Slashdot Mirror
Microsoft Takes Down No-IP.com Domains
An anonymous reader writes For some reason that escapes me, a Judge has granted Microsoft permission to hijack NoIP's DNS. This is necessary according to Microsoft to thwart a "global cybercrime epidemic" being perpetrated by infected machines running Microsoft software.
No-IP is a provider of dynamic DNS services (among other things). Many legitimate users were affected by the takedown: "This morning, Microsoft served a federal court order and seized 22 of our most commonly used domains because they claimed that some of the subdomains have been abused by creators of malware. We were very surprised by this. We have a long history of proactively working with other companies when cases of alleged malicious activity have been reported to us. Unfortunately, Microsoft never contacted us or asked us to block any subdomains, even though we have an open line of communication with Microsoft corporate executives. ... We have been in contact with Microsoft today. They claim that their intent is to only filter out the known bad hostnames in each seized domain, while continuing to allow the good hostnames to resolve. However, this is not happening."
Does not seem legal.
This is their business the court decided to hand over to Microsoft. Lawsuits should be flying in all directions.
The best money could buy.
"A door is what a dog is perpetually on the wrong side of" - Ogden Nash
If a judge granted permission, I have feeling that a domain name service provider may have been guilty of alerting their customers to legal intentions. Which gives credence to locking it down before a new sub-domain is created to deliver the same traffic. While I don't side based on a brief, I don't make adverse statements. I can only surmise.
Can we say appeals please?
I suspect Microsoft failing to keep things working like the claim to intend is not malice, but simply incompetence.
But was the giving of this power to them just incompetence of our legal system? Thats the real question.
And it's microsoft.com, the creator and perpetrator of Internet Explorer and Windows, the two biggest malwares ever invented. They should be shutdown immediately. Thanks.
What are the 22 domain names???
So after decades of the community putting Microsoft on notice that HotMail is abused by spammers, can I sieze the domain name?
In other news Microsoft has come out in support of preserving a free and open web
great looks like my stuff was taken down by this. I guess the Judge wouldn't really care if thousands potentially hundreds of thousands of users were impacted.
I am guessing he will tomorrow as the world wakes up to this.
.
Now it appears that Microsoft is using their reputation for producing security-challenged software to badger companies for PR purposes. The headlines will all read, ~Microsoft takes down a company that is a security threat~. And Microsoft will look good in the headline.
But what has Microsoft really accomplished? Will Microsoft's reputation for software with abysmal security be changed? Or will a small company be crushed because a huge company is trying to look good?
Perhaps Microsoft should be enjoined from distributing a OS that is responsible for most the the malware and spam that everyone's firewalls and filters are defending against.
What's good for the goose is good for the gander.
The real "Libtards" are the Libertarians!
What is the legal precedent for taking ownership of a company's assets (without apparently even informing them beforehand) and randomly giving them to some other company to use? How is that even a legal possibility?
Troll is not a replacement for I disagree.
While I fully blame Microsoft for creating this mess, I'm somewhat dismayed that as a customer I'm finding out that my service is down from a news outlet rather than from noip themselves! I've been using their sub domain wildcard service for 7-8 years now and have just now found out that it's down. I'm none too happy about being thrown out with the bathwater!
Evil is as eval("does");
I think the reason the judge has granted the permission is because he can. Aka power.
Karel Kulhavy, Twibrigh Labs
Microsoft takes on global cybercrime epidemic in tenth malware disruption
-- for immediate release--
Playing offense against cybercriminals is what drives me and everyone here at the Microsoft Digital Crimes Unit. Today, Microsoft has upped the ante against global cybercrime, taking legal action to clean up malware and help ensure customers stay safer online. In a civil case filed on June 19, Microsoft named one operating system, for its role in creating, controlling, and assisting in infecting millions of computers with malicious software—harming Microsoft, its customers and the public at large.
We’re taking No-IP to task as the owner of software frequently exploited by cybercriminals to infect innocent victims with various families of malware. In the past, we’ve predominately seen botnets originating in Eastern Europe; however, the authors, owners and distributors of this malware are Kuwaiti and Algerian nationals. The social media-savvy cybercriminals have promoted their wares across the Internet, offering step-by-step instructions to completely control millions of unsuspecting victims’ computers to conduct illicit crimes—demonstrating that cybercrime is indeed a global epidemic.
