> On June 26, the court granted our request and made Microsoft the DNS authority for the company’s 23 free No-IP domains, allowing us to identify and route all known bad traffic to the Microsoft sinkhole and classify the identified threats.
Something about this bothers me. So the courts granted MS the rights to essentially take over No-IP's DNS in order to "identify" ... "bad traffic?"
The implications of this are... chilling. As much as I want to reserve judgement, this makes me uneasy (malware aside).
Agreed. Arguably the net effect in this particular case was positive, but I can easily imagine reading this press release in a parallel universe:
"Today, Sony Pictures has upped the ante against global cybercrime, taking legal action to clean up piracy... We're taking YouTube to task as the owner of infrastructure frequently exploited by cybercriminals to infringe copyrights by uploading unauthorized movie clips... On June 26, the court granted our request and made Sony the DNS authority for youtube.com, allowing us to identify and route all known infringing traffic to the Sony sinkhole and identify users who posted unauthorized content."
It seems highly irregular: did the court misunderstand, or were they misrepresented to, that No-IP themselves were playing a witting part in botnet C&C coordination?
I doubt No-IP will settle out of court. They'll probably countersue - they have nothing to lose, and that sounds like a company lawyering up and getting ready to kick ass - and I'd expect they'd ask for very big, even punitive damages. The $200k bond isn't even two orders of magnitude enough to hedge against MS literally destroying their business, in what may have been an ultimately well-intentioned, but spectacularly reckless, action.
How long until MS reverse the DNS changes, I wonder, especially given they can't keep up and they're all effectively down? 12 hours? 24?
It's no surprise, btw, that domains in US jurisdiction are under US jurisdiction.
We could use some more TLDs that aren't, I think, and I've held for some time that the root DNS should be held by some kind of international treaty entity acting as IANA.
And they say America is a democracy... this is one step away from the courts granting Microsoft the power to take over no-ip's business and domains permanently.
Reminds me of the old days of communism when you could have your "property" sized since legally speaking everything belonged to the state.
And no you can't say this is different because the courts ordered it since no-ip was not given a chance to defend itself.
How much would like to bet Microsoft presented the case as some rogue Arab sounding names(terrorists?) running shady bot-nets in cooperation with no-ip a company obviously involved in that criminal activity.
Not the largest and well known freed DNS provider in the world that happens to be used by a large number of bot-nets as well.
If this is ok I'm sure you could find millions of reasons to seize goggles domains like indexing warez sites or websites like the pirate bay.
This is the singlemost monstrously misrepresentational and dubious thing I have seen any tech company do in my 20 years experience as a tech. It also profoundly concerns us all that this type of judgment can be made by our government without any of warning or consent by the people. Millions of users lost their home security and surveillance systems instantly due to this ill-advised decision.
We should hold the federal government and Microsoft directly responsible for any losses that happened today, and any that happen in the future as a result of any such action.
We might as well go ahead with emotional damages for causing the concern in the first place.
Don't use .com, .net, .org, .edu; use domain names in your own sovereignty! Microsoft would have it much harder to get no-ip.ru or no-ip.zh (granted, a little easier grabbing no-ip.fr).
Microsoft was able to demonstrate that they were actually involved in committing the crimes. The court didn't give them the domains so that they could then come up with evidence. They already had the evidence.
Oh nevermind...NSA...M$ is teh suxor...oh mer gurd!!!!
"On June 19, Microsoft filed for an ex parte temporary restraining order (TRO) from the U.S. District Court for Nevada against No-IP. On June 26, the court granted our request and made Microsoft the DNS authority for the company’s 23 free No-IP domains, allowing us to identify and route all known bad traffic to the Microsoft sinkhole and classify the identified threats. "
How can this be legal? Does this mean that if I get malware from a hotmail.com address, I can file for a TRO against Microsoft and control their domains?
I honestly don't understand why Microsoft should be given this ability.
It's an ex parte order, so presumably Vitalwerks didn't show up in court despite the summons? If you filed for a TRO against Microsoft and their lawyers ignored it, something bad might happen to them too.
That may still make people uncomfortable, but it seems much less egregious than Microsoft taking control of No-IP's domains, which is what this press release implies.
