Microsoft Takes Down No-IP.com Domains 495
An anonymous reader writes For some reason that escapes me, a Judge has granted Microsoft permission to hijack NoIP's DNS. This is necessary according to Microsoft to thwart a "global cybercrime epidemic" being perpetrated by infected machines running Microsoft software.
No-IP is a provider of dynamic DNS services (among other things). Many legitimate users were affected by the takedown: "This morning, Microsoft served a federal court order and seized 22 of our most commonly used domains because they claimed that some of the subdomains have been abused by creators of malware. We were very surprised by this. We have a long history of proactively working with other companies when cases of alleged malicious activity have been reported to us. Unfortunately, Microsoft never contacted us or asked us to block any subdomains, even though we have an open line of communication with Microsoft corporate executives. ... We have been in contact with Microsoft today. They claim that their intent is to only filter out the known bad hostnames in each seized domain, while continuing to allow the good hostnames to resolve. However, this is not happening."
Sue them for all they're worth (Score:5, Interesting)
This is their business the court decided to hand over to Microsoft. Lawsuits should be flying in all directions.
Re: (Score:3, Informative)
Lawsuits should be flying in all directions.
Are you suggesting they sue the court? Good luck with that. ISTM the fundamental problem is that the US courts have become the corporations bitches. Who are you going to sue and where are you going to sue them?
The book Econned [ineteconomics.org] explains how people with a far right economic agenda have been stacking the US courts for years. The result is what you see, basically a feudal systems where corporations are treated like lords and everyone else is a serf.
Re: (Score:3)
Re:Sue them for all they're worth (Score:4, Insightful)
Microsoft has way more money than whichever company that owns No-ip does. They can't sue and win. Microsoft wouldn't even need to bribe the judge, they can just use scorched earth tactics and let the lawyers suck more and more money until No-ip is dry.
Also, apparently No-ip didn't appear when summoned. Apparently, that's kinda of a big no-no. Maybe next time they will buy their domains somewhere with proper laws.
Re: (Score:2)
Since I'm replying to an AC post I don't feel a need to include citations, but there's been at least one case where the domains in question were purchased through registrars and registered to owners both outside the United States but because the domains themselves were .com domains and Verizon is the ultimate authority for .com domains, the U.S. simply ordered Verizon to update the global master registry to reflect the seizure and there was nothing to be done about it.
They'd have to use a non-U.S. TLD as we
Re: (Score:3)
That's Verisign, not Verizon.
Though not all the domains in question were .com and .net. For example, no-ip.biz appears to be out and that TLD is run by Neustar, though they're also a US corp.
Re:Sue them for all they're worth (Score:5, Interesting)
Also, apparently No-ip didn't appear when summoned. Apparently, that's kinda of a big no-no. Maybe next time they will buy their domains somewhere with proper laws.
IANAL. All of this is from following legal procedures.
Not showing up is a big no-no. A judge can, usually, assume that the party not showing up has nothing to say in the matter, and just accept the petition as is. This is, however, not what happened here. From the first link:
On June 19, Microsoft filed for an ex parte temporary restraining order (TRO) from the U.S. District Court for Nevada against No-IP.
Emphasis mine.
An Ex-Parte petition is filed without the other side being given a chance to answer. This is outrageous act by Microsoft. You ask for an ex-part hearing when there is danger that the other side, if given prior warning of your requested subpoena, will destroy evidence. Since Microsoft is claiming that no-ip are unknowingly hosting malware, this simply wrong.
Before you go to blame the judge, however, please bear in mind that he can only rule based on the petitions before him. Presumably, a two-party hearing will be held soon, and then things can, and should, go differently. Also, the judge should have ordered Microsoft to place some money in escrow, which no-ip will automatically get in case the temporary restraining order is found to be unjustified.
What I'm saying is that we don't have enough information so far to conclude that the judge did anything wrong, but the first link, written by Microsoft, clearly shows MS to be douche bags in this case.