Windows is an easy target for cybercriminals
An operating system is essentially a method of automatically updating a listing of the current running processes, and is a vital part of the Internet. However, if not properly managed, an operating system service like Windows can hold top-rank among abused computers. Of the 10 global malware disruptions in which we’ve been involved, this action has the potential to be the largest in terms of infection cleanup. Our research revealed that out of all OS vendors, Windows installations are used 93 percent of the time for Bladabindi-Jenxcus infections, which are the most prevalent among the 245 different types of malware currently exploiting Microsoft products. Microsoft has seen more than 7.4 million Bladabindi-Jenxcus detections over the past 12 months, which doesn’t account for detections by other anti-virus providers. Despite numerous reports by the security community on Windows abuse, Microsoft has not taken sufficient steps to correct, remedy, prevent or control the abuse or help keep its domains safe from malicious activity.
I really can't see why this wouldn't be possible using the exact same logic that MS uses.
Because the rule of law is already dead in the US, and at this point we're just desecrating its corpse.
I don't serve anything important... but I usually post images through my local server and upload to imgur "through the web" - it took several retries when I tried to do this a short while ago, and now I know why.
Thanks, Microsoft.... you can't just take over no-ip and then run it through crap servers that can't handle the loads.
I've looked a bit but never really found a package to do this, although it's been a few years. I've got a BSD box, a static IP and some domain names. How would I set it up so that other hosts could use this in a dynamic way to set forward DNS records if they were on an ISP's ever changing DHCP addresses?
In other words, how can I roll my own no-ip.com system without being a Vixie level hacker?
-- I have a private email server in my basement.
These is where most Malware comes from and commonly used by Scammers.
Asshole.
Microsoft has been aiding malware for decades through their active negligence.
SO shouldnt this company be able to turn this back onto the shoddytards for an even bigger perpetration of actions damaging to the public ???
How about making your own software less shit instead of strong-arming the judiciary to pander to your whims?
I found my account banned without warning or explanation recently, I wonder if the two events are related...
Just wow.
After all, they have done such a good job of fixing their OS and keeping it safe from malware.
What could possibly go wrong?
i understand, at least somewhat, how dns works, but i was wondering how microsoft could seize control of no-ip's subdomains? did they physically seize something? did no-ip hand over control? or was control taken without no-ip even knowing and if so, how?
Google may well be next in their sights, if you can't compete, sue, block their domain.
The only way Bing can be sure....
This has been MS strategy in the past too.
Using blockchain technology for decentralized consensus. Let's take the power from the corrupt and place it back with the people.
We should change the definition of Legal to "Backed by much money".
So *that's* why my DDNS suddenly went dark today, with no apparent explanation.
Port 80 forwarding to the right LAN IP. Server daemons are running. I can access all the services directly by WAN IP (not very useful). Updater client running just fine. No firewall configs in the way. No-IP reports the correct IP. No news posting on No-IP's website about any sort of outage or technical issues.
Well, I was lost -- that was everything. ... and that was all because of this horseshit? Guess what... I'm not even *in* the US, so now the US courts think they have jurisdiction over countries? (OK, that's not new)
Fuck all involved. Hope they get their asses sued to hell. And this judge canned for such a dumbass decision.
Bullshit.
April 2013: http://labs.opendns.com/2013/0...
Sept 2013: No-IP is a preferred choice for other similar attacks for command and control infrastructure: http://threatpost.com/njw0rm-a...
Feb 2014: Even Cisco said their domains were being abusive and they posted to complain that Cisco didn't contact them. http://www.noip.com/blog/2014/...
Looks to me like they should have contacted Microsoft and asked them for help. I guess they waited too long.
So my email and VOIP system has been subject to an attack by Microsoft (as they rely on *paid for* no-ip domains.).
Can we have microsoft.com domains taken down, as they are clearly causing a huge amount of damage to the fabric of the Internet.
