Networks

Denic says the DNS blunder that brought most of Germany’s internet down on Tuesday evening is now resolved, and that websites should be operating normally after hours of disruption. The registry, which looks after Germany’s .de top-level domain, said the problems were first detected at 21:57 on April 5, but engineers rolled out fixes by 01:15. It said the issues were related to Domain Name System Security Extensions (DNSSEC), and that faulty DNSSEC signatures were distributed. At the time of writing, it is still working on understanding the root cause of how this error came to pass. Denic did not provide many details about the specific tech glitch behind the disruption. Some online commentators have suggested it was related to a zone signing key rollover, although not everyone agrees, and this is not an official explanation. The registry promised to provide more details after its investigation concludes. As the issue was rooted in DNSSEC, only DNSSEC-signed domains were affected. According to ICANN, only 3.6 percent of .de domains are DNSSEC-signed, but this still represents hundreds of thousands of domains, given there are close to 18 million registered with the .de TLD. Downdetector’s German website shows thousands of outage reports made concerning major websites such as Amazon, DHL, Steam, Web.de, around the same times that Denic confirmed the problems. Anecdotal reports from the wider web indicate that the likes of eBay and mainstream news outlets were also unavailable. Enabling DNSSEC helps website owners tackle nuisances such as DNS spoofing by providing additional validation for DNS responses. Despite going mainstream in 2010, after DNS attacks really started picking up in 2008, DNSSEC uptake is generally low across the board. Less than 10 percent of most TLDs make use of the security extensions. There are a few outliers, including the Netherlands, Sweden, Czechia, and China, where uptake is more common, but DNSSEC is largely overlooked by most domains. The issues deterring website operators from making the switch include complexity, reduced web performance, and cases like Denic’s this week or New Zealand’s in 2023, whereby a website can be brought offline by a registry’s failure. ®

Delivers update aimed at reducing hardware bill shock

VMware has announced an update to its flagship Cloud Foundation (VCF) private cloud suite and tried to make it fit the times by adding features that allow users to run with less hardware.…

Vodafone has struck a deal to take full ownership of VodafoneThree, the mobile network formed from last year's merger of its British operations with Three, in a move designed to accelerate its UK ambitions. The £4.3 billion ($5.8 billion) agreement will see Vodafone Group buy out Three parent CK Hutchison Group's 49 percent minority stake, pending regulatory approval, in the second half of 2026. The move came sooner than most industry watchers expected as the merger only completed last June, and the original terms gave Vodafone the right to bid for CK Hutchison's stake after three years. Market intelligence firm Megabuyte values VodafoneThree at £13.85 billion under the deal, some £2.65 billion below the original £16.5 billion threshold. "CK Hutchison is taking a haircut in favor of early cash, but this benefits the broader group's strategy of exiting European assets," Megabuyte senior analyst Tom Oughton commented. Assuming the agreement is cleared, it will simplify the ownership structure of the business, Oughton added, though it is not expected to have any material effect on its strategy and operational plans. "Accelerating the ownership change is logical, with CK Hutchison deeming the UK non-core and full ownership allowing Vodafone to accelerate its UK plans (which has now become a core market following several European disposals) and arguably taking advantage of a cheaper valuation." According to other market watchers, the move demonstrates the progress VodafoneThree has made in delivering on the network obligations attached to last year's merger approval. CCS Insight director for consumer and connectivity Kester Mann, said it "reinforces a wide-held industry view that the Vodafone brands will eventually prevail over the Three brands." PP Foresight founder and analyst Paolo Pescatore told The Register: "Integration is ahead of plan, network performance is improving, and customer service is being taken to a whole new level." "It should lead to better service for customers and the acceleration of new services, rather than requiring approval or having all stakeholders on board." The merger was originally driven by Vodafone and Three's shared struggle to compete as Britain's third and fourth-largest mobile operators against BT/EE and Virgin Media O2. Combining them reshaped the market into three dominant players. The tie-up has not been without controversy. Staff were told last October that UK roles may be offshored to India under new contracts with Ericsson and Nokia. Around the same time, Vodafone and Three announced mid-contract price hikes for customers, in defiance of guidance laid out by regulator Ofcom. But in this instance, it was following VMO2 and BT, which had also exploited a loophole in the rules that were intended to end unpredictable mid-contract increases. VodafoneThree CEO Max Taylor said today: "Vodafone's decision to take full ownership of VodafoneThree is a clear vote of confidence in our business, and the fast start we've made in creating one integrated team and delivering early benefits for our customers." The telco will host an investor event in the UK later this year to provide greater detail on its priorities and future growth ambitions. ®

