Forgot your password?
typodupeerror
Government The Internet United States Your Rights Online

US Government Seizes Torrent Search Engine Domain 305

Posted by Soulskill
from the war-on-torrents dept.
Voulnet writes with this excerpt from TorrentFreak: "This morning, visitors to the Torrent-Finder.com site are greeted with an ominous graphic which indicates that ICE has seized the site's domain. 'My domain has been seized without any previous complaint or notice from any court!' the exasperated owner of Torrent-Finder told TorrentFreak this morning. 'I firstly had DNS downtime. While I was contacting GoDaddy, I noticed the DNS had changed. GoDaddy had no idea what was going on and until now they do not understand the situation and they say it was totally from ICANN,' he explained. Aside from the fact that domains are being seized seemingly at will, there is a very serious problem with the action against Torrent-Finder. Not only does the site not host or even link to any torrents whatsoever, it actually only returns searches through embedded iframes which display other sites that are not under the control of the Torrent-Finder owner."
This discussion has been archived. No new comments can be posted.

US Government Seizes Torrent Search Engine Domain

Comments Filter:
  • 208.100.11.174 (Score:5, Informative)

    by bradley13 (1118935) on Friday November 26, 2010 @12:46PM (#34350742) Homepage
    208.100.11.174
  • by Anonymous Coward on Friday November 26, 2010 @12:47PM (#34350756)

    http://torrent-finder.info/ [torrent-finder.info]
    http://208.101.51.57/ [208.101.51.57]

    same destination

  • by Anonymous Coward on Friday November 26, 2010 @12:49PM (#34350772)

    $9 million [opensecrets.org] of campaign contributions buys you a lot I guess.

  • by 3seas (184403) on Friday November 26, 2010 @12:59PM (#34350842) Journal

    just put "legal" in the name.
    try legal torrents in google..

  • Re:Notification (Score:1, Informative)

    by Anonymous Coward on Friday November 26, 2010 @01:02PM (#34350862)

    They don't need to notify you. They need to notify the court and a court has to issue a search warrant. In this case, it is just a seizure of property.

    But then the whois information for Torrent Finder,

    Registrant:
          Torrent Finder
          15 Alexandria St.
          N/A
          Alexandria, 55555
          Egypt

          Administrative Contact:
                Gadelkareem, Waleed kurtubba@gmail.com
                Torrent Finder
                N/A
                N/A
                Alexandria, 55555
                Egypt
                20121578967 Fax -- 2034411838

    So, the contact information is most likely bogus. maps.google.com can't find that address. Heck, it's not even remotely close to street names in Alexandria. The phone numbers lead to a mobile phone and some fixed line (for fax). So that *could* be correct... But then heck, this could be part of some anti-terrorist operation too and who knows, maybe torrent-finder.com was used to sponsor terrorism??

    In any case, maybe try contacting the people that have the domain now to figure out what has happened.

  • by Anonymous Coward on Friday November 26, 2010 @01:10PM (#34350940)

    ...then it's rather clear that the U.S. gov't is taking advantage of ICANN's incestuous relationship with their benefactor, the U.S. Dept. of Commerce.

    Now's the time to seriously start looking at alternative DNS frameworks [opennicproject.org] that aren't whored out to ICANN.

  • by FooAtWFU (699187) on Friday November 26, 2010 @01:17PM (#34351004) Homepage
    I have some bad news for you. You don't actually need JavaScript trackers to collect IP addresses of visitors to your website. It happens automatically, really.
  • by marcelC (592689) on Friday November 26, 2010 @01:33PM (#34351118) Homepage
    ImmixGroup seems to have "been awarded a contract with the U.S. Department of Homeland Security (DHS) Immigration and Customs Enforcement (ICE) Cyber Crimes Center (C3)" http://www.immixgroup.com/news/pr_display.cfm?ID=117 [immixgroup.com] . That would make a hoax unlikely.
  • EXIF Info (Score:4, Informative)

    by bruns (75399) <.bruns. .at. .2mbit.com.> on Friday November 26, 2010 @01:43PM (#34351192) Homepage

    Out of curiosity, has anyone bothered to look at the EXIF information in the big image that was posted?

