86 comments

[ 2.8 ms ] story [ 135 ms ] thread
The same moment when I was going to buy the new iphone 6s
Yeah, pre orders start in just over 2 hours. This might be related to that
Certainly this is the work of Microsoft working with Aliens.
Thus operational phase 2 begins...
Awaits first journalist to write a glowing story about how "Apple has revolutionised the 'Access Denied' page.
When Steve Jobs invented the computer, he envisioned a device which was accessible to anyone, a device to empower revolutionary magical thinking about the possibilities of access. But he also knew the limits of the networks developed by the establishment gray box technology industry and sought to imbue those networks with communication that would speak different, in a way they would understand. Along with Sir Jony Ive, he reinvented the "Access Denied" page by removing the skeuomorphic constraints, distilling them into a flat "Access Denied" message which spoke to everyone, empowering their engagement with their restricted access to unlock unlimited creative potential.
(comment deleted)
It's so clean. The UI is smooth like butter.
flawless use of negative space. this page is a real tour de force in efficiency
Starting at $999 for the basic and moving up to $1399 for the exclusive white version, you too can be unavailable at those critical moments.
"If you see a fail whale they blew it."
> how "Apple has revolutionised the 'Access Denied' page

Probably, the title would be "How Apple invented Access Denied page"

- Minimalist Design

- Only black and white. Colorful page may harm your eyes

- Border-less design

- Minimal but highly informative text on the page

blah...blah..

Who cares?
I used to do pager duty for a large consumer-facing company, so this is amusing to me.
Works fine for me. What's the problem here?
its pwn3d, atleast in some regions.
zzzzz, just another pr stunt to pretend the demand is high. Just like hiring actors to stand in line outside the apple store every now and then. Or some sysadmin accidentally forgot to click enter somewhere. Nothing to see, move along.
(comment deleted)
(comment deleted)
This is because whois just searches for domains that start with the given argument by default. Try google.com, same result. What you actually want is `whois "domain apple.com"`.
(comment deleted)
First time using WHOIS?

    Ryans-iMac:~ ryan$ whois microsoft.com
    
    Whois Server Version 2.0
    
    Domain names in the .com and .net domains can now be registered
    with many different competing registrars. Go to http://www.internic.net
    for detailed information.
    
    MICROSOFT.COM.ARE.GODDAMN.PIGFUCKERS.NET.NS-NOT-IN-SERVICE.COM
    MICROSOFT.COM.CAN.GO.FUCK.ITSELF.AT.SECZY.COM
    MICROSOFT.COM.EENGURRA.COM
    MICROSOFT.COM.FILLS.ME.WITH.BELLIGERENCE.NET
    MICROSOFT.COM.HAS.A.PRESENT.COMING.FROM.HUGHESMISSILES.COM
    MICROSOFT.COM.IS.A.MESS.TIMPORTER.CO.UK
    MICROSOFT.COM.IS.A.STEAMING.HEAP.OF.FUCKING-BULLSHIT.NET
    MICROSOFT.COM.IS.IN.BED.WITH.CURTYV.COM
    MICROSOFT.COM.IS.NICE.WHEN.TOASTED.COMKAL.NET
    MICROSOFT.COM.IS.NOT.HOSTED.BY.ACTIVEDOMAINDNS.NET
    MICROSOFT.COM.IS.NOT.YEPPA.ORG
    MICROSOFT.COM.LIVES.AT.SHAUNEWING.COM
    MICROSOFT.COM.LOVES.ME.KOSMAL.NET
    MICROSOFT.COM.MAKES.RICKARD.DRINK.SAMBUCA.0800CARRENTAL.COM
    MICROSOFT.COM.MATCHES.THIS.STRING.AT.KEYSIGNERS.COM
    MICROSOFT.COM.MORE.INFO.AT.WWW.BEYONDWHOIS.COM
    MICROSOFT.COM.RAWKZ.MUH.WERLD.MENTALFLOSS.CA
    MICROSOFT.COM.SHOULD.GIVE.UP.BECAUSE.LINUXISGOD.COM
    MICROSOFT.COM.SHOULD.INSTALL-GENTOO.NET
    MICROSOFT.COM.SOFTWARE.IS.NOT.USED.AT.REG.RU
    MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM
    MICROSOFT.COM.WILL.BE.BEATEN.WITH.MY.SPANNER.NET
    MICROSOFT.COM.WILL.BE.SLAPPED.IN.THE.FACE.BY.MY.BLUE.VEINED.SPANNER.NET
    MICROSOFT.COM.ZZZ.IS.0WNED.AND.HAX0RED.BY.SUB7.NET
    MICROSOFT.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM
    MICROSOFT.COM.ZZZZZZ.MORE.DETAILS.AT.WWW.BEYONDWHOIS.COM
    MICROSOFT.COM.ZZZZZZZ.LOLLERSKATES.RENDRAG.NET
    MICROSOFT.COM.ZZZZZZZZZZZZZZZZZZ.IM.ELITE.WANNABE.TOO.WWW.PLUS613.NET
    MICROSOFT.COM.ZZZZZZZZZZZZZZZZZZZ.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM
    MICROSOFT.COM.ZZZZZZZZZZZZZZZZZZZZ.LOLLERSKATES.RENDRAG.NET
    MICROSOFT.COM.ZZZZZZZZZZZZZZZZZZZZZZ.IS.A.GREAT.COMPANY.ITREBAL.COM
    MICROSOFT.COM
For Google,