CK Hutchison takes early cash as UK mobile tie-up moves ahead of schedule

Vodafone has struck a deal to take full ownership of VodafoneThree, the mobile network formed from last year's merger of its British operations with Three, in a move designed to accelerate its UK ambitions.…

FEATURE In an unassuming three-story office building in Cupertino, California, engineers from Amazon Web Services are busy trying to make networking inconspicuous. They work in windowless hardware development labs at the center of the structure, surrounded by a ring of office cubicles that afford a view of scarce parking spaces and perimeter tree cover. Their latest project, which The Register and several other publications agreed not to discuss in advance of the pending official announcement, may get some attention. But their networking ambition differs from the promotional goals of the AWS communications team. A network should be like a light switch, said Matt Rehder, VP of global network engineering at AWS, during a tour of AWS's Torre Avenue lab in late April. It should be something that just works. "No one really cares about the network at the end of the day," he said. "It serves a function. You care about it when it's broken. But otherwise you want it to be out of your way. So that's been our mental model for the last 15 years – how do we get the network out of the way?" Networking was broken for AWS in 2010, at least from a business perspective. James Hamilton, SVP and distinguished engineer at Amazon, said as much in a presentation titled, "Datacenter Networks are in my Way." "This was in the very early days of the cloud," Rehder explained. "But even at that time, with the growth of bandwidth we were seeing, it was very clear that the way networks had been built wasn't going to scale into the future and that something fundamentally different had to happen." Hamilton objected to the vertically integrated networking stack that slowed innovation and kept margins high for network equipment makers. He likened it to the mainframe business model, and said he preferred the server business model, where there's competition and open source software. Networks for AWS, Rehder explained, consist of three primary types of hardware: network devices, including switches and routers, built on application-specific integrated circuits (ASICs) that forward data from one port to another; optical transceivers, which send and receive light signals via laser; and cabling, which may be fiber-optic glass or copper wire. When AWS was being built out a decade and a half ago, the cloud biz decided it needed to take control of its network technology. "It's so foundational to what we built," said Rehder. "And so we decided we needed to start developing our own hardware and developing our own software." The company started small, working with third parties to develop network devices, iterating on that until the footprint of its homegrown technology covered its datacenters, its core network, and its border network.  What's unique about AWS, Rehder said, is that other network providers typically use one type of switching ASIC for their aggregation network, another for their core network, and another for their border network, because each has different needs in terms of memory, performance, and throughput. "They would all use different silicon for different switches," he said. "We use one for everything." The reason, he explained, is simplicity. "If you have one thing and you overly invest in making it really good, you're putting all of your energy into that hardware and software making it super-reliable," Rehder said. "It also helps us scale the network because when we're managing our supply chain or figuring out how to scale, we're not trying to balance all these competing SKUs." That does create some challenges, he admitted. "There's a good reason people use different types of switching ASICs because there is different functionality," Rehder explained. "And that's where controlling our own software really comes to play. We've effectively been able to remove the need for that custom silicon by being smart with our software and just finding creative ways to keep what needs to happen on the device in the hardware as simple as possible while still delivering great performance and functionality for our customers." The switches have specialized ASICs to maximize the efficiency of packet routing. The ASIC can move many millions of packets per second from one port to another, without going through a CPU. So now AWS has its own hardware, running on its own software, a version of Linux called NetOS. The company's current homegrown switch is capable of transmitting 51.2 terabits per second of traffic, via 64 ports operating at 800 gigabits per second. Within the next 12 months, its next generation switch will provide 102.4 terabits per second via 64 ports running at 1.6 terabits per second. "Everything runs the same operating system as well, which is super powerful for us," said Rehder. "From a security perspective, it means the code's all ours. We can scan it, we can fix bugs … we can patch and update our devices very, very regularly." Owning everything has allowed AWS to do some difficult things. As an example, Rehder pointed to the high precision time network that AWS released a few years ago. That required unique hardware and unique software that integrates with the company's Nitro server chip. The technology, he