Edit: the reuters article is in error here, not the Microsoft Blog. See below. Turns out this really is as egregious as it sounds.
Microsoft has been doing more and more of this stuff lately, and it does start to worry me quite a bit. The last time they worried me was when "Microsoft shut down a million-strong Tor botnet, by uninstalling Tor from the computers".
I don't want Microsoft to have that kind of power, let alone use it. Worse yet, they make it sound like it's some kind of PR win for them. "Microsoft the hero, takes down evil network". But they usually try to hide how they did it. Very few articles mentioned they were uninstalling Tor from the computers the last time around. Most were just churning Microsoft's press release and the hero narrative.
Has I understood this correctly? Microsoft, a private company, has been granted the right to filter all dns traffic, and choose what will bee forward to this other company, No-IP. No-IP will so bee allowed to run there service for the remaining customers Microsoft approves?
Is this common practices in the us legal system? Would it work like this in the offline world also? If my neighbor sometimes had loud parties that bothered me, could I be granted the right to stand in front of his door and turn any potential troublemakers away.
It's a temporary restraining order. It obviously affects Microsoft's products and its customers. It would be equivalent to say, blocking a phone switch that was misbehaving and calling you continuously causing a denial of service attack. That Microsoft customers are suffering more than Microsoft itself and that No-IP appeared to be in denial seems to support the temporary restraining order -- No-IP, aware of such reports via blog posts, chooses to do nothing by asking for reports rather than investigating and stopping the behaviour themselves.
Courts not understanding the social effects of technological law and making an order in favour of the more "respectable" looking party? Happens all the time.
It's just plain outrageous that this court order was granted. It essentially puts no-ip out of business when they were not complicit in anything illegal.
It took me 5 minutes to switch my completely legitimate hosts over to ddns.net. I'm sure the evil botnet owners have backup hostnames and will do the same, or more likely switch to another provider entirely.
The end result will be a short-lived dip in criminal activity over the next 72 hours or so, inconveniencing many thousands of legit users, and putting a completely innocent company out of business. Nice move, MS.
The argument seemed to be no-ip wouldn't stop people who were reported for malware/abuse. If other DDNS providers are less complicit with malware/abuse then it should be harder for them to continually operate. Sure, it won't stop it. But if the most friendly DDNS host is gone, it seems like a marginal victory for everyone else.
> It took me 5 minutes to switch my completely legitimate hosts over to ddns.net.
Unfortunately .net is also under the jurisdiction of US courts so it's not any 'safer' from seizure
The registry for .info and .mobi is in Ireland, .me is Serbia and Montenegro. Might be worth looking for dynamic DNS options in those TLDs if you seek future-proofing.
So let me get this straight. Microsoft got a court order to route all of another entity's DNS traffic to their servers. Giving them the ability to route a metric crap-ton of private traffic through their data centers. For "security". I call shenanigans.
I'm also assuming this is why my no-ip domain disappeared this morning, leaving me with no access to my home servers.
Perhaps the linux on my servers is considered malware. It sure is malicious to Microsoft's bottom line. I kid, but only a little.
FWIW, in my experience, No-IP is very, very responsive and helpful to abuse complaints. Though that is the extent of my experience with them, I've never thought them to be actively harboring malicious activity (unlike, say, CloudFlare).
At CloudFlare, we have a Trust & Safety team dedicated to dealing with the abuse of our network. We sit in front of more than 2 million sites. The vast majority of them are not controversial (the site you're reading this on, for instance), but some are not.
The majority of the abuse requests we receive are DMCA requests, but we get other reports as well. Dealing with these requests is a hard problem because a large number of the abuse requests we receive turn out to be attackers trying to get the origin IP in order to circumvent our protection. As I've blogged about before (http://blog.cloudflare.com/thoughts-on-abuse), we've designed an abuse system that attempts to act as a proxy: passing abuse requests to the customer and their host without exposing the customer's origin to attack.