What a bunch of w******s
So, Microsoft's argument was that they needed to hijack thousands of computers, secretly redirect them and put people in financial strain... so that someone else couldn't hijack thousands of computers, secretly redirect them and put people in financial strain?
Great plan, fuckwits!
Control was taken without No-IP even knowing.
DNS names like "some-subdomain.no-ip.com" are hierarchical, and different groups are responsible for the different levels in the hierarchy. /was/ responsible for the "no-ip.com" second-level domain, operating their own authoritative name servers which were registered with the ".com" domain servers (above).
* One group is responsible for the root domain ("."), which has NS records that point you at the name servers for ".com"
* Another group is responsible for the ".com" top-level domain, which has NS records that point you at the name servers for "no-ip.com"
* No-IP
Microsoft, with the help of the judge, got the group responsible for ".com" to change the registration for "no-ip.com" to point to Microsoft's name servers instead of No-IP's name servers. And Microsoft's name servers aren't doing a very good job of handling the load.
I don't serve anything important... but I usually post images through my local server and upload to imgur "through the web" - it took several retries when I tried to do this a short while ago, and now I know why.
Thanks, Microsoft.... you can't just take over no-ip and then run it through crap servers that can't handle the loads.
Resembles their takeover of hotmail and later replacing the BSD servers with their own software.
The whole f*cking Azure platform too...
We here are required to always side with "the little guy" when they whine about some alleged injustice, whether valid, completely fictitious, or somewhere in-between.
You have been put on probation for this post.
If it wasn't for the all the holes in WIndows then there's would't be as many people trying to distribute malware. MS themselves are the first in line as the root cause.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
Well, fuck. No-IP going down? A million basement virgins lose access to their favorite minecraft server, and nothing of value was lost.
But, dammit MS, you proved APK right about something. That karmic burden is on you guys now. That bell can't be un-rung. You've got to carry that forever now.
Socialism: a lie told by totalitarians and believed by fools.
USA and Microsoft the self-appointed police of the world strikes again... Two comments. If it indeed no-ip has virus problems, it would be FBI, CIA or NSA, or whatever national agency and not the fuckwits from Microsoft. Second point, if we are talking about malware distribution points, are we disabling hotmail.com and microsoft.com too?
And yet, this is the least amount of FUD I've read in this entire comments section.
Since apparently neither Microsoft nor this judge are concerned with due process, maybe this judge should be tried, convicted, and executed by a mob of his peers.
When the rule of law fails, the rule of mob can be used as a reminder.
Yep. Totally right.
Because a file with static assignments of host to IP bindings is an exact replacement for a dynamic DNS and is extremely helpful in the common no-ip et al. use case of the target host changing IP every reboot. You just have to phone somebody on the other end, ask them about IP and change it in your HOSTS file, easy as pie!
I can't post how many 100's of subdomains I have off 'em (too big for /.) -> http://yro.slashdot.org/commen...
APK
P.S.=> It used to *NOT* be that way here - in this case, I wish it IS the way it was years ago, since restricting my postsize doesn't let me answer that guy's question with pertinent data as fully as I could, to answer his question & help him... apk
I'm sure there's some ISP out there that ridiculous, but I've never seen one that would change your IP unless you rebooted your Cable/DSL modem (or they had some sort of outage to the same effect) - how would they even know you rebooted your server? There was a time when many people reached the Pirate Bay by hitting a forum for this week's IP address. There was a time when most gamers reached their server by checking a forum/BBS for the server's current IP.
But, hey, if the only ISP with service to Mom's basement is that evil, I understand, this must really suck for you! Just remember to be careful if you get so bored that you wander out into the Blue Room - remember, the Day Star will burn unprotected skin!
Socialism: a lie told by totalitarians and believed by fools.
Fuck you dipshit. I used no-ip.com paid services for SSH access to my NAS boxes. Oh, and fuck Microsoft too.
A quick skim of the motion for the court order gave me the "boilerplate" and "cut & paste" feeling. There is a lot of sloppy line blurring between actions and complaints directed at the Malware authors and the no-ip folks. Sometimes they refer to the "Malware Defendants" and other times the generic "Defendants" when they meant the former. Really sloppy legal work.