said, allows applications such as high-frequency trading and distributed databases to operate across long distances. "The only way we could have achieved that is because we were able to bring our own hardware and our own software and then do something that was unique to solve some AWS customer problem," he said. "The bigger problem we're trying to solve is how do we keep all the server clocks in sync," said Satish Vangala, director of network product development at AWS. "We had to build a dedicated network to ensure that we have the timing synchronization at microsecond accuracy for all the servers in our datacenter." AWS's network consists of about two million devices and about 50-60 million optical links and transceivers. It includes about 20 million kilometers of terrestrial and subsea fiber at the moment, which Rehder says is enough to reach from the Earth to the Moon and back 25 times. And that's just cable between buildings. If you measure the cable within its datacenters, the amount of cable is maybe an order of magnitude higher. One of the ways AWS has been improving its network recently has been through the deployment of hollow core fiber, which has been around for a while but only recently became something that could be manufactured at scale.  With normal fiber optic cable, light-based networking signals travel through the glass fiber. Hollow core fiber consists of a glass tube surrounding air or vacuum, which offers less refractive interference and allows light to travel at a speed closer to its natural limit. The result is a 30 percent reduction in latency, which Rehder says is significant, particularly for datacenter placement. He explained that when an AWS region is built and has, for example, three availability zones, the datacenters have to be near each other but not too close.  For subsequent expansion, latency between structures constrains building placement – it has to be low enough that customer applications in different datacenters within the same region behave as if they were located in the same place.  So hollow core fiber expands the potential resources available to AWS datacenters – in terms of land and power – by allowing structures to be placed within a larger radius. "We do have hollow core deployed in a few places now," said Rehder. "It's more expensive than the traditional fiber. But if it enables us to improve latency or better serve customers, in the grand scheme of things, the cost of the fiber is small when you look at the entire cost of datacenters, servers and network devices and everything else." Network improvements like hollow core fiber are necessary because the demand for bandwidth keeps growing.  Rehder said that the need for bandwidth has been growing throughout his career but more so in the last four or five years as generative AI services have taken off. "The accelerated server types tend to have three to four times the bandwidth needs of the more traditional CPU-based server types," he explained. "We're still using the same hardware and we're using the same software, but we're packaging it together in a different way." To get more servers with more bandwidth under one network in a datacenter with less latency between servers, AWS uses fewer networking devices in the path between two servers.  "So the UltraCluster network lets you scale out to be much larger than the other traditional network that we use," Rehder said. "Effectively a different network topology. Instead of having seven network devices in the path between any two points, it has five network devices in the path between the two points." As AWS has built more capacity and expanded its network, the scale of its operations has demanded innovation. Rehder explained that issues like physical cabling infrastructure – the number of connectors required and how they can be optimized for ease, speed of deployment, and reliability come into play. "When you're into fiber optic, it's not like the Ethernet port you plug in," Rehder explained. "With fiber optic cabling, because you're sending a signal, even though you may plug the cable in right, if it's not seated perfectly or if it's dirty at all, that can obscure the signal and that can reduce the reliability of it. It's a major challenge when you're operating at high scale and the latest technology is on the edge of what you can cleanly send and receive and everyone's trying to deploy that." "That's a big area of focus for us – not only building all this capacity but making sure it can be built quickly and then, once it's built, it runs extremely reliably," he said. One of the ways AWS tries to ensure a smooth setup is with a device called a firefly, a connector that looks a bit like an alien from the arcade classic Space Invaders. Its function is to verify a fiber signal path so that's not a variable when a new endpoint gets added. "Each of these will have a send and a receive," said Rehder, "and this basically takes the send and receive and loops it, so that when we get the fiber into the datacenter, it'll be connected to a network switch at the other side and it can send a signal and if you see the signal come back to itself, you can make sure the fiber path is clean. So when the client comes in you can just plug it in and it's good to go." When the network works – more than 99 percent of the time, usually – you may not even notice the engineering. ® Updated at 2118 to correct the title for Matt Rehder.