Malware is one of the situations where we'll actually take content down because it is, per se, harmful. However, we also don't think terminating the customer who has malware hosted on their site is a good solution. Since we're a proxy, terminating the customer doesn't remove the malware from the Internet but instead just kicks the problem down the road to the host. Instead, we developed a system that replaces the infected URLs with a warning page to protect users. This has the ancillary benefit when a site is being used for botnet command and control of allowing us to gather data on machines that make up the botnet. This data is fed back into our system in order to better protect our customers and we're talking other organizations about a way of responsibly sharing this data.
Our Trust & Safety team works with trusted malware reporters regularly, including the team at Microsoft that handled the no-ip.com takedown. We will continue to adjust our process to walk the careful line between ensuring our network isn't causing per se harm while, at the same time, avoiding the risk of becoming a censor.
While I'm not familiar with the exact situation here, I suspect the real problem is that the malware domains are being automatically created en masse, and No-IP have been slow or reluctant to do anything to slow that down. Being responsive to complaints is good for small-scale problems involving individual domains, but basically useless for large-scale abuse.
Hey pktgen: I'm new at CloudFlare, but I'd be really interested in chatting with you (or grabbing a beer) to hear if there's something we could do better. Contact info in my profile. I'll be at Defcon and HOPE too if that's easier.
(Free speech vs. keeping the overall network safe is a hard decision. I think all pro-privacy and pro-liberty services have had to answer this question -- same thing happened with cypherpunks list, HavenCo, Freenet, various payment systems, etc.)
I use their service and am a bit concerned that I've not heard about this until now and taking a look at their blog/website I see no information about this.
So let me get this straight...Microsoft took down a free provider of dynamic DNS services because people have used those services to distribute and control malware?
Where is the due process? Where is the oversight in this? All I'm seeing is vigilanteism.
> Microsoft has seen more than 7.4 million Bladabindi-Jenxcus detections over the past 12 months, which doesn’t account for detections by other anti-virus providers. Despite numerous reports by the security community on No-IP domain abuse, the company has not taken sufficient steps to correct, remedy, prevent or control the abuse or help keep its domains safe from malicious activity.
> On June 19, Microsoft filed for an ex parte temporary restraining order (TRO) from the U.S. District Court for Nevada against No-IP. On June 26, the court granted our request and made Microsoft the DNS authority for the company’s 23 free No-IP domains, allowing us to identify and route all known bad traffic to the Microsoft sinkhole and classify the identified threats.
This is also a temporary order, it's not permanent.
Sure, it's creepy when courts have control over DNS entries, but ... they do. The Internet isn't lawless, it operates within the legal bounds of each country that participates.
I wonder what No-IP will say next and if figures collected by independent groups verify their "swift action" against security threats. As a company providing DDNS services, I wouldn't expect them to understand and use the latest in packet filtering techniques, but ... abuse is abuse and I'm sure they submitted evidence that this was required, temporarily.
The due process is that Microsoft sued the malware distributors and the court granted them a restraining order.
"In a civil case filed on June 19, Microsoft named two foreign nationals, Mohamed Benabdellah and Naser Al Mutairi, and a U.S. company, Vitalwerks Internet Solutions, LLC (doing business as No-IP.com), for their roles in creating, controlling, and assisting in infecting millions of computers with malicious software — harming Microsoft, its customers and the public at large. ...
On June 19, Microsoft filed for an ex parte temporary restraining order (TRO) from the U.S. District Court for Nevada against No-IP. On June 26, the court granted our request and made Microsoft the DNS authority for the company’s 23 free No-IP domains, allowing us to identify and route all known bad traffic to the Microsoft sinkhole and classify the identified threats."
I'll tack on the fact that Microsoft wrote the piece of crap software that the malware installs itself onto as well. Something smells awful about this whole thing.
1 - Court seems to quick to grant Microsoft control of the domains
2 - No-IP statement that they have an open channel with Microsoft executives but never (never?) received a complain from MS about any malicious activity is doubtful (sure MS can produce evidence to the contrary)
3 - What was the urgency and how was this presented to the judge? Personally I don't feel the urgency to use a takeover maneuver in this case, but is there information that shows the impact of not acting was too great?
4 - Our governments are so inept at fighting cyber-crime that instead of sending the request to a govt-regulated cyber-security unit they had to trust Microsoft's with the enforcement? That's sad.
Like others, I am uneasy but thankful to MS. Just wish more details would be shared.