    Camera Software: Adobe Photoshop CS5 Macintosh
    Image Created: 2010:11:18 09:37:21

    Xmp m m history:
    <rdf:Seq><rdf:li stEvt:action="created" stEvt:instanceID="xmp.iid:03801174072068119109B97207163AEB" stEvt:when="2010-11-10T14:46:01-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:04801174072068119109B97207163AEB" stEvt:when="2010-11-10T14:46:51-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:05801174072068119109B97207163AEB" stEvt:when="2010-11-10T14:51:37-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:06801174072068119109B97207163AEB" stEvt:when="2010-11-10T14:57:21-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:07801174072068119109B97207163AEB" stEvt:when="2010-11-10T15:05:28-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:08801174072068119109B97207163AEB" stEvt:when="2010-11-10T15:08:05-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:09801174072068119109B97207163AEB" stEvt:when="2010-11-10T15:13:59-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:0A801174072068119109B97207163AEB" stEvt:when="2010-11-10T15:22:36-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:468E45EF0D2068119109B97207163AEB" stEvt:when="2010-11-10T15:31:41-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:478E45EF0D2068119109B97207163AEB" stEvt:when="2010-11-10T15:32:55-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:488E45EF0D2068119109B97207163AEB" stEvt:when="2010-11-10T15:34:46-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:498E45EF0D2068119109B97207163AEB" stEvt:when="2010-11-10T15:35:11-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:4A8E45EF0D2068119109B97207163AEB" stEvt:when="2010-11-10T15:37:47-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID="xmp.iid:4B8E45EF0D2068119109B97207163AEB" stEvt:when="2010-11-10T15:41:21-05:00" stEvt:softwareAgent="Adobe Photoshop CS5 Macintosh" stEvt:changed="/"></rdf:li><rdf:li stEvt:action="saved" stEvt:instanceID

  • by Anonymous Coward on Friday November 26, 2010 @01:43PM (#34351200)

    Why hasn't Google been taken offline?

    Because they pay taxes^H^H^H^H^Hbribes [sfgate.com] in the USA. :P

    FTFY.

    Additionally:

    FTC Drops Investigation of Google Less Than a Week After Company Exec Hosts Obama Fundraiser [biggovernment.com]

  • Re:Hoax (Score:5, Informative)

    by Anonymous Coward on Friday November 26, 2010 @01:43PM (#34351202)

    Confirmed: Not a hoax. NetSol (used to be) private registration leads to immixGroup IT Solutions, working for the public-sector (US Government) out of Virginia.

    See also: SEIZEDSERVERS.COM registered two days ago.

    This isn't a question of your country giving away your freedoms. This is a question of international responsibility, lack of it, and the impartiality and global importance of the DNS.

    Now, states seizing their own domains is one thing and subject to their laws, and the US does own .COM, .ORG and .NET and unilateral actions without any form of apparent judicial warrant or oversight like this will shift people away from them. The old WHOIS data was deliberately invalid, so under the rules, they don't need notice. Even so, one of the affected sites is a .TV - I wonder what Tuvalu would have to say about this, diplomatically speaking? dotTV may be 80% owned by Verisign, but it's still 20% owned by Tuvalu. I wonder if this was cleared by them?

    International reaction from this could be interesting - the host is only a little tier2. They are watching, and it appearing on the news is obviously making a bit of noise. They may get substantially more interest than they expected in the short-term, but it will wane unless they do something really stupid like target a high-profile site or, God help us, a fully-autonomous ccTLD on the DNS root - which, on their little power-trip, they might. One does hope they wouldn't be so... foolish: bullies get their toys taken away.

  • Re:Hoax (Score:2, Informative)

    by Anonymous Coward on Friday November 26, 2010 @02:01PM (#34351296)

    I believe this can indeed be a hoax, the DNS configuration for torrent-finder.com is kind of odd or is at least not fully propagated yet, I am able to have three different sets of nameservers show.