The Register gets a look inside AWS' networking lab in Cupertino

FEATURE  In an unassuming three-story office building in Cupertino, California, engineers from Amazon Web Services are busy trying to make networking inconspicuous.…

WHO, ME? Monday is upon us once again and The Register hopes that when you arrive at your desk, all is well. We offer that sentiment because we use the first day of the working week to bring you a fresh instalment of "Who, Me?" – the reader-contributed column in which you confess to making mistakes, and explain how you survived them. This week, meet a reader we'll Regomize as "Teague" who told us he once worked for a local council in the UK. "Blagging freebies from kit suppliers was an everyday occurrence," he told The Register. And one day he blagged a shiny new ISDN router. "After fiddling and playing with various configurations, I consigned it to the back of my desk, buried in the pile of IT junk that technicians all over the planet create." We have a name for that pile: That Box Full Of Old Tech You Should Probably Have Thrown Out But Kept Just In Case But we digress: A couple of weeks and several new bits of free kit later, Teague returned to the router. "I logged into the onboard config interface, and one of the questions was 'Does your organization use DHCP?'" The council did use DHCP, so Teague responded with an enthusiastically honest "Yes." Teague was no stranger to the perils of DHCP. But he'd started fiddling with the router late on Friday, just before he was due to take a week off. So he left the ISDN router connected to the council network and took off. "On my return, I was summoned to see the Network Manager, who asked one simple question: 'Why did you leave an unauthorized DHCP server running?'" Teague quickly learned that on the Monday morning of his holiday, thousands of council workers arrived at work and the DHCP server embedded in the ISDN router started handing out IP addresses. "This IP range the router used was way off normal, and network access was killed," he confessed. His colleagues spent much of the week fixing up the mess Teague's experiment caused. "I got a huge bollocking," he admitted, and said he now lives by a simple rule: "Don't put anything like an unattended or unauthorized DHCP server on the network, leave it to the professionals!" Have you left a mess behind before heading on holiday? If so, take your time thinking about your story and then click here to share it with Who, Me? We would love the chance to tell your story on a future Monday. ®