Shachar
Re:Sue them for all they're worth (Score:4, Insightful)
Sorry, I do blame the judge. He caused major harm and he should have known he would. I also blame the US justice system, because obvious, easily avoidable injustice is a perfectly acceptable outcome in it as long as just all the is were dotted. We all know that making sure things are done by the rules is the real purpose of the courts!
Honestly, stop making up excuses for your legal system, no it is not acceptable for it to not only allow but actively encourage injustice like yours does, all the time!
How on earth did you get that result? (Score:5, Insightful)
I don't know where you went to school, but you should ask for a refund. Or read up on basic percentage calculations.
Microsoft claims that 93% of the malware traffic is traced to No-IP. But that says nothing about the total amount of traffic for No-IP, nor does it say anything about the total volume of legitimate domains. Malware traffic could be as little as 1% on No-IP's infrastructure while still accounting for 93% of malware DDNS traffic.
It is completely wrong to state that 93% of No-IP domains are hosting malware. A large number of legitimate customers are being affected by this, and Microsoft is not resolving their DDNS domains correctly (as promised). The actual percentage of legitimate vs malicious domains is unknown, as is the distribution of legit/malicious traffic.
Also, Microsofts claims are disputed by No-IP, so we should not take them at face value. No real evidence of malice has been proven (yet), which makes it extremely questionable that this was conducted ex parte.
Finally, the fact that No-IP was a favorite for malware is not (or should not be) in itself sufficient to take control of the domains like this. I sincerely hope Microsoft can prove No-IP did not respond properly to requests. Or that they can document that an extremely large portion of total traffic on No-IP was malware (which we know nothing about at this point).
Simply quoting the 93% number is a pile of BS. I can't stand by itself. I can say with certainty that at least 93% of the Nigerian scam mail I have received the last year has used a hotmail.com or outlook.com account. But surely this does not prove that Microsoft is willingly aiding Nigerian scammers and that their domains should be seized?
Re:Sue them for all they're worth (Score:4, Insightful)
The problem is that we substitute "due process" for justice and define due process as whatever the rules of the court says that it is. Are court rules even legislated?
Ex parte petitions should only be used in the most extreme of circumstances and there should be a high burden of proof before a court grants them.
Also, even default judgments should work far differently. The court should examine the evidence itself to determine that there is a reasonable chance of prevailing. I'm not saying that the threshold has to be the same as for a summary judgment, but there should still be an examination of the evidence and arguments, and the judge should be skeptical of any evidence submitted. Ideally the court should just appoint an attorney for the side that didn't show up.
Also, in a country as large as the US we really need to get rid of this system that assumes that both parties will appear in person for everything. It is already a burden to show up to a local court. If you're summoned to a court on the other side of the country that is a huge expense, especially since it might just be for an hour long hearing. There is no reason that hearings couldn't be conducted via phone in many cases. Another option would be to have telepresence rooms at all courthouses so that you'd only have to show up at a local court. Heck, you could probably fit 5x as many courtrooms in a courthouse if instead of a big room you just had a bunch of individual boxes with a desk, a few chairs, and a screen/camera and the court linked the appropriate boxes together to create a courtroom, even if everybody was at the same facility. Also, for popular cases you could have as many people in the "gallery" as you have bandwidth to serve.
Re: (Score:3, Insightful)
Ex parte petitions should only be used in the most extreme of circumstances and there should be a high burden of proof before a court grants them.
Again, IANAL.
Still, how can you have a high burden of proof? In an adverserial system, the only things you can prove need two opposing parties to present their case. As such, an ex-parte request does not contain proof at all (how can it?)
Instead, it contains claims backed by sworn testimony. The judge examines these claims in the light most favorable to the non-present party, but otherwise within the context of the claims presented by the moving party.
In other words, you cannot second guess the judge's deci
Re:Sue them for all they're worth (Score:4)
Re:Sue them for all they're worth (Score:5, Insightful)
Hard to imagine how the money in escrow will undo the massive damage to no-ip's business. Everyone using the service is right this minute switching to alternatives, changing their DNS settings and updating their routers.
Re: (Score:3)
If NoIP doesn't drain Microsoft's reserves significantly for doing this, then they'll just do it again. It's important to speak to somebody in their native language whenever possible.