> - Our governments are so inept at fighting cyber-crime that instead of sending the request to a govt-regulated cyber-security unit they had to trust Microsoft's with the enforcement? That's sad.
If this were true, I could sleep easier at night. I doubt it - the judge in question was probably just paid off or otherwise influenced to give MS just insane power, while probably being ignorant of networking in the first place.
I can't think of a software problem that is best served through the violent arm of the state.
This is quite outrageous. I've been using no-ip.com for very legitimate purposes and this will surely result with a lot of breakage. Thanks Microsoft. Thanks a lot.
What I don't understand and haven't seen anyone ask is, why Microsoft?
I mean, obviously some shady legal tactics are at work here, but why did Microsoft got to control those domains instead of, Mozilla for example? or Google? even more so, why wasn't control transferred to ICE for example?
Not saying it's a better alternative or even that I agree with it, but it's very VERY unsettling (and I'm not even American) that a corporation can basically say "dibs on this" backed up by a court order!
I would understand if the procedure went some more like, MS cries wolf, a court order is issued and a gov agency takes temporary control. At least it's "the government" doing the policing (even if guided by a corporation or whatever).
What's next now? Comcast and Verizon sending their IP Police to arrest you because they have a log showing piracy was downloaded at an IP owned by you? And they get to seize your stuff and now your house is a Comcast/Verizon store?
People were starting to forget why everyone hates Microsoft. Even on this site, I see a lot of comments about how Microsoft "isn't so bad" anymore. Hopefully this will lay that and similar naive comments to rest.
Just ran a dig +trace on no-ip.biz. Just... wtf. Who had acted upon that court order?! I thought that the days the US had full control over the internet were LONG past.
`
biz. 172800 IN NS a.gtld.biz.
biz. 172800 IN NS b.gtld.biz.
biz. 172800 IN NS c.gtld.biz.
biz. 172800 IN NS e.gtld.biz.
biz. 172800 IN NS f.gtld.biz.
biz. 172800 IN NS k.gtld.biz.
;; Received 308 bytes from 192.203.230.10#53(192.203.230.10) in 526 ms
no-ip.biz. 7200 IN NS NS7.MICROSOFTINTERNETSAFETY.NET.
no-ip.biz. 7200 IN NS NS8.MICROSOFTINTERNETSAFETY.NET.
;; Received 90 bytes from 209.173.58.66#53(209.173.58.66) in 150 ms
no-ip.biz. 76834 IN NS nf5.no-ip.com.
no-ip.biz. 76834 IN NS nf2.no-ip.com.
no-ip.biz. 76834 IN NS nf4.no-ip.com.
no-ip.biz. 76834 IN NS nf3.no-ip.com.
no-ip.biz. 76834 IN NS nf1.no-ip.com.
;; Received 206 bytes from 157.56.78.73#53(157.56.78.73) in 344 ms
Their status twitter is interesting, they aren't going into any details as to why their service stopped working, and they haven't made any statements about the accusations against them.
So if I declare that the Bing web crawler is ignoring robots.txt and DDoSing my server then I can take over microsoft.com to "clean" out the bad stuff and redirect all traffic to zombo.com?
So based on Microsoft's ingenious logic someone could get a court order and take over part of their business because they have so many infected Windows XP machines out there. Right?
I'm wondering how Microsoft managed to take down the noip.me base domain, since the court stated (footnote 1 on page 5 of the 2nd amended TRO, 2:14-cv-00987-GMN-GWF-019) that the noip.me domain is controlled by the country of Montenegro and outside US legal system control. While there are noip.me 3rd level domains in Appendix A of the TRO, mine were NOT listed and yet I'm being sinkholed by Microsoft.
[+] [-] Zancarius|11 years ago|reply
Something about this bothers me. So the courts granted MS the rights to essentially take over No-IP's DNS in order to "identify" ... "bad traffic?"
The implications of this are... chilling. As much as I want to reserve judgement, this makes me uneasy (malware aside).