There are some real gems in there:
From section 7:
"There is good cause to believe that immediate and irreparable damage to this Court’s ability to grant effective final relief will result from the sale, transfer, or other disposition or concealment by Defendants of the Internet domains at issue"
Say what? How is that related anything? Its not like the TRO will actually prevent people from being able to hit 'delete' via the control panel. Given that everything's busted by their own doing, the bad guys got a huge head start.
From section 8: ..." ...
"... and the interest of justice require that this Order be Granted without prior notice to Defendants
Wow
The full motion text: http://www.noticeoflawsuit.com...
It seems to me that regardless of what good intentions that Microsoft may have had, they've really fouled up the execution. They'll be remembered more for taking out millions of legitimate users than the malware they *might* be able to take down.
I suggest all scammers, spammers and malware coders immediately move to azure. My developer friend tell me .NET is the shit :)
Comment removed based on user account deletion
Comment removed based on user account deletion
So MS has a 'Digital Crimes Unit' and the US courts allow it to carry out law enforcement duties. How long before they have their own policemen, courts and prisons? It goes together with the Microsoft tax I suppose.
It wouldn't surprise me if the British are behind this.
The motion is here: http://www.noticeoflawsuit.com...
Microsoft's argument is that No-ip.com allows the proliferation of malware that is infecting computers. Based on this argument Microsoft should be shut down because it is their crappy OS that is allowing the malware to exist and spread. They've set the precedent with this legal action, someone should just take it to the next level.
So when Microsoft hijacked the DNS, the IP addresses of No-IP services should still be running, no?
Does anyone have a list of their (old) IPs?
What is the difference, an attack from http://30.40.50.60/malware.html or from http://sdaue937r.noip.com/malware.html
What Microsoft has done is seize a DNS service, no more no less, and they know that DNS service is not responsible for the malware, it's a sort of test to see if they can fool a judge or not.
Remember when the poker sites got taken down a few years back? This is the same deal.. Ehhh... Government has more, more, more, more, power than you can possibly imagine! ;)
It's called a bridge. Unlike a router, which is what you are used to, a bridge is invisible to the systems on both sides. When the server requests a DHCP address, the bridge forwards it unchanged to the ISP DHCP server, which then hands out a public (usually) IP address to the server. Not to the modem / bridge. When the server is rebooted, it requests a new IP address.
The advantage of this setup is that you get a public ip address without paying for a subnet. The disadvantage is that if you want to run your own private network, you need to add your own NAT box - which could be your Linux server, thus allowing you to have the advantage of both solutions.
Oh, and I've seen worse than changing your IP address at reboot. My parents used to have a bridged connection, and their ISP forced an IP change every 24 hours. We gave them a GPS receiver for christmas, and the initial update of the map took more than 24 hours to download. That's how we noticed the IP address changing - the download aborted every time. We ended up having to take the GPS unit to my brothers house to get it updated.
Microsoft's anti-malware crusade knackers '4 MILLION' No-IP Users
http://www.theregister.co.uk/2...
My router's auto-dynamic IP setup still has my "no-ip.biz" alias as current, I just refreshed it and got a renew, I barely remembered I used this service until I read this. I'm not going to keep using it until I know WTF.
.fr .co and .pl ? Very unlikely, i doubt a US court has jurisdiction over french, polish or colombian registrars. No-ip had a bunch of other domains with the same functionality though, no-ip being the best known and also their company name.
Microsoft logic is not standalone. It is backed by marketing, lobbying, and bribes.
If you shut down microsoft.com, you might equally well shut down .gov. Arguably, that would get rid of a lot of international crime.
ARS Technica quoted some asshole from Microsoft, "He added: "We're taking No-IP to task as the owner of infrastructure frequently exploited by cybercriminals to infect innocent victims"
I'm sorry. You've got that bass-ackwards mate. Microsoft are without any doubt the "creators and owners of the infrastructure universally exploited by cybercriminals to infect innocent victims."
If it weren't for Microsoft and Windows, there would be no computer virusese, no malware, and no multi billion dollar a year AV industry.
Dirty, rotten, lying bastards. I hope no No-IP sues you until you've go No-Money.