That box-full-of-old-tech-you-should-probably-have-thrown-out-but-kept-just-in-case got a techie in trouble

Who, Me?  Monday is upon us once again and The Register hopes that when you arrive at your desk, all is well. We offer that sentiment because we use the first day of the working week to bring you a fresh instalment of "Who, Me?" – the reader-contributed column in which you confess to making mistakes, and explain how you survived them.…

Covert cameras, live-streaming systems, and in-vehicle recording kit sought to catch out fraudsters

The Department for Work and Pensions has gone shopping for covert cameras, live-streaming kit, and vehicle-based recording gear as it lines up a £2 million upgrade to watch fraud suspects in real time.…

If you thought 800 Gbps Ethernet was fast, just wait. Celestica's latest switches cram 64 1.6 Tbps ports into a single chassis. The networking vendor this week began taking orders for its DS6000 family of switches, which are aimed primarily at high-performance computing applications like AI training and inference.  The switches will be offered in both a 19-inch 3U air-cooled chassis and an OCP-compliant 21-inch design that uses a combination of air and liquid cooling. At the heart of the switches lives Broadcom's 102.4 Tbps Tomahawk 6 ASIC, which we looked at in detail late last spring. The chip is Broadcom's first to use the 200 Gbps serializer-deserializers (SerDes) required for 1.6 Tbps connectivity. Each of Celestica's 64 OSFP224 ports is made up of eight 200 Gbps, links which are aggregated into a single port. These ports can also be expanded using breakout cables to boost the switch's radix if required. Celestica's latest switch arrives as Nvidia and others push for faster scale out networking. The GPU giant's latest generation of ConnectX-9 superNICs, launching alongside its Vera Rubin rack systems later this year, boast 1.6 Tbps of connectivity. However, rather than exposing one high-speed port, that bandwidth appears likely to be split across two 800 Gbps links for added redundancy and path diversity. AMD is also sticking with multiple 800 Gbps ports for its first rack-scale AI compute platform. Each MI455X GPU will be paired with three 800 Gbps Pensando Vulcano NICs. However, it may not be long before we see even faster port speeds as networking vendors race to bring 400 Gbps SerDes to market. Earlier this year, Broadcom revealed an optical digital signal processor capable of 400 Gbps per lane of connectivity, clearing the way for 3.2 Tbps optical transceivers. But before you get too excited, it'll be a while before there are 204.8 Tbps switches to plug those transceivers into. Even then, PCIe 6.0, which tops out at 800 Gbps on a standard x16 interface, will limit NIC port speeds for the foreseeable future. ®

Networking kit arrives just in time for Nvidia's 1.6 Tbps ConnectX-9 NICs

If you thought 800 Gbps Ethernet was fast, just wait. Celestica's latest switches cram 64 1.6 Tbps ports into a single chassis.…

Turns out the real problem is not AI but staff still clicking on dodgy emails from 'IT support'

Nearly half of UK businesses are still getting breached, and in many cases, the attacker's big breakthrough is an employee clicking "sure, why not" on a fake login page.…

Just in time for the Trump-Xi summit

Exclusive  A novel China-linked threat group infiltrated more than a dozen critical networks in Poland, Asian countries, and possibly beyond, beginning in December 2024 and with activity uncovered as recently as this month.…