Server Name: GOOGLE.COM.HAS.LESS.FREE.PORN.IN.ITS.SEARCH.ENGINE.THAN.SECZY.COM

   Registrar: TUCOWS DOMAINS INC.

   Whois Server: whois.tucows.com

   Referral URL: http://www.tucowsdomains.com
My whois client (apparently jwhois) doesn't do that...
I was curious how this works, so I followed instructions from a reply below to retrieve an 'authentic' WHOIS reply for the real domain: use 'WHOIS domain apple.com'. However, this led to another 'spoofed' result [1].

From what I gather [2], WHOIS often matches sub-domains before top-level-domains, making it easy for someone to create a sub-domain such as 'microsoft.foobar.com' with false records that will populate before the actual domain.

It seems that using the following WHOIS query returns registrar information for Microsoft.com, though it requires sifting through the 'spoofed' results: 'WHOIS =Microsoft.com' [3]. You'll have to wade to the bottom of the results.

[1] MICROSOFT.COM.ARE.GODDAMN.PIGFUCKERS.NET.NS-NOT-IN-SERVICE.COM MICROSOFT.COM.CAN.GO.FUCK.ITSELF.AT.SECZY.COM MICROSOFT.COM.EENGURRA.COM MICROSOFT.COM.FILLS.ME.WITH.BELLIGERENCE.NET MICROSOFT.COM.HAS.A.PRESENT.COMING.FROM.HUGHESMISSILES.COM MICROSOFT.COM.IS.A.MESS.TIMPORTER.CO.UK MICROSOFT.COM.IS.A.STEAMING.HEAP.OF.FUCKING-BULLSHIT.NET MICROSOFT.COM.IS.IN.BED.WITH.CURTYV.COM MICROSOFT.COM.IS.NICE.WHEN.TOASTED.COMKAL.NET MICROSOFT.COM.IS.NOT.HOSTED.BY.ACTIVEDOMAINDNS.NET MICROSOFT.COM.IS.NOT.YEPPA.ORG MICROSOFT.COM.LIVES.AT.SHAUNEWING.COM MICROSOFT.COM.LOVES.ME.KOSMAL.NET MICROSOFT.COM.MAKES.RICKARD.DRINK.SAMBUCA.0800CARRENTAL.COM MICROSOFT.COM.MATCHES.THIS.STRING.AT.KEYSIGNERS.COM MICROSOFT.COM.MORE.INFO.AT.WWW.BEYONDWHOIS.COM MICROSOFT.COM.RAWKZ.MUH.WERLD.MENTALFLOSS.CA MICROSOFT.COM.SHOULD.GIVE.UP.BECAUSE.LINUXISGOD.COM MICROSOFT.COM.SHOULD.INSTALL-GENTOO.NET MICROSOFT.COM.SOFTWARE.IS.NOT.USED.AT.REG.RU MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM MICROSOFT.COM.WILL.BE.BEATEN.WITH.MY.SPANNER.NET MICROSOFT.COM.WILL.BE.SLAPPED.IN.THE.FACE.BY.MY.BLUE.VEINED.SPANNER.NET MICROSOFT.COM.ZZZ.IS.0WNED.AND.HAX0RED.BY.SUB7.NET MICROSOFT.COM.ZZZZZ.GET.LAID.AT.WWW.SWINGINGCOMMUNITY.COM MICROSOFT.COM.ZZZZZZ.MORE.DETAILS.AT.WWW.BEYONDWHOIS.COM MICROSOFT.COM.ZZZZZZZ.LOLLERSKATES.RENDRAG.NET MICROSOFT.COM.ZZZZZZZZZZZZZZZZZZ.IM.ELITE.WANNABE.TOO.WWW.PLUS613.NET MICROSOFT.COM.ZZZZZZZZZZZZZZZZZZZ.GET.ONE.MILLION.DOLLARS.AT.WWW.UNIMUNDI.COM MICROSOFT.COM.ZZZZZZZZZZZZZZZZZZZZ.LOLLERSKATES.RENDRAG.NET MICROSOFT.COM.ZZZZZZZZZZZZZZZZZZZZZZ.IS.A.GREAT.COMPANY.ITREBAL.COM MICROSOFT.COM