Microsoft and all Microsoft Employees: Eat shit and die.
BT in the UK.
My IP address changes every week or so, and I'm not rebooting my modem.
Sigs are so 1990s. No way would I be seen dead with one.
If this was one of their "we're taking over domains to kill a botnet" plans, that explains why no-ip was not informed. If word got out. how many seconds does it take for the botnet controllers to update the host names?
I still think it's shit though. Can't access my home VPN.
Security cameras is another common usage. A low cost installation has some IP cameras on a residential dynamic IP internet service, so you use no-ip for access. I can't access my vacation house feeds today. For all I know there might be gnomes partying around the premises right now. Thanks MS.
Violence is the last refuge of the incompetent. Polar Scope Align for iOS
The coincidence is that DynDns stopped offering free service a while ago. Maybe Microsoft made them an offer they couldn't refuse...
I usually mark class action emails aimed at "Purchasers of between and " as spam: anyone who buys MS products thinking they're bug-free is a fool, and anyone who thinks they'll get any compensation after feeding the ambulance-chasers is a greater fool.
This is different. MS have taken a service run by a third party and broken it for millions of users. I'd like to see them punished, and a large legal bill is the only remedy available in this crony kleptocracy. If any ambulance-chasing bottom-feeders are reading this and want to launch a class action, please post your contact details here.
At least I am willing to accept some (sometimes even serious) flaws, as long as it is open source.
Hit them where it hurts and boycott Microsoft products. There are not many enterprises that can have the luxury of hurting millions of clients.
[grudge mode]I will be sure to claim damages for this, as I am using no-ip for my own server which is perfectly valid and runs no Microsoft software whatsoever (nor will it ever). What judge is so stupid as to do this ???[/grudge mode].
Did not hear anything from No-ip though ; when I logged in yesterday to find out what was wrong, and why my domain was not resolving, there was no information whatsoever.
Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
Why don't you fix it?
I got the MS Notification on the activity at work.
There were 200 different items of malware being served across 22,037 separate malicious domains. If there are 4 million customers, and 1:1 customers to domains, that is about 180 innocent domains for every one malicious one.
I'm all in favor of shutting down botnets and i can see the results (for a while) in spam volumes hitting us when actions like this are taken, but this much collateral damage seems likely to hinder future efforts.
--- Mercutio was right.
I've had my reasons for disliking Microsoft before but this takes the cake. What's next, shutting down all of the internet because it's how malware spreads? Go Gates..
The single most disturbing part of reports like this is that a private corporation, Microsoft, is enforcing the law. They've done this before, working with government agencies and even seizing private property on behalf of them. When did the Microsoft Corporation get the power to act as law enforcement? Who gave it to them? Is it legal for one corporation to do this to another corporation? I have never found a legal justification of how Microsoft gets away with this, just blowing smoke about how the law enforcement agencies can do whatever they want to. What's disturbing is wondering where this will stop.
B-b-but Microsoft Azure can handle anything!
Am I the only person here who thinks that attacking spammers, botnet operators and cyber criminals is a good idea. OK, so Microsoft might be a bunch of ham-handed assholes, but their intentions and outcomes are not all bad.
1. Extinguish
The grandfathered in existing customers. I paid them like $90 in the 90's and still use their free services (in addition to the services I paid for only once)
Fuck you dipshit. I used no-ip.com paid services for serving malware and botnets with SSH access to my NAS boxes. Oh, and fuck Microsoft too.
However, those 3 were ISOLATED ones, & the rest had HUGELY repeated domain & subdomains incidences off the TLD's themselves... I see them listed nearly everyday, & growing, per this article's points/subject (that they're being used for nefarious purposes).
* Per my subject-line above though - that doesn't mean they aren't bad though (just because there were literally ONLY 3 of them, but the others I noted are hugely repeated with all KINDS of strange domain/subdomain names)...
(That is WHY I was "bitching" I couldn't FIT THEM ALL IN HERE, since /. restricts postsize... so I couldn't post the 100's of subdomains off the .biz, .info, .com, .org, & .net TLD's that started in "no-ip"...)