The first quarter of 2026 saw a surge in severe and prolonged internet disruptions, from government shutdowns to power outages to the occasional mystery incident. So says content delivery network biz Cloudflare in its latest summary of the global activity it oversees across the interwebs. This takes in the whole gamut from severe weather to cable damage to various technical issues. One of the major incidents involved hostilities in the Middle East, where Iran authorities shut down the country's internet for 61 days (at the time of writing), following the assault by Israel and the US on February 28. This wasn't the first government-enforced blackout of the year in Iran, that started at 20:00 local time (16:30 UTC) on January 8 in response to nationwide protests against the ruling regime that began 11 days earlier. Traffic remained near zero until January 21, when a small amount returned, only to disappear around 24 hours later. Another brief restoration followed on January 25, before normality resumed on January 27. Cloudflare reports that an almost total loss of announced IPv6 address space started several hours before the cut-off actually hit on January 8, which was an indicator of what was to come. Some shifts in announced IPv4 address space were visible during the shutdown, but largely remained consistent during the shutdown period. Cloudflare says these observations suggest the shutdown was implemented by means of filtering. In the war-related shutdown, the Cloudflare Radar service noticed a sharp drop in traffic from Iran around 10:30 local time (07:00 UTC). Traffic levels fell to less than 1 percent of normal. However, IP address space continued to be announced this time, while a small amount of traffic that persisted suggests the shutdown was effectively achieved through aggressive filtering. Selected users continued to access approved internet sites via "whitelists" and "white SIM cards," Cloudflare says. Elsewhere, internet outages coincided with elections in Africa. Ugandan authorities pulled the plug between January 13 and January 17 to cover the presidential election. It was similar for the Republic of Congo presidential election on March 15, where cutoff lasted for circa 60 hours. Back to the conflict in the Middle East, Amazon Web Services saw its datacenter sites impacted by drone strikes. Service degraded after a facility in the United Arab Emirates was hit on the morning of March 1. The following day, AWS confirmed two of its facilities in the UAE (me-central-1 region) were "directly struck" by drones and that a campus in Bahrain (me-south-1 region) was offline after a nearby strike. Ukraine also suffered loss of access in some areas, due to the ongoing Russia's invasion. Attacks on energy infrastructure January 7 and 8 caused power outages disrupting internet activity in Dnipropetrovsk and surrounding regions to below 50 percent of normal. Later the same month in Kharkiv, a drone and missile attack - again targeting energy infrastructure - led to another 50 percent drop in traffic from the region on January 26, with recovery progressing the next day. Then there were the mystery outages. In late March, customers of UK broadband provider TalkTalk reported widespread service disruptions. Cloudflare says traffic from the network dropped nearly 50 percent compared with the previous week starting around 07:00 local time, with service restored not long after, at about 08:15 local time. TalkTalk acknowledged the issues on X but did not publicly disclose a root cause, according to Cloudflare. We asked TalkTalk for the root cause. A spokesperson said: "We recorded a brief network outage on the morning of March 25. Full service was restored within approximately one hour." Whatever it was, TalkTalk seems determined to keep it a secret, so perhaps it was an embarrassing gaffe by one of engineers. ®

Iran went dark twice, AWS got droned, oh and TalkTalk broke something it refuses to talk about

The first quarter of 2026 saw a surge in severe and prolonged internet disruptions, from government shutdowns to power outages to the occasional mystery incident.…