[+] [-] teraflop|11 years ago|reply
"Today, Sony Pictures has upped the ante against global cybercrime, taking legal action to clean up piracy... We're taking YouTube to task as the owner of infrastructure frequently exploited by cybercriminals to infringe copyrights by uploading unauthorized movie clips... On June 26, the court granted our request and made Sony the DNS authority for youtube.com, allowing us to identify and route all known infringing traffic to the Sony sinkhole and identify users who posted unauthorized content."
[+] [-] AlyssaRowan|11 years ago|reply
I doubt No-IP will settle out of court. They'll probably countersue - they have nothing to lose, and that sounds like a company lawyering up and getting ready to kick ass - and I'd expect they'd ask for very big, even punitive damages. The $200k bond isn't even two orders of magnitude enough to hedge against MS literally destroying their business, in what may have been an ultimately well-intentioned, but spectacularly reckless, action.
How long until MS reverse the DNS changes, I wonder, especially given they can't keep up and they're all effectively down? 12 hours? 24?
It's no surprise, btw, that domains in US jurisdiction are under US jurisdiction.
We could use some more TLDs that aren't, I think, and I've held for some time that the root DNS should be held by some kind of international treaty entity acting as IANA.
[+] [-] DINKDINK|11 years ago|reply
[+] [-] Fuxy|11 years ago|reply
Reminds me of the old days of communism when you could have your "property" sized since legally speaking everything belonged to the state.
And no you can't say this is different because the courts ordered it since no-ip was not given a chance to defend itself.
How much would like to bet Microsoft presented the case as some rogue Arab sounding names(terrorists?) running shady bot-nets in cooperation with no-ip a company obviously involved in that criminal activity.
Not the largest and well known freed DNS provider in the world that happens to be used by a large number of bot-nets as well.
If this is ok I'm sure you could find millions of reasons to seize goggles domains like indexing warez sites or websites like the pirate bay.
[+] [-] mikedenney|11 years ago|reply
[+] [-] mihai_ionic|11 years ago|reply
[+] [-] informatimago|11 years ago|reply
[+] [-] moblahbl4hblah|11 years ago|reply
Oh nevermind...NSA...M$ is teh suxor...oh mer gurd!!!!
[+] [-] alasdair_|11 years ago|reply
How can this be legal? Does this mean that if I get malware from a hotmail.com address, I can file for a TRO against Microsoft and control their domains?
I honestly don't understand why Microsoft should be given this ability.
[+] [-] tptacek|11 years ago|reply
[+] [-] nostromo|11 years ago|reply
http://uk.reuters.com/article/2014/06/30/us-cybercrime-micro...
That may still make people uncomfortable, but it seems much less egregious than Microsoft taking control of No-IP's domains, which is what this press release implies.
Edit: the reuters article is in error here, not the Microsoft Blog. See below. Turns out this really is as egregious as it sounds.
[+] [-] andrewstuart2|11 years ago|reply
Unfortunately that's false. See below:
dig -t ns no-ip.biz
; <<>> DiG 9.9.2-P2 <<>> -t ns no-ip.biz ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7020 ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4000 ;; QUESTION SECTION: ;no-ip.biz. IN NS
;; ANSWER SECTION: no-ip.biz. 7154 IN NS ns8.microsoftinternetsafety.net. no-ip.biz. 7154 IN NS ns7.microsoftinternetsafety.net.
;; ADDITIONAL SECTION: ns8.microsoftinternetsafety.net. 3560 IN A 157.56.78.93
;; Query time: 3 msec ;; SERVER: 10.1.1.3#53(10.1.1.3) ;; WHEN: Mon Jun 30 14:14:47 2014 ;; MSG SIZE rcvd: 117
[+] [-] higherpurpose|11 years ago|reply
I don't want Microsoft to have that kind of power, let alone use it. Worse yet, they make it sound like it's some kind of PR win for them. "Microsoft the hero, takes down evil network". But they usually try to hide how they did it. Very few articles mentioned they were uninstalling Tor from the computers the last time around. Most were just churning Microsoft's press release and the hero narrative.
[+] [-] lfuller|11 years ago|reply
[+] [-] runarb|11 years ago|reply
Is this common practices in the us legal system? Would it work like this in the offline world also? If my neighbor sometimes had loud parties that bothered me, could I be granted the right to stand in front of his door and turn any potential troublemakers away.