Re:Sue them for all they're worth (Score:5, Insightful)
Re: (Score:3)
And:
[Emphasis Mine]
So, Microsoft is alleging that No-IP is assisting (presumably knowingly) in the distribution of malware and that 93% of No-IP's domains are vehicles for malware distribution. Is this true?
I'm guessing that MS intentionally used vague wording for this, with the intent of misleading the judge, but without definitely being at fault for doing it. "No-IP domains are used 93 percent of the time" could mean either "93 percent of all No-IP domains are used for these infections," or it could mean "Out of all the domains used for these infections, 93% of them are No-IP domains." I'm willing to bet that the second is true, but the first is what MS wanted the judge to read into it, and of course, the 9
Re: (Score:3)
Its not the judges problem to collect any evidence but to judge based on written laws. NO-IP was a no show that's evidence enough for me and its law they can be ruled against. Honest people show up in court dishonest don't.
They were not told of the hearing. How could they possibly show?
Shachar
Re: (Score:3)
Microsoft has way more money than whichever company that owns No-ip does. They can't sue and win.
That sentence, combined with the lack of sarcasm or indignation in its presentation, would paint a pretty dystopic picture of any kind of fictional society a paranoid author would want to write about.
I wish this society remained fictional, and I wish I didn't have to live on the same planet.
Re: (Score:3)
On June 19, Microsoft filed for an ex parte temporary restraining order...
ex parte [wikipedia.org]: "a legal proceeding brought by one person in the absence of and without representation or notification of other parties."
Translation: Microsoft *never notified* No-IP. There was no summons. There was no notification. There was no chance to file for a stay of judgement or make an appeal.
Comment removed (Score:5, Informative)
Re:Sue them for all they're worth (Score:5, Insightful)
Not showing up should not result in a suspension of justice and free reign to dispense outrageous judgements.
Uhh, that's exactly what happens. It's called a default judgment. What exactly do you think the court should do if a party fails to appear in a civil case?
The court should consider the validity of the arguments against them and the facts of the case.
The problem with the US court system is that it is basically like a game show. There are a set of rules and two competitors, and the judge is the referee. If you have a game of jeopardy and only one contestant shows up, they should naturally win. The problem is that this is rarely a just outcome.
Add to this the fact that courts rarely allow parties to participate remotely. If you're summoned to court you have to show up in person. If you aren't paid to be there, then you probably aren't being paid that day. If the court is on the other side of the country you get to choose between a default judgment, hiring a lawyer to represent you there, or airfare and hotel for a one day appearance.
Courts really need to be about determining the facts and applying the law, not letting the parties slug it out and declare a winner. If only one party shows up, then the judge can question the other party to determine the facts and apply the law.
Re: (Score:3)
If only one party shows up, then the judge can question the other party to determine the facts and apply the law.
Not in the United States they can't. Judges are Constitutionally barred from introducing evidence in their own court, they are only allowed to decide cases based on the evidence presented to them. They cannot investigate matters on their own. You could argue that's nonsensical and contrary to finding the truth, but that prohibition was based on the reasonable assumption that judges cannot consistently remain impartial when they are basically finding their own facts. There are other court systems in othe
Re: (Score:2)
Me thinks your world-view is distorted by the political fog you've immersed your brain in.
Beyond that, this isn't remotely a case of eminent domain. That case sets no precedent for this, or is even useful as a reference. I see you have been accurately moderated.
Re: (Score:3)
Uh no, because Microsoft's security team don't give a shit about copyright infringement. That's another division's problem. I don't think you understand how big companies actually work. Hint: very dysfunctionally.
Of course, you'd never believe that, because your vision is too clouded by your blind hatred of Microsoft.
Good judge (Score:5, Insightful)
The best money could buy.
only an excerpt (Score:2, Interesting)
Re: (Score:2)
I would hope that my ISP's alerts me to legal action. If you have ISP's just complying with every legal request as some already do with DMCA, you can forget about ever getting to anything.
There is just one domain that needs to be shutdown (Score:2, Insightful)
Re: (Score:2)
I really can't see why this wouldn't be possible using the exact same logic that MS uses.