APK
P.S.=> I wondered about that myself though, as to your point - still, the 3 I listed could be 'bad" anyhow (not the TLD itself possibly, but the domain/subdomain that ended in that TLD) ... apk
emanate domain, sometimes also called condemnation - is what government uses to do the same thing and almost always now to give to another company "for the greater good". Ever been forced to allow an easement, usually for some cabling or piping company to make a profit through your land? We've had land taken around here for a city owned bike trail and at least one of the property owners was not contacted before they took his land and built the trail without his knowledge - condemnation later took care of that problem when he didn't want to sell them what they already took.
another victim of bad spell check selection. the US education system and auto correct have failed me again :( I blame Microsoft.
And this is why I use Linux.
As GP clearly stated: what it replaced wasn't broken. It's change for the sake of change which is rarely good.
"...we have a long history..." yeah, of not paying attention and letting malware filter through your system...
Microsoft cite that their actions are to prevent the spread of malware.
Isn't this something that Microsoft Windows does quite readily? Perhaps No-IP should seek an injunction banning the use of Windows across the globe until it can be proved that it is no longer involved in the production of malware.
Epic, simply epic. :^)
I tip my le Fedora to you, good sir.
Or shall we all guess from the hundred or so in the pool?
I'm sort of kicking myself that I settled on no-ip.org, which is the obvious one to disappear.
Don't do business with Microsoft or their Lawfare leaches.
If you know any of these individuals or even their family members, let your personal opinion be known to them and ostracize them for their conduct.
Judge:
Gloria M. Navarro, Chief Judge
United States District Court
Attorneys for Microsoft:
Randall D. Haimovici (Pro Hac Vice Pending)
rhaimovici@shb.com
Rachael M. Smith (Pro Hac Vice Pending)
rxsmith@shb.com
SHOOK, HARDY & BACON L.L.P.
One Montgomery, Suite 2700
San Francisco, California 94104-4505
Telephone: 415.544.1900
Facsimile: 415.391.0281
Tony M. Diab (Nevada State Bar No. 12954)
tdiab@shb.com
SHOOK, HARDY & BACON L.L.P.
5 Park Plaza, Suite 1600
Irvine, California 92614-2546
Telephone: 949.475.1500
Facsimile: 949.475.0016
Robert J.B. Flummerfelt (Nevada State Bar No. 11122)
rflummerfelt@hotmail.com
Rami Hernandez (Nevada State Bar No. 13146)
rhernandeznsj@hotmail.com
CANON LAW SERVICES, LLC
7251 W. Lake Mead Blvd., Suite 300
Las Vegas, Nevada 89128
Telephone: 702.562.4144
Facsimile: 702.866.9868
Microsoft internal counsel:
Richard Domingues Boscovich, Assistant General Counsel, Microsoft Digital Crimes Unit
Brad Smith: Executive Vice President and General Counsel
IAAL (but this isn't legal advice). I noticed that it was an ex parte hearing, which is why this whole mess occurred. They're useful for preventing domestic violence, but ripe for abuse in all contexts. NO-IP should be moving for an emergency hearing and the whole issue should be resolved within hours. Beyond that, NO-IP should follow-up with a suit for damages (I suspect MS will pull the we-got-a-court-order card and NO-IP gets to respond back with you lied to the court. It all goes nowhere and they settle).
The more interesting aspect is the disrupted users. While MS moved against NO-IP ex parte, they apparently made assertions that they would keep the service functioning properly. They've failed there and suits are now possible for those failures. More interestingly, however, is whether MS was recording, manipulating, or in any other way playing with the traffic. If so, there are some excellent wiretap statutes waiting to be had.
I, sadly, didn't have an NO-IP account, but if I did, I'd be heading to the court house this afternoon. This is what happens when you skip due process, let a to-big-to-fail corporation do whatever it wants to private corporations through the guise of the courts. Corruption at it's finest. MS should be bludgeoned thoroughly enough to at least think twice before attempting it again.
As someone who is also affected by this sudden outage, I have to agree with you. Noip was the last free service that my home router supports. Thanks to Microsoft, I can now log into my computer, curl the external url, note it down, and adjust my remote access scripts every day.