[+] [-] ntakasaki|11 years ago|reply
What if they were bothering 7.4 million people and inconveniencing many more?
And then didn't show up in court in spite of summons? The police or courts will take that far more seriously.
[+] [-] lstamour|11 years ago|reply
[+] [-] pjc50|11 years ago|reply
Courts not understanding the social effects of technological law and making an order in favour of the more "respectable" looking party? Happens all the time.
[+] [-] hendersoon|11 years ago|reply
It took me 5 minutes to switch my completely legitimate hosts over to ddns.net. I'm sure the evil botnet owners have backup hostnames and will do the same, or more likely switch to another provider entirely.
The end result will be a short-lived dip in criminal activity over the next 72 hours or so, inconveniencing many thousands of legit users, and putting a completely innocent company out of business. Nice move, MS.
[+] [-] ohashi|11 years ago|reply
[+] [-] dingaling|11 years ago|reply
Unfortunately .net is also under the jurisdiction of US courts so it's not any 'safer' from seizure
The registry for .info and .mobi is in Ireland, .me is Serbia and Montenegro. Might be worth looking for dynamic DNS options in those TLDs if you seek future-proofing.
[+] [-] dsl|11 years ago|reply
If you use a car wash that is also laundering money, your legitimate need for a clean car is not a defense against shutting the business down.
[+] [-] andrewstuart2|11 years ago|reply
I'm also assuming this is why my no-ip domain disappeared this morning, leaving me with no access to my home servers.
Perhaps the linux on my servers is considered malware. It sure is malicious to Microsoft's bottom line. I kid, but only a little.
[+] [-] robert_nsu|11 years ago|reply
> allowing us to identify and route all known bad traffic to the Microsoft sinkhole and classify the identified threats.
According to MSFT, they are only looking at known "bad" traffic. You can take their word for it... or not.
[+] [-] pktgen|11 years ago|reply
[+] [-] eastdakota|11 years ago|reply
The majority of the abuse requests we receive are DMCA requests, but we get other reports as well. Dealing with these requests is a hard problem because a large number of the abuse requests we receive turn out to be attackers trying to get the origin IP in order to circumvent our protection. As I've blogged about before (http://blog.cloudflare.com/thoughts-on-abuse), we've designed an abuse system that attempts to act as a proxy: passing abuse requests to the customer and their host without exposing the customer's origin to attack.
Malware is one of the situations where we'll actually take content down because it is, per se, harmful. However, we also don't think terminating the customer who has malware hosted on their site is a good solution. Since we're a proxy, terminating the customer doesn't remove the malware from the Internet but instead just kicks the problem down the road to the host. Instead, we developed a system that replaces the infected URLs with a warning page to protect users. This has the ancillary benefit when a site is being used for botnet command and control of allowing us to gather data on machines that make up the botnet. This data is fed back into our system in order to better protect our customers and we're talking other organizations about a way of responsibly sharing this data.
Our Trust & Safety team works with trusted malware reporters regularly, including the team at Microsoft that handled the no-ip.com takedown. We will continue to adjust our process to walk the careful line between ensuring our network isn't causing per se harm while, at the same time, avoiding the risk of becoming a censor.
Matthew Prince / Co-founder & CEO, CloudFlare
[+] [-] duskwuff|11 years ago|reply
[+] [-] rdl|11 years ago|reply
(Free speech vs. keeping the overall network safe is a hard decision. I think all pro-privacy and pro-liberty services have had to answer this question -- same thing happened with cypherpunks list, HavenCo, Freenet, various payment systems, etc.)
[+] [-] jlogsdon|11 years ago|reply
Care to elaborate?
[+] [-] efiftythree|11 years ago|reply
[+] [-] nathanb|11 years ago|reply
Where is the due process? Where is the oversight in this? All I'm seeing is vigilanteism.
[+] [-] lstamour|11 years ago|reply
> Microsoft has seen more than 7.4 million Bladabindi-Jenxcus detections over the past 12 months, which doesn’t account for detections by other anti-virus providers. Despite numerous reports by the security community on No-IP domain abuse, the company has not taken sufficient steps to correct, remedy, prevent or control the abuse or help keep its domains safe from malicious activity.