[2] http://www.securiteam.com/securitynews/6D00L0K00G.html

[3] Domain Name: MICROSOFT.COM Registrar: MARKMONITOR INC. Sponsoring Registrar IANA ID: 292 Whois Server: whois.markmonitor.com Referral URL: http://www.markmonitor.com Name Server: NS1.MSFT.NET Name Server: NS2.MSFT.NET Name Server: NS3.MSFT.NET Name Server: NS4.MSFT.NET

(comment deleted)
Nope. foo.bar.example.com is set by example.com, not foo.bar, right? Someone simply bought a domain name then published records which would trick people in a fairly narrow range between "doesn't know what Whois is" and "works with DNS for a living."
Nah, this is normal. Do a whois for microsoft.com and you'll see the spam for it as well.
Apple usually takes their store down prior to a big event (iPhone 6s pre-orders).

This is the first major event since they integrated the store into their regular website (rather than having the store.apple.com subdomain) Clearly, this is a mistake as they are deploying all the new pre-ordering pages for the iPhone 6s.

How's this front page material on HN...

Oh no, apple.com is unavailable - breaking news, affects noone?

Not for nothing, it's a pretty rare occurrence to see a triple-a company with a white page error on its home domain, like seeing a whale or something.
I'm interested in their References -- it looks like each hit is a new hash, so they store that so they can refer to it. I don't know much about this side of stuff so it'll be interesting to know why they do that, or what the upside is.
It's probably just sent as context along the whole chain of requests and logged in wire logs.

Those sorts of request ids are usually just for piecing back together what happened from logfiles in my experience.

It makes my Sauce Labs tests on iOS devices fail, and I bet other people's fail as well.

I think the simulators usually try to load apple.com for some reason before the page under test, so it might just be selenium waiting forever for apple.com to load.

(comment deleted)
http://www.alexa.com/siteinfo/apple.com

this is not some shitty grad student's website you know. you don't expect shit like this to happen...

that's how this is breaking news/front page news.

it affects customers who want to preorder their phones

(comment deleted)
Someone who works for Apple — someone who is probably a lot like you and me — is having a really shitty night. So, I am sending good luck vibes towards Cupertino right now.

Godspeed, Apple friends! ️

(comment deleted)
Their phones aren't the only thing limited to 1GB RAM
If it has been offline for 1 hour now, do you think it is tens or hundreds of thousands of dollars is sales that were not processed in the timeframe.
The store was in read-only mode to prep for the new iPhones so the sales loss is already accounted for.

As a side note (and speculation), as compared with other online stores, I don't think the Apple store has the same risks as the other stores (the fact you don't buy the Mac directly from Apple doesn't really affect their revenue).

I don't think the impact is that severe. If you're planning on buying an Apple, and you visit apple.com and it's not up, then you wait until it's back up.

Consistent downtime can damage a brand, but this is just a hiccup.

(comment deleted)
I've seen this error before from other sites and it seems to be generated by Akamai rather than the apple.com origin. Does anyone with Akamai experience know under what conditions this message would be returned? Did someone at apple accidentally ACL off the planet?
I posted my comment before to the wrong commenter, but: I'm interested in their References -- it looks like each hit is a new hash, so they store that so they can refer to it. I don't know much about this side of stuff so it'll be interesting to know why they do that, or what the upside is of doing it that way...
Akamai does indeed give unique reference codes for errors like these. There's a management interface where you can look up more info on what happened for each code, but in my experience lookup time is proportional to the time since the error happened.
This happens when a company uses Akamai's security product and you violate the security policy in place. It's basically a WAF. The big issue is it takes 45 minutes for changes to propagate through Akamai's network. So, you make a mistake and it takes fix time + 45 minutes to resolve.
The most walled of walled gardens.
I've seen this same style of error message before. It's the AkamaiGhost CDN. (Look at the Server: header in the response.)

I suppose you could say the server has given up the ghost...

Googling "AkamaiGhost 403" shows that other sites have experienced the same problems with them before in the past, so I wouldn't particularly blame Apple for this.

this guy know what's up.
Funny to find this on the front page on HN, just got notified by Hooks app! Lol
Me too!
Yeah, this app is really real-time, got you to the frontpage on HN!
Yeah, I've posted just after I received a notification from Hooks :) Got lucky
Looks like iMessage is down too... someone is having a horrendous night.
Works fine here. I think it's on your end.