Hotmail? (Score:5, Interesting)
So after decades of the community putting Microsoft on notice that HotMail is abused by spammers, can I sieze the domain name?
Re: Hotmail? (Score:2)
As long as you try to keep it running from your basement as you sort out the bad accounts, sure.
Re: (Score:2)
Why? Microsoft doesn't seem to think it necessary to resolve the subdomains that are not included in the list of bad subdomains.
Re: (Score:3)
Well, those I use still work well...
net neutrality (Score:2)
Bad software justifies bad actions... (Score:5, Insightful)
.
Now it appears that Microsoft is using their reputation for producing security-challenged software to badger companies for PR purposes. The headlines will all read, ~Microsoft takes down a company that is a security threat~. And Microsoft will look good in the headline.
But what has Microsoft really accomplished? Will Microsoft's reputation for software with abysmal security be changed? Or will a small company be crushed because a huge company is trying to look good?
Re: (Score:3, Insightful)
Because all other vendors produce flawless secure software? Dream on..
Legal Precedent? (Score:5, Interesting)
Re: (Score:2)
as the kids, today, say, "its because of - well - reasons. that's why!"
you won't get any more explanation than that.
Re:Legal Precedent? (Score:5, Informative)
property used to engage in criminal activity is subject to seizure and/or forfeiture. Domains have been seized in the past due to criminal activity but this has usually accompanied a criminal complaint by a law enforcement agency.
In this case, despite what the article may imply, Microsoft hasn't seized ownership of the domains. Rather, they used an ex parte temporary restraining order to seize control of the domains so that they may neutralize the source of the maliciousness. The ex-parte aspect is why no-ip wasn't notified. Microsoft managed to convince a judge to grant the order without informing the other party (most likely to prevent no-ip from notifying the malicious users). This will be followed up by a formal hearing, and full control of the domains will be restored to no-ip eventually.
If Microsoft abuses this, judges won't be so inclined to grant such requests in the future.
Re: (Score:2, Interesting)
No, they seized control of the entire business -- the top-level domains, the second-level domains engaging in criminal activity, and all of the second-level domains who were not engaging in criminal activity. The right way to do this is to get a court order to seize the infringing addresses and leave the millions of customers who did nothing wrong alone. This is like the FBI seizing an entire rack or datacenter from AWS because someone served child pornography from a t1.micro instance, and then letting the
Re: (Score:3)
Second level domains are controlled through top level domains. Do you know nothing about DNS?
Re:Legal Precedent? (Score:5, Informative)
property used to engage in criminal activity is subject to seizure and/or forfeiture. Domains have been seized in the past due to criminal activity but this has usually accompanied a criminal complaint by a law enforcement agency.
In this case, despite what the article may imply, Microsoft hasn't seized ownership of the domains. Rather, they used an ex parte temporary restraining order to seize control of the domains so that they may neutralize the source of the maliciousness. The ex-parte aspect is why no-ip wasn't notified. Microsoft managed to convince a judge to grant the order without informing the other party (most likely to prevent no-ip from notifying the malicious users). This will be followed up by a formal hearing, and full control of the domains will be restored to no-ip eventually.
If Microsoft abuses this, judges won't be so inclined to grant such requests in the future.
Most people I know that use no-ip are people setting up their own minecraft servers its not a hotbed of criminal activivty like MS claims. I use it for my ssh server/freeciv/cloud storage/retroshare and it has been inaccessibly today thanks to microsofts fuckery. claiming that they are a tool of criminal activity is like saying that the internet is a tool of criminal acivity because criminals use it, which is to say anything may be taken away and given to another with this same logic.
I wonder seeings as Microsoft has fucked with my servers traffic today thanks to this could I go after in court them for maliciously hijacking my sub domain and traffic and have their DNS entries redirect to me with no warning to microsoft.
Re:Legal Precedent? (Score:5, Informative)
I'm one of those Minecraft servers. Goddammit I ony found out why this was happening thanks to slashdot.
I know my own IP, but none of my users do.