PARTNER CONTENT ZTE Corporation (0763.HK / 000063.SZ), a global leading provider of integrated information and communication technology solutions, today announced the successful commercial deployment of its Smart Cloud Platform (SCP) and intelligent home solutions with Wind Telecom, one of the Dominican Republic's largest fixed-network operators and a pioneer in advanced broadband services. This collaboration marks a major milestone in enhancing home network visibility, operational efficiency, and intelligent management, further strengthening Wind Telecom's leadership in the country's rapidly evolving broadband market. By leveraging ZTE's SCP solution, the partnership delivers a superior, future-ready digital experience for residential users nationwide. SCP Empowers Smart Homes: End-to-End Intelligent Control Hub, Drives Operator Service Evolution As the intelligent control center for home networks, the SCP enables unified access, centralized configuration, collaborative management, and intelligent control of devices such as Optical Network Terminals (ONTs), Mesh Access Points (Mesh APs), and Internet Protocol Cameras (IPCs). It fully supports remote operations, scenario automation, and intelligent fault diagnosis, significantly enhancing home network automation and intelligence. With its "One Cloud" architecture, the SCP helps operators evolve from providing single access points to building a comprehensive smart home ecosystem. This includes delivering seamless gigabit coverage through Mesh networking to eliminate signal dead zones and integrating IPCs and OTT STBs to expand high-value services such as home security and high-definition entertainment. In addition, AI algorithms analyze network status in real time to optimize bandwidth and Wi-Fi coverage, proactively prevent congestion, reduce latency, and ensure stable, efficient device operation. The SCP also integrates with OSS/BSS systems, providing network quality reports, user behavior analysis, and precise marketing support. This enables operators to transition from "selling broadband" to "selling experiences and services", while offering users a safer, smoother, and more convenient smart home experience. Cloud Storage Feature: Multi-Screen Video & AI Security Enhance Smart Homes in Dominican Republic To address the Dominican Republic's specific operational needs, ZTE has developed a tailored cloud storage feature for Wind Telecom's IPCs. This capability allows end users to play back recorded videos and enables the ZLife application to display multiple video feeds on a single screen for enhanced real-time monitoring. It supports video and audio monitoring with intelligent alerts for abnormal stays, humanoid detection, and critical area intrusion, thereby strengthening property and home security. The cloud storage feature also creates new recurring revenue streams for Wind Telecom by encouraging subscription upgrades across different retention tiers (e.g., 7/15/30 days). This helps boost ARPU and reduce churn through improved customer loyalty. For end users, the ZLife app provides convenient timeline-based review of past home activity by specific time periods, such as morning, work hours, or nighttime. This allows quick retrieval of clips for sharing or as evidence when needed. AI-Optimized Connectivity and High-Value Services Boost ARPU in Dominican Republic Leveraging its "One Cloud" architecture, ZTE empowers Wind Telecom to achieve seamless device collaboration, centralized configuration, and intelligent control, significantly enhancing remote O&M and automation capabilities. This transformation positions Wind Telecom as the Dominican Republic's leading smart home service provider. With AI-driven optimization, the SCP ensures superior service quality, stable connectivity, and an enhanced user experience. As operators expand high-value services such as smart security and whole-home Wi-Fi, the SCP serves as the cornerstone for building differentiated competitiveness – driving the shift from basic connectivity to intelligent service operations, ultimately increasing ARPU while delivering win-win growth in customer satisfaction and business value. Contributed by ZTE.

Elevating residential connectivity with AI-driven network optimization and secure cloud-based home monitoring solutions

Partner Content  ZTE Corporation (0763.HK / 000063.SZ), a global leading provider of integrated information and communication technology solutions, today announced the successful commercial deployment of its Smart Cloud Platform (SCP) and intelligent home solutions with Wind Telecom, one of the Dominican Republic's largest fixed-network operators and a pioneer in advanced broadband services. This collaboration marks a major milestone in enhancing home network visibility, operational efficiency, and intelligent management, further strengthening Wind Telecom's leadership in the country's rapidly evolving broadband market. By leveraging ZTE's SCP solution, the partnership delivers a superior, future-ready digital experience for residential users nationwide.…

PARTNER CONTENT ZTE Corporation (0763.HK / 000063.SZ), a global leading provider of integrated information and communication technology solutions, together with XLSMART, officially launched a joint Innovation Center in Jakarta to support the development of 5G-Advanced (5G-A) and AI in Indonesia. The center is designed as a practical test environment for real-world use cases and new 5G business models across industries, while also representing a strategic step by XLSMART to strengthen its network capabilities—reflecting its commitment to becoming the most customer-loved company by delivering more reliable, efficient, and impactful connectivity for the people of Indonesia. Located at ZTE Indonesia office, The East Building, Kuningan, South Jakarta, the center serves as a practical testbed to validate real-world use cases and new business models across various industry sectors. As an inclusive platform, the Innovation Center promotes openness for industry players, academia, and ecosystem partners to collaboratively test technology solutions that are relevant to the needs of the Indonesian market. The launch was attended by senior representatives from government and industry, including Nezar Patria, Vice Minister of Communications and Digital Affairs of the Republic of Indonesia; Wang Lutong, Ambassador Extraordinary and Plenipotentiary of the People's Republic of China to the Republic of Indonesia; Franky Oesman Widjaja, Chairman of Sinarmas Telecommunication & Technology; James Zhang, Senior Vice President of ZTE; Sun Shangbin, Chairman of the China Chamber of Commerce in Indonesia, Zhang Ming, Director of HSR, KCIC, and the other members of XLSMART's management team. Their presence underscores the importance of international technological collaboration in strengthening the national digital foundation. The Innovation Center showcases several key technology pillars as its main focus areas, including: AI-driven Network Optimization: Delivering smarter, predictive, and adaptive telecommunications infrastructure. 5G-Advanced (5G-A) Capabilities: Exploring ultra-reliable, low-latency connectivity to enhance user experience and industrial efficiency. Sustainable Infrastructure Solutions: Energy-efficient technologies to support environmentally friendly and cost-effective digital operations. Future Technology Exploration: Strategic research to prepare Indonesia's future connectivity roadmap. Shurish Subbramaniam, Director & Chief Technology Officer of XLSMART, said, "The Innovation Center is a strategic step in our journey as an enabler of the digital ecosystem. Our focus goes beyond network development to creating tangible and measurable business impact for industries. Through our collaboration with ZTE, we aim to accelerate the adoption of 5G-Advanced and AI to unlock new growth opportunities and strengthen Indonesia's digital competitiveness in the region." James Zhang, Senior Vice President of ZTE, added, "As Indonesia plays a pivotal role in ASEAN's digital transformation, the launch of the ZTE and XLSMART joint innovation center in Jakarta marks a new milestone in our long-term partnership to drive real technology adoption. By combining ZTE's global innovation expertise with deep local insight, we will help build more efficient, intelligent, and sustainable digital infrastructure for all Indonesians—bridging the digital divide, driving sustainable networks, and unlocking real-world 5G-Advanced and AI use cases to support Indonesia's digital future—one that is practical, responsible, and sustainable." Richard Liang, President Director of ZTE Indonesia, added, "Through this joint Innovation Center, ZTE is committed to providing a platform that drives real technology adoption. We will take the official launch of this Center as a new starting point, and further consolidate our strategic partnership with XLSMART." The Innovation Center is expected to become a key reference point for telecommunications innovation in the ASEAN region. ZTE and XLSMART reaffirm their long-term commitment to supporting the Indonesian government's digital transformation roadmap, strengthening cross-sector collaboration, and building an inclusive and globally competitive digital ecosystem. Contributed by ZTE.