    Under a WHOIS, you'll see these two:
          Name Server: NS1.SEIZEDSERVERS.COM (74.81.170.109 - IP owned by CaroNet Managed Hosting)
          Name Server: NS2.SEIZEDSERVERS.COM (74.81.170.108 - IP owned by CaroNet Managed Hosting)
    &
          Name Server: NS51.DOMAINCONTROL.COM (216.69.185.26 - IP owned by GoDaddy)
          Name Server: NS52.DOMAINCONTROL.COM (208.109.255.26 - IP owned by GoDaddy)

    If I run a query through my local ISP, however, I get these two:
          Name Server: ns2.torrent-finder.com (74.81.170.108 - IP owned by CaroNet Managed Hosting, same IP as NS2.SEIZEDSERVERS.COM)
          Name Server: ns1.torrent-finder.com (74.81.170.109 - IP owned by CaroNet Managed Hosting, same IP as NS1.SEIZEDSERVERS.COM)

    Now... If I query each set of nameservers, torrent-finder.com resolves to the same IP in two cases:
    $host -t a torrent-finder.com ns1.torrent-finder.com -- results in 74.81.170.110
    $host -t a torrent-finder.com ns1.seizedservers.com -- results in 74.81.170.110
    $host -t a torrent-finder.com ns51.domaincontrol.com -- results in 208.101.51.57

    If we do a WHOIS on seizedservers.com, we can find that the domain was registered on November 24th 2010.

    Draw your conclusions.

  • Re:Hoax (Score:5, Informative)

    by hey! (33014) on Friday November 26, 2010 @02:19PM (#34351438) Homepage Journal

    Well, it looks fishy to me. Here are the questionable elements.

    (1) The domain registration information information still lists a private domain owner and and admin contact.

    (2) The name servers ns1.torrent-finder.com and ns2.torrent-finder.com, as well as the torrent-finder.com ALL redirect to addresses in a private hosting company (74.81.170.108, .109 and .110 respectively), physically in Charlotte, NC. The picture you're greeted with is served from one of the hosting company's addresses.

    (3) Whois reports the registrar to be Go Daddy, but the name servers ns1 and ns2.seizedservers.com whose IP addresses aremanaged by a private company called "wild west domains".

    (4) The "seizedservers.com" domain is controlled by a company called "immixGroup IT solutions". The registrar is network solutions and the registrant is using network solution's privacy service to block his contact identity.

    Notice what is missing here: any reference to a government controlled host, domain or name controller. All we have is a set of privately procured and managed name and web servers with anonymous administrative contacts. There is literally *nothing* to connect the picture you are seeing at the torrent-finders.com website to DHS, other than the picture's *claim*.

    A little googling shows this exact same picture shows up in similar "DHS seizure" cases, with the exact same pattern of private servers and domains leading back to some anonymity service and NO government ip addresses, domains or contacts involved, although the *private* domains and servers involved are different. If this were a DHS seizure program, wouldn't the trail lead back to the same government contacts?

    It looks to me like this is either a hoax or a case of private hijacking by a private individual or group who uses different domains and accounts to cover his tracks.

  • Uhhhh no... (Score:2, Informative)

    by phorm (591458) on Friday November 26, 2010 @02:29PM (#34351528) Journal

    And when the server gets bushwhacked instead of the domain, and they move to a new host - but you're still getting the old IP from your hosts file - then what? How about if - rather than an FBI warning or whatever - the site is replaced by a clone that sniffs your info or installs trojans?

  • by ScrewMaster (602015) * on Friday November 26, 2010 @02:59PM (#34351740)

    When the rest of the world figures out that they don't need us anymore since we're too broke to buy their products they'll just ignore all the damn treaties and let us sink into failed state status like Afghanistan or Somalia.

    If we're lucky, a gang of lawyers will go to China to try to sue and get run over by tanks. That little human rights violation I could live with. Hell, that I'd enjoy.

    Hardly. You think that the mindset that created an ACTA only exists in the United States? A lot of Europeans seem to think that (if nothing else, it gives some some more imaginary ammo for America-bashing) but it's just not true. The unfortunate reality is that the corporations behind this aren't (for the most part) even American, so don't expect this to stop should the entire continent of North America vanish from the face of the Earth tomorrow. Europe is on target to be screwed in exactly the same way, for exactly the same reason, by exactly the same people. This particular agenda is put forth by some very powerful multinationals and, to make a long story short, they're criminal assholes who simply do not care who they hurt, whose culture or legal system they damage, as long as they can control distribution of their products as they deem fit. The fact that these plans happen to mesh quite nicely with those of governmental power mongers who, like weeds, seem to spring up pretty much everywhere just makes them easier to ram through.