Re: (Score:3)
I'm sure that you're absolutely correct about that. The vast majority of no-ip's customers are using the service legitimately, I'm certain of this. However, no-ip has certain legal responsibilities as a service provider and if they don't meet them their legitimate customers may end up getting caught in the crossfire.
For the record, I'm not taking a side as I have no idea what evidence Microsoft presented to get the ruling. I'm just pointing out the legal basis for what occurred.
Re:Legal Precedent? (Score:5, Insightful)
However, no-ip has certain legal responsibilities as a service provider and if they don't meet them their legitimate customers may end up getting caught in the crossfire.
What would those be? They're a DNS provider. Somebody tells them that domain A is IP B, and then somebody asks them what the IP for A is, and they say B.
They don't carry traffic. No attack would come from their servers.
I could see a court ordering them to lock an account or remove a domain being used to coordinate malicious activity, and then they'd have a duty to comply. However, that isn't what happened here.
Security cameras (Score:5, Insightful)
Re: (Score:3)
For all I know there might be gnomes partying around the premises right now.
On the scale of one to ten, how hot are your average gnomes that party at your vacation house?
Re:Legal Precedent? (Score:5, Funny)
I looked up this "minecraft" of which you speak, and it seems to be some crudely archaic simulation where you wander round indiscriminately smashing rocks together and killing animals - basically a terrorism simulator. I fail to see why anyone would support the use of this software.
Lots of terrorism-simulator apologists say it's something called an Indy game, but it bears absolutely no comparison with any of the Harrison Ford films (and in any case, an Indy game would require royalty payments to LucasArts which we can find no record of). It doesn't have a proper company behind it like EA or Zynga but only a nebulous cloud of anonymous people known as "notch".
Not only that, it seems that the hacker group "notch" had their paypal account suspended several years ago due to money laundering and other suspicious activities.
Frankly anyone who uses this simulator or supports the filth behind it deserves everything they get.
Richard Domingues
Re: (Score:3)
I'm sorry, I couldn't understand you over the WOOOSSSSHHHHH.
Re: (Score:3)
Still wildly inappropriate for M$ to be doing this. You could argue that the FBI could do this and even contract to M$ to do it under FBI supervision but no way should M$ have been given carte blache vigilante powers.
It should have all been laid out. What access was allowed. What end user data was gathered. What is to be do with end user infected systems. What record will be required to be kept of all activities conducted. What recompense the innocent affected parties. How will evidence be preserved and
Re: (Score:2)
I'd be incredibly surprised if the ruling was carte blanche as you describe. All that we have to go on is one press release and a news report, not the text of the ruling itself, so it's a bit premature to rush to judgement. Many of the stipulations that you suggest were most likely conditions imposed on Microsoft as a part of the ex parte TRO. Even if they weren't required to document some things they would be very wise to do so as it is sure to be brought up at the hearing. In any case, I find it unlikely
Re: (Score:2)
If Microsoft abuses this, judges won't be so inclined to grant such requests in the future.
What I'm looking for is a procedure where the public can alert the judge, that Microsoft has indeed abused this by causing serious damage to the public: in terms of disruption of internet infrastructure used by millions of Dynamic DNS users.
Re: (Score:2)
This comes under the general category of "absurdly overbroad".
It's like pitching an entire city of of their houses because you suspect that there's criminal activity going on somewhere in that city.
Re: (Score:3)
Ie standard US policy
Re: (Score:2)
This is also hardly a case of a municipality taking property by right of eminent domain and giving it to another private party for economic development.
That ruling has sets absolutely no precedent that applies to this case.
No customer notification (Score:5, Interesting)
While I fully blame Microsoft for creating this mess, I'm somewhat dismayed that as a customer I'm finding out that my service is down from a news outlet rather than from noip themselves! I've been using their sub domain wildcard service for 7-8 years now and have just now found out that it's down. I'm none too happy about being thrown out with the bathwater!
Re: (Score:2)
Even if you were using one or some of the affected domains still this is the type of service where most customers just won't notice any problem, even if they would be technically counted in the millions from TFA.
Such notification has less operational importance and more PR/image. They might send one eventually, once dust settles.