GoDaddy is currently investigating claims that it handed complete control of a valid 27-year-old domain to another customer, without requiring them to pass any authentication processes or upload any supporting documents. The sensational allegations come from Lee Landis, a partner at Pennsylvania IT shop Flagstream Technologies, who claims one of his client's domains "vanished" from the company's GoDaddy account without notice. This, said Landis, meant the client lost access to its website and email accounts throughout the ordeal. The security implications of this include potentially losing access to account recovery mechanisms, MFA codes, company impersonation, business email compromise (BEC) schemes, and all manner of other possibilities. The client wanted to remain anonymous, but was described as an American non-profit that operated 20 locations across the country. According to a writeup penned by Landis' friend Austin Ginder, who owns Anchor Hosting, it took just four minutes for the domain takeover process to be approved. However, it left Landis' client with four days of downtime, during which time staff resorted to using personal email addresses and SMS messages to keep stakeholders informed about progress, as numerous fundraising events were scheduled for the following days. "Lee is one of the most competent IT guys I know," Ginder wrote. "The GoDaddy account had dual two-factor authentication enabled, requiring both an email code and an authentication app code to log in. The domain itself had ownership protection turned on." According to the logs, GoDaddy confirmed to Flagstream via email of an account recovery request being made. Three minutes later, the transfer was initiated, and it completed a minute after that. This all took place at around lunchtime on April 18, a Saturday. The transfer was initiated only by an "internal user," the audit logs reportedly revealed, and it did not require any of the authentication methods to be completed. Ginder appeared to imply the transfer was done by an "internal user" inside GoDaddy. Landis' calls to GoDaddy began the following day. Support staff proved unhelpful and allegedly lacked what he believed to be the necessary urgency.  Over the subsequent days, across 32 phone calls which in total lasted more than nine hours, GoDaddy support threw out various email addresses where it said Landis could try to seek a resolution. He claims instructions differed depending on which staffer at the hosting provider answered the phone.  Email conversations, of which there were 17, were never with a named individual, just generic address names, says Landis, who adds that he was asked multiple times why he thought the case was so urgent. Not once did he receive a callback from any of these email exchanges. Landis "may have said some hurtful things to GoDaddy's support personnel," Ginder wrote. A mountain of work and a huge stroke of luck On the following Tuesday, four days after the transfer was completed, GoDaddy allegedly closed the case without action.  In a statement sent to Flagstream, GoDaddy said: "After investigating the domain name(s) in question, we have determined that the registrant of the domain name(s) provided the necessary documentation to initiate a change of account… GoDaddy now considers this matter closed." The issue here is that no documentation was provided, according to both Flagstream and the woman who received ownership of the domain. Ginder refers to her as Susan, but it is not her real name. GoDaddy denies this was the case. Before Flagstream had to clean up this mammoth mess, Susan was trying to reclaim an old domain registered to a former employee.  Again, the specifics were changed because the nonprofit wanted to stay anonymous, but for the sake of storytelling, we'll use the two domains below as examples: HELPNETWORKINC.ORG (Flagstream's client) HELPNETWORKLOCAL.ORG (Susan's domain to be reclaimed) Another important detail to understand how this transfer was botched is that Susan's email signature referenced her chapter's website at a subdomain of HELPNETWORKINC.ORG. Gilder said that GoDaddy staff most likely looked at the signature and mistakenly transferred its parent domain to Susan rather than the intended one. Susan told Flagstream that she received a link to upload supporting documents but the link expired before she could use it, which if true would mean GoDaddy was not being accurate in its statement to Flagstream which said the submitted documentation informed the decision to approve the ownership transfer. While all of this was taking place, Landis and the wider Flagstream team were working at pace to transfer the client over to a new domain and new email addresses, an arduous, brand-harming task, but a necessary one to get the non-profit back in business. "It was a huge stress," Landis told The Register. "We had several guys working on this constantly, even at night. Plus, the company that hosted the website had a lot of work to do too, apart from us when we decided to set them up with a new domain." Fortune was on Flagstream's side, however, as Susan was all too helpful after noticing she was in possession of the wrong domain.  Susan initially called the non-profit's CFO, saying she did not know what she was looking at, but knew she had to tell someone. From there, Susan worked with Flagstream to initiate an account-to-account transfer of the domain's ownership, a process Ginder said took less than five minutes, all without GoDaddy's support or oversight. "Susan is really the hero of this entire story," Ginder wrote. "Without her, Flagstream would still have no idea what happened to this domain. Lawyers would have gotten involved, but it would probably be months until anything was resolved." While migrating the non-profit onto a new domain, and then reverting it back after regaining access, the wider Flagstream team were contacting lawyers to discuss their options for recovering the domain through the courts. Landis told The Register he was confident this route would have worked, but it could have taken months, and that length of downtime was simply unacceptable for any organization. Flagstream is still in conversation with lawyers so the team can prepare itself should they ever have to face a similar situation in the future. Security nightmare Not only was it a stroke of good luck that Susan was helpful in reversing GoDaddy's error, but she was not someone with malign intent who with her newfound access could have carried out a range of attacks. Phishing and BEC are two of the more impactful possibilities, not to mention the opportunity for 27 years' worth of data theft. Landis told us that throughout the episode, the primary concern was that the client's domain was in control of someone who could weaponize the situation. "Our huge concern was that a bad actor had this domain because that would be a huge security risk. Since we no longer had control of the domain, there was nothing that we could do to stop this individual if they were a bad actor." While managing GoDaddy's support, Flagstream worked with its client on ways to mitigate the attacks they anticipated following the transfer, including disconnecting company email addresses from all accounts, from banking and payroll to Amazon and Dropbox. Landis told us that at the time of writing, GoDaddy had still not contacted him nor Flagstream to address the matter. And when they tried to report the issues to GoDaddy's security team via email, the email bounced. Asked whether Flagstream will continue with GoDaddy, Landis said the IT shop is evaluating its options. "Most likely we will probably leave because we can't afford the risk of having other domains disappear. It will be a hassle to transfer our hundreds of domains, but it will be less of a hassle than what happened this last week." Fear is all that lingers The Register spoke to the nonprofit affected by GoDaddy's domain transfer on condition of anonymity. The CEO told us that technically, operations are entirely business-as-usual, though some staff remain fearful of clicking the wrong button and triggering a repeat of April's IT calamity. "A number of our staff – we have a lot of social workers, and some of them are just not, maybe as tech-savvy as our administrative team – they were becoming fearful about touching anything," the CEO told The Register. "I mean, even this morning I'm having issues, as everything gets back, and people are needing to log back into their OneDrive, and all these little kind of details, but there's a relief that even though this is taking extra time from my day, at least we know we have recovered the domain." The Register contacted GoDaddy for a response. It acknowledged the request, and told us it was investigating. It did not deny the story, but disagreed with the assertion that it had authorized the transfer without the necessary documentation and approval. "While we cannot comment on specific customer accounts, we have reviewed our protocols, and confirmed that we received proper documentation and authorization, and our standard operating procedures were followed," a GoDaddy spokesperson said. "However, we are taking this opportunity to reinforce processes that help identify miscommunications between customers and representatives early, before they create downstream issues." ®

32 phone calls, 17 email chains, a 5-day ordeal, and no help during the daddy of all stuffups, claim those affected

GoDaddy is currently investigating claims that it handed complete control of a valid 27-year-old domain to another customer, without requiring them to pass any authentication processes or upload any supporting documents.…