    The human race really needs to start considering megalomania and similar mental conditions as serious disorders, and either find ways to treat them successfully, or simply bar anyone suffering from them from public office, elected or otherwise. There are plenty of competent, sane people to fill those positions, we don't need to select for any of several psychoses. But we do, and the net effect is that we have people who are highly qualified at the process of getting elected, not so qualified at the actual job.

  • Re:Hoax (Score:3, Informative)

    by memyselfandeye (1849868) on Friday November 26, 2010 @03:53PM (#34352102)

    I would agree this seems fishy. However as stated in this Directive [dhs.gov] ICE has the authority to do some fairly clandestine stuff without any approval, such as registering 'fake' domains to poorly beguile terrorists, miscreants, and other groups found the oracle on high deems unworthy. I suppose this could extend to transferring DNS to a sleazy hosting outfit... however I bet this [flickr.com] is a little bit closer to home, sleezy outfits seem to attract one another. I seriously doubt DHS and ICE have anything to do with copyright infringement despite claims [techdirt.com] to the contrary, especially considering at least of the the 'victims' [torrentfreak.com] seems to be up and running.

    P.S, The FEDs usually fell entire forests when delivering mail informing you of tax violations, compliance violations, legal violations, and penalties. It's usually quite unambiguous.

  • Re:Hoax (Score:3, Informative)

    by TheLink (130905) on Saturday November 27, 2010 @01:02AM (#34356062) Journal
    Ignore this paragrpah: Slashdot says: Your comment has too few characters per line (currently 36.4).
    Vestibulum venenatis mauris sit amet augue condimentum convallis. Donec hendrerit fringilla velit id sagittis. Nullam vitae metus sit amet justo malesuada congue. Aliquam eleifend metus sit amet lacus tincidunt nec lacinia dui malesuada. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus. Nam iaculis, lectus nec auctor sollicitudin, arcu ante commodo nunc, in aliquam elit risus at mi. Nullam tempor aliquam accumsan. Nulla facilisi. Donec ac risus in leo rhoncus euismod. Aenean placerat, ipsum eget accumsan rhoncus, erat elit consectetur metus, eget hendrerit lorem arcu ac metus. Nam non turpis ut odio cursus sodales sit amet at diam. Integer a mauris eu lorem placerat imperdiet eget sed erat. Phasellus viverra mauris quis arcu commodo vehicula. Sed vestibulum porttitor semper. Integer nisl massa, aliquet in tempus nec, mattis ut orci.

    Try this instead:
    1) whois torrent-finder.com
    (or http://www.who.is/whois/torrent-finder.com/ if you don't have a cli whois that works)

    Whois Server Version 2.0

    Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information.

    Domain Name: TORRENT-FINDER.COM
    Registrar: GODADDY.COM, INC.
    Whois Server: whois.godaddy.com
    Referral URL: http://registrar.godaddy.com
    Name Server: NS1.SEIZEDSERVERS.COM
    Name Server: NS2.SEIZEDSERVERS.COM
    Status: clientDeleteProhibited
    Status: clientRenewProhibited
    Status: clientTransferProhibited
    Status: serverDeleteProhibited
    Status: serverTransferProhibited
    Status: serverUpdateProhibited
    Updated Date: 24-nov-2010
    Creation Date: 30-dec-2005
    Expiration Date: 30-dec-2011

    >>> Last update of whois database: Sat, 27 Nov 2010 04:02:40 UTC <<<

    NOTICE: The expiration date displayed in this record is the date the

    [lots of legalese deleted]

    including mining this data for your own personal or commercial purposes.

    Please note: the registrant of the domain name is specified in the "registrant" field. In most cases, GoDaddy.com, Inc.
    is not the registrant of domain names listed in this database.

    Registrant:
    Torrent Finder
    15 Alexandria St.
    N/A
    Alexandria, 55555
    Egypt

    Registered through: GoDaddy.com, Inc. (http://www.godaddy.com)
    Domain Name: TORRENT-FINDER.COM
    Created on: 30-Dec-05
    Expires on: 30-Dec-11
    Last Updated on: 04-Oct-10

    Administrative Contact:
    Gadelkareem, Waleed kurtubba@gmail.com
    Torrent Finder
    N/A
    N/A
    Alexandria, 55555
    Egypt
    20121578967 Fax -- 2034411838

    Technical Contact:
    Gadelkareem, Waleed kurtubba@gmail.com
    Torrent Finder
    N/A
    N/A

Swap read error. You lose your mind.

Working...