PLUS ... they might be having issues with the emails as well! They say now for me:
Alert: Email communications to your email address on file recently bounced. Please update your emai
Re: (Score:3, Insightful)
Just wondering... Considering that their main domain was hijacked. How would you expect them to send email?
Affected me (Score:4, Informative)
I don't serve anything important... but I usually post images through my local server and upload to imgur "through the web" - it took several retries when I tried to do this a short while ago, and now I know why.
Thanks, Microsoft.... you can't just take over no-ip and then run it through crap servers that can't handle the loads.
How about a home brew dynamic DNS system? (Score:3)
I've looked a bit but never really found a package to do this, although it's been a few years. I've got a BSD box, a static IP and some domain names. How would I set it up so that other hosts could use this in a dynamic way to set forward DNS records if they were on an ISP's ever changing DHCP addresses?
In other words, how can I roll my own no-ip.com system without being a Vixie level hacker?
Re:How about a home brew dynamic DNS system? (Score:5, Interesting)
I have a $10/mo VPS at a major datacenter with static IPv4 & IPv6 addresses that hosts the primary DNS server for my vanity domain. My house has plain old boring dynamic address DSL with filtered port 25, etc... I have a Raspberry Pi running light network services on the house net. It runs a cron job that runs pubkey ssh into a no-shell account on the VPS. When that happens, a script rips $SSH_CLIENT and does a quick compare to see if it changed. If it has, another cron job on the VPS fixes up a record in my vanity domain with a 60 second TTL.
OpenVPN gets me around the port 25 filter...
Why am I explaining this to a low four digit?
Re: (Score:2)
Because us lower 4 digits don't like to re-invent the wheel:)
Nice setup though, I'll keep those tips in mind if I need to roll my own. I'm looking for a client and server package that can be installed quickly on a client computer/router. A client end that could run on OpenWRT would be really sweet.
Re: (Score:2)
If you already have a server with a static IP, it's pretty easy to configure bind to accept dynamic updates. See for example Set up your own Dynamic DNS [bahut.alma.ch].
I set it up like that, and have short scripts on my Linux and Mac notebooks to do the updates when the network comes up. On Linux, it's a short script in /etc/network/if-up.d/. On Mac, it's a script called by a LaunchDeaemon (a .plist file in /Library/LaunchDaemons).
Re: (Score:3)
You should not be using port 25 unless you are hosting a mail transmission agent. If you are submitting email from a user agent, you should be using port 587.
Port 25 has been deprecated by the IETF for over a decade and is reserved for transmission, not submission.
Re: (Score:2)
powerdns [powerdns.com] + powerdyn [github.com]
Re: (Score:2)
GnuDIP [sourceforge.net] (and BIND) is okay too.
Re: (Score:2)
Okay, this seems like what I'm looking for, runs with named and has a Windows client. Much thanks!
Re: (Score:2)
MyDNS [mydns-ng.com] plus a custom-built sign-up form?
New definition (Score:2)
We should change the definition of Legal to "Backed by much money".
Well, fuck you very much (Score:5, Interesting)
So *that's* why my DDNS suddenly went dark today, with no apparent explanation.
Port 80 forwarding to the right LAN IP. Server daemons are running. I can access all the services directly by WAN IP (not very useful). Updater client running just fine. No firewall configs in the way. No-IP reports the correct IP. No news posting on No-IP's website about any sort of outage or technical issues.
Well, I was lost -- that was everything. ... and that was all because of this horseshit? Guess what... I'm not even *in* the US, so now the US courts think they have jurisdiction over countries? (OK, that's not new)
Fuck all involved. Hope they get their asses sued to hell. And this judge canned for such a dumbass decision.
Re: (Score:3)
Me too, in the UK. Figured it was a random glitch until I read this.
I use no-ip to provide an address back to a home server running ZoneMinder for a couple of security cameras. So as it stands I can't access my security system. Great. I went to no-ip because my ISP doesn't offer fixed IP addresses and for no good reason changes my IP address every few days. I also have it on a self-signed SSL cert, and if I access it via IP I have to add another exception to the browser every time it changes.