> On June 19, Microsoft filed for an ex parte temporary restraining order (TRO) from the U.S. District Court for Nevada against No-IP. On June 26, the court granted our request and made Microsoft the DNS authority for the company’s 23 free No-IP domains, allowing us to identify and route all known bad traffic to the Microsoft sinkhole and classify the identified threats.
No-IP in the past has denied allegations, e.g. the Cisco blog post linked to by Microsoft was denied here: http://www.noip.com/blog/2014/02/12/cisco-malware-report/
This is also a temporary order, it's not permanent.
Sure, it's creepy when courts have control over DNS entries, but ... they do. The Internet isn't lawless, it operates within the legal bounds of each country that participates.
I wonder what No-IP will say next and if figures collected by independent groups verify their "swift action" against security threats. As a company providing DDNS services, I wouldn't expect them to understand and use the latest in packet filtering techniques, but ... abuse is abuse and I'm sure they submitted evidence that this was required, temporarily.
[+] [-] greenyoda|11 years ago|reply
"In a civil case filed on June 19, Microsoft named two foreign nationals, Mohamed Benabdellah and Naser Al Mutairi, and a U.S. company, Vitalwerks Internet Solutions, LLC (doing business as No-IP.com), for their roles in creating, controlling, and assisting in infecting millions of computers with malicious software — harming Microsoft, its customers and the public at large. ...
On June 19, Microsoft filed for an ex parte temporary restraining order (TRO) from the U.S. District Court for Nevada against No-IP. On June 26, the court granted our request and made Microsoft the DNS authority for the company’s 23 free No-IP domains, allowing us to identify and route all known bad traffic to the Microsoft sinkhole and classify the identified threats."
[+] [-] kordless|11 years ago|reply
[+] [-] andrewstuart2|11 years ago|reply
[+] [-] gtirloni|11 years ago|reply
2 - No-IP statement that they have an open channel with Microsoft executives but never (never?) received a complain from MS about any malicious activity is doubtful (sure MS can produce evidence to the contrary)
3 - What was the urgency and how was this presented to the judge? Personally I don't feel the urgency to use a takeover maneuver in this case, but is there information that shows the impact of not acting was too great?
4 - Our governments are so inept at fighting cyber-crime that instead of sending the request to a govt-regulated cyber-security unit they had to trust Microsoft's with the enforcement? That's sad.
Like others, I am uneasy but thankful to MS. Just wish more details would be shared.
[+] [-] zanny|11 years ago|reply
If this were true, I could sleep easier at night. I doubt it - the judge in question was probably just paid off or otherwise influenced to give MS just insane power, while probably being ignorant of networking in the first place.
I can't think of a software problem that is best served through the violent arm of the state.
[+] [-] spion|11 years ago|reply
[+] [-] norswap|11 years ago|reply
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] saganus|11 years ago|reply
I mean, obviously some shady legal tactics are at work here, but why did Microsoft got to control those domains instead of, Mozilla for example? or Google? even more so, why wasn't control transferred to ICE for example?
Not saying it's a better alternative or even that I agree with it, but it's very VERY unsettling (and I'm not even American) that a corporation can basically say "dibs on this" backed up by a court order!
I would understand if the procedure went some more like, MS cries wolf, a court order is issued and a gov agency takes temporary control. At least it's "the government" doing the policing (even if guided by a corporation or whatever).
What's next now? Comcast and Verizon sending their IP Police to arrest you because they have a log showing piracy was downloaded at an IP owned by you? And they get to seize your stuff and now your house is a Comcast/Verizon store?
Wtf is this? It's so unreal.
Edit: typo
[+] [-] noipcom|11 years ago|reply
[+] [-] reality_czech|11 years ago|reply
[+] [-] moe|11 years ago|reply
[1] http://www.zdnet.com/after-seven-months-and-no-microsoft-pat...
[2] http://www.microsoftproductreviews.com/microsoft-news/intern...
[+] [-] mschuster91|11 years ago|reply
[+] [-] rblatz|11 years ago|reply
https://twitter.com/NoIPStatus
[+] [-] motters|11 years ago|reply
[+] [-] xxdesmus|11 years ago|reply
[+] [-] rippa242|11 years ago|reply