant notifications - you never use john.blogs@bigcompany.com for this - it should always go to domains@bigcompany.com which is aliased at the main server to whoever's employed to handle it.

        Further evidence (if any was needed) that Dell is asleep at the wheel again ... or maybe just texting while admin'ing.

        1. nijam Silver badge

          Re: How do domain names expire?

          > ...it should always go to domains@bigcompany.com..

          ...which simply redirects to "guy.who.left.recently@bigcompany.com" and hasn't been updated because "mailnamelist@bigcompany.com" redirects to "another.guy.who.just.left@bigcompany.com".

          Obviously.

          1. Aodhhan

            Re: How do domain names expire?

            Not a security person eh?

            You don't register everything under the same domain, it's a security failure waiting to happen.

            Then there is the difference between internal and external production systems and their protections.

            On top of a company which likely has more than 10,000 individual internal servers and likely just as many if not more external facing systems.

            If you have ever worked for a large corporation, the amount of internal VLANs alone can become confusing, let alone adding a bunch of external facing domains which all have to have their own protected databases.

            Then just think of any one of these having a vulnerability allowing access to active directory or DNS or Web services.

            You want to alias everything? This isn't just a DNS nightmare, its a web server nightmare attempting to port and forward everything. If you think troubleshooting one web system is a horror show, try having to troubleshoot 3000+ on the same domain. It would be stupid.

            I can go on and on, but you get the picture.

            There is also cost. The amount for a wildcard certificate to cover an entire domain is ridiculous, when you can get by with 10-20 individual certs. There is also a security issue with this as well, but why continue to explain.

            C'mon; most of you are smart enough to figure this out. Just think through it for 10 minutes instead of spewing out silly things.

        2. Doctor Syntax Silver badge

          Re: How do domain names expire?

          "it should always go to domains@bigcompany.com which is aliased at the main server to whoever's employed to handle it."

          1. Assumes that company policy allows names to be set up in this way.

          2. Assumes someone is (still) employed to handle it.

          BigCos, especially BigCos intent on becoming LittleCos (tto many of them these days) can be their own worst enemies.

    4. Oneman2Many

      Re: How do domain names expire?

      Obviously never worked for a mega-corp. The 'official' process where the names are monitored are usually a PITA to use so a lot of names are registered at department level using company credit card. Then the person leaves or the card expires and the names which by then have become critical expire. Happens all the time.

      1. Roland6 Silver badge

        Re: How do domain names expire?

        Also happens a lot in small businesses.

        With MS SMB Server editions (the ones that bundled Exchange) you were effectively limited to 25 user accounts/mailboxes because of the way things had been integrated. So I often came across companies that did have generic mailboxes such as Accounts@, IT@ mailboxes using personal mailboxes.

        I'ver seen the same recently with cloud services where people object to paying the additional subscription for another mailbox, spam filter user etc.

        The fun and games start when they discover a security breech (typically via an old or little used account for which they forgot to disable login on), among the actions typically taken to clean up the mess is to delete the account, resulting (with one client) in nearly all the third-party IT admin accounts (Microsoft, Dell, ISP etc. becoming locked as the responsible IT person had got into the habit of forgetting passwords and thus relying on the reset your password email...

    5. anthonyhegedus Silver badge

      Re: How do domain names expire?

      Presumably that's because you MANAGE stuff, whereas the manager at Dell in charge of domains either doesn't exist or doesn't manage.

    6. Anonymous Coward
      Anonymous Coward

      Re: How do domain names expire?

      In the olden days NOMINET would send you a domain registration certificate in the mail

  5. m0rt

    "Dell confirmed it lost control of the domain to The Register"

    Sooo - you admit it was you guys?

    1. VinceH
      Pint

      Grr! You beat me to it! :(

  6. adam payne

    Domains expiring, what about auto renew and expiry notifications?

    'The site is also used by an app called the “Dell Backup and Recovery Application”, a program bundled with Dell PCs and which the company bills as “a safe, simple, and reliable backup and recovery solution that can protect your system (OS, applications, drivers, settings) and data (music, photos, videos, documents, and other important files) from data loss.'

    Would you trust Dell to backup your important data if they can't even do something as simple as renew a domain? Thought not.

    1. rmason

      @adam payne

      If you'll only deal with companies that have never had some sort of domain or website related issue, you'll find yourself struggling to buy many, many things. Sad but true.

  7. VinceH

    www.dellbackupandrecoverycloudstorage.com

    TBH, if I saw that domain name I'd automatically assume it was something dodgy.

    1. Roland6 Silver badge

      It seems Dell has regained some level of control, as the URL is now automatically being redirected to http://www.dell.com/en-us/work/shop/cty/sf/data-protection

  8. Anonymous Coward
    Anonymous Coward

    Talk about opportunity lost...

    Here was the chance to have malware slip-streamed in with a reinstall...

    I think root access just got a new level.

  9. anthonyhegedus Silver badge

    Mind you, anybody trying to download a factory reset image from Dell would have had a lucky escape, not being able to download Dell's annoying bloatware crap.

  10. nijam Silver badge

    >...Dell confirmed it lost control of the domain to The Register...

    Surely not! Perhaps you mean "...Dell confirmed to The Register ..." But well done if your original phrasing was more appropriate.

  11. David Nash Silver badge

    Dell forgot?

