Follow Slashdot stories on Twitter


Forgot your password?
Censorship Crime Microsoft Your Rights Online

Microsoft Says It Never Meant To Knock Cryptome Offline 176

CWmike writes "Microsoft withdrew on Thursday its demand that yank the 'Microsoft Global Criminal Spy Guide' document from the site, and said it had never intended for the whistleblower's domain to be knocked off the Web. 'In this case, we did not ask that this site be taken down, only that Microsoft copyrighted content be removed,' said a Microsoft spokeswoman. 'We are requesting to have the site restored and are no longer seeking the document's removal.' The document, a 17-page guide to law enforcement on how to obtain information about users of Microsoft's online services, including its Windows Live Hotmail, the Xbox Live gaming network and its Windows Live SkyDrive storage service, was published by John Young, who runs, on Feb. 20. Earlier this week, Microsoft demanded that Young remove the document from his site, citing the Digital Millennium Copyright Act. When Young refused, his Internet provider shut down the site, and Network Solutions, the registrar of Young's domain, put a 'legal lock' on the domain name. The last prevented him from transferring the URL to another ISP. Computerworld blogger Preston Gralla dug into the document today in his 'Leaked Microsoft intelligence document: Here's what Microsoft will reveal to police about you' post."
This discussion has been archived. No new comments can be posted.

Microsoft Says It Never Meant To Knock Cryptome Offline

Comments Filter:
  • by slimjim8094 ( 941042 ) <slashdot3@just[ ... t ['con' in gap]> on Thursday February 25, 2010 @05:07PM (#31277630)

    I'm no fan of Microsoft, but I think they've handled this whole situation correctly.

    There's no indication that the document in question was *not* copyright by Microsoft. In this case, the correct legal action is a DMCA, same as if you had a movie up on your site. NetSol is just being a dick, as usual - it's not their responsibility to screw with the domain over the dispute between 2 third-parties unless legally required to (I don't think that's the case here).

    In any case, when Microsoft saw how this was about to go all Streisand on them, they decided correctly that it wasn't worth the fight.

    I believe them when they said they didn't intend to take Cryptome down. Looks like it was just NetSol being... proactive. So really the only thing they'd be at fault for was sending a DMCA, which is clearly within their rights. They probably have underlings scouring the web and sending DMCAs - so they were probably not delibrately targeted. When it had unintended consequences, they withdrew it.

    I don't think MS is at fault here. I actually think they acted quite exemplary.

  • by EXTomar ( 78739 ) on Thursday February 25, 2010 @05:13PM (#31277710)

    This stuff shouldn't be shocking to anyone: By law, they will reveal certain things about online services when requested. The problem should be that they don't want you to know what they are forced to give up which seems to be the wrong stance. These services should be function like a bank safety deposit box: Although private, it isn't legally sacrosanct and will be opened by third parties for inspection in certain circumstances.

    If nothing else, all of these online services to have a general policy about this as well. If I suddenly croak, who gets access to stuff I stored out there online? Putting the password and other access information in a vault somewhere isn't reliable or sane. I may even state it in my will that I want my immediate family to take ownership of all of my online information but I have no idea how to compel Microsoft or Google or whatever to release these accounts to someone else. This seems like one of those areas all service providers should be better at defining instead of hiding the detail from us in the legalese of the EULA.

  • Wait wait wait. (Score:5, Insightful)

    by twidarkling ( 1537077 ) on Thursday February 25, 2010 @05:14PM (#31277736)

    I think you're on the wrong site. I mean that was a well-reasoned, even-keeled reply in a Microsoft article. Are you sure you're supposed to be on slashdot?

    In any event, I agree. I don't approve of the DMCA as it currently exists, but it certainly wasn't being abused in this instance, and Microsoft withdrew it quickly after Cryptome was knocked off. *shrug* Story's pretty much over.

  • by RightSaidFred99 ( 874576 ) on Thursday February 25, 2010 @05:14PM (#31277738)

    If you didn't know there was a law enforcement back door in everything Microsoft does, well, here's your proof.