If it wasn't fo
Overdue (Score:4, Insightful)
Bullshit.
April 2013: http://labs.opendns.com/2013/0... [opendns.com]
Sept 2013: No-IP is a preferred choice for other similar attacks for command and control infrastructure: http://threatpost.com/njw0rm-a... [threatpost.com]
Feb 2014: Even Cisco said their domains were being abusive and they posted to complain that Cisco didn't contact them. http://www.noip.com/blog/2014/... [noip.com]
Looks to me like they should have contacted Microsoft and asked them for help. I guess they waited too long.
Re: (Score:3)
When you install Malware on my machine, you have two choices, you can give it an IP to contact, or you can give it a DNS name.
If you give it a static IP address, it's easy for the good guys to contact your provider and squash you.
If you give it a DNS address on a provider that doesn't do fuck all about malware hosts using it, then you can survive the whack-a-mole game for a long time.
Wait a second... (Score:5, Insightful)
So, Microsoft's argument was that they needed to hijack thousands of computers, secretly redirect them and put people in financial strain... so that someone else couldn't hijack thousands of computers, secretly redirect them and put people in financial strain?
Great plan, fuckwits!
Re: (Score:2)
Take them to court over Windows (Score:2, Interesting)
If it wasn't for the all the holes in WIndows then there's would't be as many people trying to distribute malware. MS themselves are the first in line as the root cause.
Self appointed judge (Score:3)
Malice? more like incompetence... (Score:5, Informative)
A quick skim of the motion for the court order gave me the "boilerplate" and "cut & paste" feeling. There is a lot of sloppy line blurring between actions and complaints directed at the Malware authors and the no-ip folks. Sometimes they refer to the "Malware Defendants" and other times the generic "Defendants" when they meant the former. Really sloppy legal work.
There are some real gems in there:
From section 7:
"There is good cause to believe that immediate and irreparable damage to this Court’s ability to grant effective final relief will result from the sale, transfer, or other disposition or concealment by Defendants of the Internet domains at issue"
Say what? How is that related anything? Its not like the TRO will actually prevent people from being able to hit 'delete' via the control panel. Given that everything's busted by their own doing, the bad guys got a huge head start.
From section 8: ..." ...
"... and the interest of justice require that this Order be Granted without prior notice to Defendants
Wow
The full motion text: http://www.noticeoflawsuit.com... [noticeoflawsuit.com]
It seems to me that regardless of what good intentions that Microsoft may have had, they've really fouled up the execution. They'll be remembered more for taking out millions of legitimate users than the malware they *might* be able to take down.
Re: (Score:2)
Re:Malice? more like incompetence... (Score:5, Interesting)
I also suspect they've managed to botch the technical aspect of it as well.
Presumably the plan was to put their caching name servers in front of the real no-ip servers, and gather the mappings for the malware suspect sites and then blackhole them after getting what they want. The problem was that Microsoft's side appears to have melted down, thus taking everything down. They won't be getting logs, behavior analysis or anything, because its all a pile of wreckage in a crater. Meanwhile, all the "bad guys(TM)" have now had hours head start to delete their C&C node registrations while microsoft's servers are down. And now they've ticked off the no-ip folks, so I wouldn't expect them to be in a cooperative mood to try and help.
Bone headed all round. There's no other way to put it.
Re: (Score:2)
Re: (Score:3)
The motion is here: http://www.noticeoflawsuit.com... [noticeoflawsuit.com]
Taking over government functions (Score:5, Interesting)
No-IP Address? (Score:2)
So when Microsoft hijacked the DNS, the IP addresses of No-IP services should still be running, no?
Does anyone have a list of their (old) IPs?
Thanks a bunch, Microsoft (Score:3, Insightful)
Did not hear anything from No-ip though ; when I logged in yesterday to find out what was wrong, and why my domain was not resolving, there was no information whatsoever.