    The article said it was a third-party that failed to renew the domain, so although the buck stops with Dell, it wasn't really Dell's error except in failing to ensure their chosen third-party had procedures to avoid this.

  12. AJ MacLeod

    I now feel even more justified in automatically removing the Dell backup and recovery software from every PC I deal with... who'd want to reinstall a Dell factory image anyway? It's quicker to deal with missing drivers etc on a bare Windows install than to sit and uninstall 20,000 pointless bits of bloatware (and 7 different versions of MS Office in foreign languages.)

    1. CAPS LOCK

      "It's quicker to deal with missing drivers etc on a bare Windows install ..."

      I thought activation keys were OEM image specific? No? Enquiring minds need to know...

      1. AJ MacLeod

        @CAPS LOCK

        If you mean Windows 10 then the licence is tied to the device (embedded in BIOS/EFI); if the machine has ever had Windows 10 installed then it will automatically activate if you install the same version (i.e. Home/Pro), it doesn't have to be from the OEM image and it doesn't have to be the same release of Windows 10 as was previously installed.

        For Windows 7 you will mostly need to go through activation by phone carry on if you install from standard install media but it'll almost always be successful.

        1. Solmyr ibn Wali Barad

          Re: @CAPS LOCK

          If you use OEM master product key (not the key on the sticker) then you don't have to use phone activation at all. You can activate it with slmgr.vbs -ipk command. Provided that you have suitable SLIC key in the BIOS.

          That's how Dell preload works, one W7Pro64 product key is used for all Dell machines that have W7Pro64 SLIC in them. Key itself is not secret, they are in a text file somewhere on the preload disk.

          1. 404

            @Solmyr

            Nice.

            1. Solmyr ibn Wali Barad

              @404

              You're welcome.

              One more tip: Windows Loader 2.2.2 by Daz. It has a large collection of those OEM product keys and can activate them with a click. If there's a valid SLIC, then it'll be legal too.

      2. redpawn

        Re: "It's quicker to deal with missing drivers etc on a bare Windows install ..."

        My Dell here has a fresh flash drive and a stock image of Windows. You can download the Windows image from MS. Then choose your drivers from Dell by hand if something does not work right. The licence is baked into the replacement for BIOS whatever it is called these days.

  13. Kiwi
    WTF?

    WTF?

    The program also helps Dell PC owners who want to do a factory reset.

    What the hell happened to the recovery disk/partition, that was completely independent of any network connection?

    1. Solmyr ibn Wali Barad

      Re: WTF?

      Haven't played with latest Dell machines, but previous gen could be reinstalled offline, cloud connection was optional.

    2. chris street

      Re: WTF?

      Because cloud..

      Cloud is sexy cloud is shiny cloud is what people do now instead of that terribly old fashioned and appallingly stoneaged recovery partition.

      I mean, why break something that was perfectly good like that partition?

      Mind you - whatever happened to recovery DVD's..... remember them?

      1. Kiwi
        Pint

        Re: WTF?

        Cloud is sexy cloud is shiny cloud is what people do now instead of that terribly old fashioned and appallingly stoneaged recovery partition.

        Well, they must still have a recovery partition of some sort - how else do they load enough network stuff to get the recovery working? I hope they don't have too many customers with a link like mine - slow and sometimes quite expensive :(

        Mind you - whatever happened to recovery DVD's..... remember them?

        Seeing my nephew take a much favoured disk and place it face-down on the carpet in between games ended my liking of that media PDQ :)

  14. Bob.

    40 years of Home and SME computing (Commodore Pet and Apple II) and 'we', most of the General Public and hardware manufacturers still can't get Backup 101 straight in our brains.

    The Public are excused, to some extent, but Hardware manufacturers are not.

    Fortunately, our saviours started Software companies dedicated to solving the problem.

    Macrium, Easeus, Acronis etc

    Find them. Learn them. Use them.

  15. rmstock

    refurbished hardware

    If you go to a PC and Laptop stores these days, the sales people put a truckload of refurbished laptops on display without any display of shame on their faces, with prices only slightly less than 100 bucks below brand-new laptop editions. The real reason behind this seems to have been that with the start of Windows 7 and above, built-in back-doors for national security were demanded by the NSA which in part were also implemented in hardware. In addition in the opensource kernel developers scene several strange things could be observed, like the inserting of kernel patches enabling entire backdoor suites inside the Linux kernel, where at the same time strangely enough inside major Linux distributions, like Ubuntu, openssl packages were lacking support for SSLv3 in contradiction with OpenBSD and FreeBSD. To play it safe I then would routinely install older editions of popular Linux distro's, which of course require older hardware. In turn the refurbished marketplace was given a significant boost. Then again, Why would someone NOT purchase a refurbished laptop which can run Windows 7 ?

    --

    Robert M. Stockmann - RHCE

    Network Engineer - UNIX/Linux Specialist

    crashrecovery.org stock@stokkie.net

  16. Tigra 07
    Facepalm

    That's a big bloody name...

    "www.dellbackupandrecoverycloudstorage.com"

    Jeez, what was their first choice?:

    www.dellbackupandrecoverycloudstoragewebsiteforwhenyourcomputer goestitsupandyouneedtoredownloadeverythingtofixit.com

    What's wrong with www.dell.com/recovery ?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like