    Who didn't know that? Seriously who doesn't understand that the legal system has provisions to force _any_ company to release _any_ data they have about you?

  • by sopssa ( 1498795 ) * <> on Thursday February 25, 2010 @05:16PM (#31277768) Journal

    Still makes me wonder why the guy got both domain and hosting from the same place. There has been countless of cases with such issues before, either for the host locking domain too (like here) or giving trouble if you want to move hosting elsewhere but keep the domain. Network Solutions, like GoDaddy's, main business is domain registration anyway, not hosting.

    Get the domain from a reputable registrar and then hosting from reputable hosting company.

  • by thenextpresident ( 559469 ) on Thursday February 25, 2010 @05:20PM (#31277820) Homepage Journal

    As was posted in previous comments, I also don't think the document is really anything to cry home about. The truth is, reviewing the document left me a bit more comfortable. They clearly spelled out what they did and didn't track, and I actually found out that they track less than I thought they did.

  • Re:Wait wait wait. (Score:3, Insightful)

    by FlyingBishop ( 1293238 ) on Thursday February 25, 2010 @05:21PM (#31277826)

    It seems pretty clear to me that some lawyer at Microsoft screwed up. I do not think that this was a justified use of the DMCA. Just because Microsoft quickly withdrew it does not make the original action proper. The DMCA is for preventing the copying of things that a company offers for sale.

    This document, I would say, is more of a trade secret than a work you can seriously copyright.

  • by malloc ( 30902 ) on Thursday February 25, 2010 @05:21PM (#31277828)

    I don't think MS is at fault here.

    Perhaps not at fault (though when PR says "we didn't do anything" you never know if there was a nudge, nudge, "if you want our business I think you know what we want" message to NetSol). Regardless, NetSol sure is at fault!


    I actually think they acted quite exemplary.

    Whoah! You're saying that it is exemplary for a company to actively hide from users the steps it will go through to give personally identifying information about those users to law enforcement? This is only "exemplary" as an example of what not to do. One of John Young's points was that there isn't a legitimate reason to hide this information from users; many other companies do not hide this information, and neither should Microsoft.

  • by Anonymous Coward on Thursday February 25, 2010 @05:21PM (#31277838)

    Microsoft finally has the competition it needs in areas outside of their "core business PC" market to make them need to have a decent image.

    Specifically they want to be competitive in search, social networking, on-line gaming and other areas that kinda-sorta require the trust of their end users. If your end users don't trust you, and they have options, they'll just go somewhere else. This story was making it look like Microsoft had something to hide with this law enforcement guide (which it actually doesn't look like they did - it seems like a straight-forward "here's what you need to provide if the cops come with a court order" document) and it was making it look like Microsoft was incompetent (Streisand effect). Neither of which engender "trust" in the public.

    Microsoft is already fighting an uphill battle on the trust issue - years of being the biggest monopolistic bully on the block has a tendency to erode trust in your company and make people root for a David to knock you down a peg or three. People have been rooting against Microsoft for decades and while it seems like for a good long time MS just didn't care what other people thought about them, it's beginning to look like they're realizing that they NEED to care what people think of them. For real this time, and not just through a stupid marketing campaign.

  • by dch24 ( 904899 ) on Thursday February 25, 2010 @05:23PM (#31277858) Journal
    However, the domain was effectively disabled - recovery through transferring the domain name was disabled by the Legal Lock.

    It is not like John Young was in a dispute over the domain ownership. The Legal Lock was put in place incorrectly IMO.
  • by EvanED ( 569694 ) <[moc.liamg] [ta] [denave]> on Thursday February 25, 2010 @05:28PM (#31277928)

    If you didn't know there was a law enforcement back door in everything Microsoft does, well, here's your proof.

    Actually I would say that the documents indicate almost the opposite.