Microsoft's new business plan (Score:3, Insightful)
Lawsuits will fly (Score:5, Interesting)
IAAL (but this isn't legal advice). I noticed that it was an ex parte hearing, which is why this whole mess occurred. They're useful for preventing domestic violence, but ripe for abuse in all contexts. NO-IP should be moving for an emergency hearing and the whole issue should be resolved within hours. Beyond that, NO-IP should follow-up with a suit for damages (I suspect MS will pull the we-got-a-court-order card and NO-IP gets to respond back with you lied to the court. It all goes nowhere and they settle).
The more interesting aspect is the disrupted users. While MS moved against NO-IP ex parte, they apparently made assertions that they would keep the service functioning properly. They've failed there and suits are now possible for those failures. More interestingly, however, is whether MS was recording, manipulating, or in any other way playing with the traffic. If so, there are some excellent wiretap statutes waiting to be had.
I, sadly, didn't have an NO-IP account, but if I did, I'd be heading to the court house this afternoon. This is what happens when you skip due process, let a to-big-to-fail corporation do whatever it wants to private corporations through the guise of the courts. Corruption at it's finest. MS should be bludgeoned thoroughly enough to at least think twice before attempting it again.
Re:WTF (Score:5, Insightful)
Does not seem legal.
It's legal if the law says it is. And when the lawmakers are in bed with Big Business, like they are in the US, anything goes.
Re: (Score:3, Interesting)
And this is why we need Namecoin and other decentralized DNS solutions to take such matters out of the hands of the lawmakers.
http://namecoin.info/
Re: (Score:3)
but thats the truth... if the laws says it is legal, sadly it is legal. the only way we can change that is by revolting against the lawmakers.
let me ask you this, what is the difference between murder and assasination/war? you guessed it! in the latter, the government says it is ok, in the former, the government says it is not ok.
Re:WTF (Score:4, Insightful)
I can understand your confusion. They do after all call it the Justice system. That though is a lie.
Re: (Score:2)
Re: (Score:3)
well, I'm pretty sure the judge didn't ask no-ip.
and MS portrayed it to the judge in the way that they must do it in haste, no time to waste.
so two things, MS mislead the judge and the judge didn't give a shit about ASKING THE FUCKING COMPANY WHO OWNS the DOMAINS. there's of course the trouble that hey, the fucking system allows that you can do that with a court order. now MS could have done this with any domain they chose.
Re:Microsoft takes on global cybercrime epidemic (Score:5, Funny)
i wonder if the same court would let you take update.microsoft.com and redirct it to ftp.debian.org using this reasoning
Re: (Score:3)
Well, fuck. No-IP going down? A million basement virgins lose access to their favorite minecraft server, and nothing of value was lost.
But, dammit MS, you proved APK right about something. That karmic burden is on you guys now. That bell can't be un-rung. You've got to carry that forever now.
Re: (Score:2)
I'm sure there's some ISP out there that ridiculous, but I've never seen one that would change your IP unless you rebooted your Cable/DSL modem (or they had some sort of outage to the same effect) - how would they even know you rebooted your server? There was a time when many people reached the Pirate Bay by hitting a forum for this week's IP address. There was a time when most gamers reached their server by checking a forum/BBS for the server's current IP.
But, hey, if the only ISP with service to Mom's b
Re: (Score:2)
So articulate!
Can you provide a 35 page thesis on this by Friday?
Re: (Score:2)
Well as Google runs their own public dns servers and is branching out in the being a registrar that could be very hard to enforce as Google could just say we are our own registrar additionally Microsoft would find them selves on the loosing end of the biggest lawsuit and damages claims you have ever seen if they tried that. It is one thing to pick on a small company it another to take on a massively powerful well financed very much more popular equal.
Re: (Score:2)
Using blockchain technology for decentralized consensus. Let's take the power from the corrupt and place it back with the people.
I have looked into using namecoin to due just that but there are several problems;
Cost ----- every time I have my IP adress change I would have to spend more namecoin which can be often with dynamic IP.
No Docs ----- very little support or documentation,
Mobile ----- mobile device name resolution I can setup my own dns server on my pc's and servers to resolve namecoin if i really hack at it but not so easy for phones tablets and the like to run their own dns server
Accessibility ----- while I and three other c
Re: (Score:2)
http://en.wikipedia.org/wiki/K... [wikipedia.org]