    They'll give you information that MS has on the servers, but not information that's just on your XBox. To wit: 'Be aware that users may also store e-mail content on their computer's hard drive. Microsoft will not be able to disclose e-mail content stored on a user's computer --- only e-mail content stored on Microsoft's e-mail servers.' In other words, there isn't a backdoor onto the actual XBox.

  • by anwyn ( 266338 ) on Thursday February 25, 2010 @05:33PM (#31278004)
    I do not know if the posting document would be covered by fair use or not. But copyright law does not protect facts or ideas, only the particular expression of ideas. It seems to me that a paraphrased version would be perfectly legal. This makes copyright law a poor vehicle to enforce secrecy.
  • by Whuffo ( 1043790 ) on Thursday February 25, 2010 @05:38PM (#31278090) Homepage Journal

    Microsoft got caught taking unwarranted action against a well known website. Now they're claiming that they never intended to do that and that the information in question isn't really protected.

    Anyone who believes that this means Microsoft has turned over a new leaf needs to go back to the school of hard knocks and learn about "spin", "doublespeak" and "marketing". If you think that they would back off like this if the general public DID NOT know what transpired then don your pointy hat and go sit in the corner. The history of Microsoft should be well known in these parts and years of bad behavior by that company should provide more than sufficient reason to doubt them now.

    The way it was done - by the domain registrar re-directing their domain name to NULL was not a mistake - it was because a MS "enforcer" decided to teach Cryptome a lesson and used Microsoft's influence with NetSol to make it happen. You don't think NetSol makes a regular practice of this kind of stuff, do you? What's really interesting this time is they got caught with dirty hands - and decided a "whoops, my bad" would make it OK. That wouldn't work if there weren't so many who are ready to argue for the bad guy just because it gives them a soap box to speak from.

    Sure, there's a few Microsoft shills who monitor this site and post / mod accordingly. Their behavior is bad but expected - but the rest of you... Really, read TFA and think about it for a few minutes before you hit that "reply" button. It's not only a good idea, it'll also make you a better Slashdotter.

  • by ircmaxell ( 1117387 ) on Thursday February 25, 2010 @05:39PM (#31278096) Homepage
    I think what was the important part is WHAT data do they have about you...
  • by TwineLogic ( 1679802 ) on Thursday February 25, 2010 @05:45PM (#31278210)
    You are incorrect.

    Ceasing to host the site is one thing, and, yes, they might argue that they were required to do so under DMCA. Locking the domain name registration is a different action that is not required by the DMCA.

    But thanks.
  • by billstewart ( 78916 ) on Thursday February 25, 2010 @05:49PM (#31278278) Journal

    MS only asserted copyright over one file, and didn't request taking down the whole site. Netsol-the-hoster overreacted.

    And as you say, Netsol-the-registrar way overstepped their boundaries.

  • by billstewart ( 78916 ) on Thursday February 25, 2010 @05:58PM (#31278416) Journal

    MS wants to suppress one file, JY refuses, MS sends DMCA letter to Netsol requesting taking down the one file. That's mildly newsworthy because it's cryptome and MS, but that's not the big event. Netsol took down the whole site, not just the one file, which is especially newsworthy because of the importance of cryptome and because it exceeds their requirements, and then Netsol the Registrar locked the domain name, which isn't at all required, and is newsworthy because they're locking domain names for non-domain-related reasons.

    And MS is saying "sorry" not only because JY asserted his rights to dispute the DMCA takedown and thousands of people yelled at MS, but because MS is getting blamed for Netsol's overkill overreaction.

  • by toastar ( 573882 ) on Thursday February 25, 2010 @06:21PM (#31278788)

    Why did it take a constitutional amendment to ban one substance, but not to ban the new substance?

  • by fyrewulff ( 702920 ) on Thursday February 25, 2010 @06:22PM (#31278802)

    What the deal is... is that they probably view this as a 'trade secret'. You know how companies are. Actual sales numbers are trade secrets. How many packages they can fit in a truck is a 'trade secret'.

    So when internal processes were shown, they reflexively DMCA'd it because it was an internal document.

    When the provider stepped over their bounds, MS correctly officially backed off and told the ISP and everyone to restore everything. Because it prevents them getting Streisand'd over what ultimately amounts to a guidelines document. Really not worth persuing trying to keep it off the internet.

    It'd be kind of like how I walk down the aisles of the local Wal Marts in the middle of the night (all of Omaha's are open 24 hours) and they have the shelving papers taped to the aisles whenever they change them around. They all have DO NOT PUBLISH in big letters on the top.. even though any other store owner could come by and take a cameraphone picture of it, and technically they could DMCA you if you took a scan and uploaded it... really not worth chasing something that minor, because you can figure out their shelving by just looking at it anyway. You could do the same with MS's privacy policies - just research news stories and see what they've given up over time, and you'll figure out what they do and don't keep.

  • by Anonymous Coward on Thursday February 25, 2010 @06:29PM (#31278876)

    Microsoft sends DMCA takedown to server provider, server provider must take on the liability or take down the whole server

    The confusion here is that Network Solutions was providing two services. As a web hosting company (until yesterday didn't even know they are in that business), yes, they have to take down the server to avoid liability. But as a DNS registrar, they didn't have to do anything. If a web site infringes a copyright, the DNS registrar doesn't need to do anything to stay out of the line of fire. They're never in the line of fire. They can blow off DMCA notices. Now if they're a hosting company too, then ok. Killing cryptome's website is fine. The problem is with the 'legal lock' (WTF is that?!) on the name. That never should have happened and Network Solutions has some explaining to do.

    The very name "legal lock" sounds suspicious, like "PATRIOT Act." It smells like an attempt to legitimize a major fuckup, by handwaving to try to make people think they somehow did the responsible thing or had their hands tied.

  • by MrTripps ( 1306469 ) on Thursday February 25, 2010 @06:36PM (#31278982)
    The document had already gotten out into the wild. That it was restricted only made it more popular and there were plenty of places to get it besides Cryptome. All MS was doing was generating more bad publicity for itself.
  • by urulokion ( 597607 ) on Thursday February 25, 2010 @06:47PM (#31279108)

    DMCA takedown provisions don't say take down the entire site. The DCMA ways to deny access to the contested content. In this case it was ONE file on a very large web site.

    They way a take down is supposed to work is this.
    1) Copyright holder sends DCMA take down notice to the hosting company.
    2) Hosting company to get a legal safe habor must deny access to the material specified in the take down notice.
    3) The party that posted the material can file a counter-notice to the service provider.
    4) The server provider then must restore access to the contested material within a period of 10-14 business days.
    5) During that 10-14 period allowed the copyright to go to a court and request a Temporary Restraining Order to keep the contented material offline. And then file a lawsuit against the party which posted the material online.

    The idea is allow the material to removed quickly from the Internet by the copyright holders to theoretically reduced the damage. And the take down period for the copyright holder to get the restaining order to keep the material offline. And the counter-notice is to notify the hosting provide to say "I'm in the right, put that material back up." And the hosting provider is off the hook from any copyright liability.

  • Re:Openness (Score:4, Insightful)

    by Fluffeh ( 1273756 ) on Thursday February 25, 2010 @06:49PM (#31279134) [] is back up and has dozens of different companies similar documents from the likes of yahoo, facebook, paypal, myspace, aol, skype, et al.

    Since coming back online he has made all of those available at the top of his website because of the interest generated from his temporary censorship.

    Hello, Ms Streisand, is that you? I have Mike Masnick on the phone. He says it's important.

    If you don't get it click here [] and join those that do.

  • Re:Openness (Score:5, Insightful)

    by TubeSteak ( 669689 ) on Thursday February 25, 2010 @08:26PM (#31280008) Journal

    While in contrast, in my understating, for example Google keeps even deleted email somewhere in their networked file system for many many months.

    All MS said is that law enforcement can't have e-mail that isn't active in your account.
    That isn't the same thing as "we delete everything".
    I'm not sure any large e-mail provider can promise that your deleted e-mails are instantly deleted from all backups/mirrors.

  • by laughingcoyote ( 762272 ) <barghesthowl@e x c> on Thursday February 25, 2010 @08:56PM (#31280240) Journal

    Permission is not required in the instance of fair use. In this case, he was distributing something that was technically copyrighted, but is not in itself a commercial product, and was clearly distributed for the purpose of commentary, criticism, and public interest. Fair use is ultimately only determined by a court case, but those are all strong factors in favor of it.

  • by jim_v2000 ( 818799 ) on Thursday February 25, 2010 @10:46PM (#31280910)
    Way to completely mischaracterize the situation. This has nothing to do with Microsoft and everything to do with the DMCA and shitty web hosts. The same thing happened my website over a copyright dispute with another individual. GoDaddy suspended my domain instead of just blocking the content. Trying to pin this on Microsoft is pathetic.
  • Re:Openness (Score:5, Insightful)

    by wealthychef ( 584778 ) on Thursday February 25, 2010 @11:31PM (#31281188)

    Thankfully for us most corporations and governments don't realize this. If MS had done nothing the majority of people would have never read this because most people don't visit cryptome or other whistleblowing websites on a regular basis.

    I'm not sure it's that they don't realize it. I think it's more complicated than that. First of all, corporations and governments don't "realize" anything, as they are not alive. Anthropomorphizing them leads to errors in analyzing and responding to their actions. "Punishing" them or getting angry at them is a mistake, as they have no feelings.
    What is probably happening is that individuals within the corporation responsible for hunting down violations of copyright are not particularly tuned in to the idea of freedom of information for some reason. The only counter-valence to this would be if there were other individuals reviewing their actions who ARE sensitive to that issue or at least the politics of that issue.
    This reminds me of the interplay between risk managers and floor traders in large banks, or engineers and managers in large companies, or lots of other examples.

  • by wealthychef ( 584778 ) on Thursday February 25, 2010 @11:41PM (#31281238)

    Just because you feel it's inappropriate for a company to "hide" information, doesn't make it right to break copyright laws.

    Actually it kind of does. Copyright laws are there to prevent companies from losing profit to competitors and have their ideas stolen, to provide an incentive for the marketplace of ideas to work. It is NOT there to protect corporate secrecy.

  • by steelfood ( 895457 ) on Thursday February 25, 2010 @11:49PM (#31281288)

    it'll also make you a better Slashdotter.

    What exactly is that supposed to mean?

    I'm not interested in being a "slashdotter," I'm fine as me, thank you very much. I don't follow a creed but my own. I don't march to anybody's drumming but mine. And despite my presence here, I certainly don't associate myself with a non-existent entity in order to feel accepted.

    And I have read the relevant texts and made a judgment call that Microsoft is most likely not at fault. Even if say, somebody within MS had put pressure on NetSol to lock the domain, the fact that 1) NetSol complied even if they weren't legally obligated to do so and 2) Microsoft is apologizing for it puts the blame for this fiasco squarely on NetSol, and the burden of proof of innocence on their shoulders.

    Not everything is black and white. Microsoft is not always evil, and Google's actions aren't always not evil. Apple is not always the underdog, and a POSIX-compliant operating system isn't always the best solution. It would do you well to recognize this lest you fall into the very same trap of blind devotion that you're so vehement about.

  • by Schraegstrichpunkt ( 931443 ) on Thursday February 25, 2010 @11:51PM (#31281300) Homepage
    Spoken like someone who truly doesn't get "due process".
  • by Cecil ( 37810 ) on Friday February 26, 2010 @03:23AM (#31282326) Homepage

    A policeman is a duly appointed officer of the law, acting on behalf of the state. The policeman is an integral part of the legal system, and an integral part of the "process" that is "due".

    Network Solutions, last I checked, was not an officer of the law and should not be abusing its position in order to act as one.

1 1 was a race-horse, 2 2 was 1 2. When 1 1 1 1 race, 2 2 1 1 2.