I cannot believe that this is apparently legal. In my book this proves beyond any doubt that the US legal system is totally fucked up and that we need international treaties to protect non-US users and customers from this system. This is also the first time I am seriously considering taking a lawyer and press charges against Microsoft and/or the court responsible for this. It is probably not going to happen, though -- much too expensive and not many chances of success.
Is there anything else that can be done about this?
First, your Neolithic ancestors must have been terrorists by that standard. Second, "Indiana Jones" and "independent" have nothing to do with each other. Third, Notch is the online nickname of Markus Persson, who works for a "proper company" called Mojang.
Hmm... Microsoft behaving like a spastic bull in a china shop? Who would've thought it was possible...
All well and good that they're trying to fight the good fight against malware; but taking out millions of legitimate users as collateral damage is simply unacceptable. Somebody really botched this operation. I hope there's some sort of accountability (but I'm not going to hold my breath).
Fucking stupid bastards
I see no practical way to close the "users are willing to install software that turns out to be malware" hole without either A. banning free software or B. actually following the money to find the parties who benefit from the use of malware. Apple's iDivision and the major game console makers choose option A, but I don't think it'll scale to computers used for actual work
Have you had to wait for multiple reboots for failover testing? Waiting for RHEL5 to boot is horrific and only made worse by server hardware that does more POST checks than consumer level devices. I am all for a faster boot up...
And if there are race conditions that are poorly documented/unknown that isn't "not broken" that *is* broken and waiting for an issue to pop up, so lets get the dependencies right so you can quit worrying about it.
No-IP has nameservers that they block for outside domains.
I think that, at least until this nonsense is over, they should open up access to everyone for resolving no-ip domains. That way at least the nerds could access their machines - using
nslookup <your-domain> <no-ip's dns>
(this works both on Linux and on Windows!)
My game got released on Kongregate on June 30th, 2014, and less than a day later, NOIP got hijacked by Microsoft.com. I knew the environment is bad for the little guy, but I didn't expect Microsoft to hose my game within a day of release.
God spoke to me
"We're taking No-IP to task as the owner of infrastructure frequently exploited by cybercriminals to infect innocent victims with the...."
Should Windows*.* be seized due to "frequently exploited by cybercriminals to infect innocent victims" ?
Maybe all M$ Windows developer team should be handed "temporarily" to a more competent company in order to fix some users bloody ailment
Never underestimate the destructive and creative power of stupidity
Like many slashdotters, I have an old box under my desk which grabs mail from several external accounts via pop and serves it up via imap. No smtp though. And having home DSL with no static IP, I use No-IP to provide a stable domain for that machine. So this morning I wake up and discover that the domain has disappeared and my mail client can't connect. And I'm out of town, so have no physical access to the box, which is still happily grabbing my mail from external accounts.. Fortunately the no-ip website is still displaying the dynamic ip address the domain was last pointing at, and my ISP hasn't changed it (and probably won't until I next reboot) so I've been able to log in just using the ip address, but now I need to waste a morning switching it to another domain. Seriously, wtf microsoft!
Microsoft writes software prone to viruses. Microsoft software is infected by viruses. Microsoft gives government access to millions of users data and network activity. Microsoft asks court to give them third party's assets, instead of fixing their software. Microsoft then spends millions advertising themselves with images of happy smiling people, instead of fixing their software. Yet, for some reason, the public still purchases Microsoft software. Conclusion: You all must love being over charged, lied to, spied on, and having your identity stolen. Perhaps it brightens up your otherwise dreary lives.
lookups are returning servfail not nxdomain. If you drill down manually - first get the microsoft nameservers (ns3 and ns4.microsoftinternetsafety.net) then query them directly, the appropriate ip address is indeed returned.
Something is clearly misconfigured so the lookup isn't recursing as it should.
You'd think /someone/ at Microsoft would know how to configure a DNS server properly
It is not the modem, but the equipment/router connected to your modem, unless your cable modem is a combo of cable modem/wifi router.
> The court should consider the validity of the arguments against them and the facts of the case.
I've won two default judgements and that's precisely what happens. Of course, judges are not investigators. They consider the facts _as_presented_by_the_parties_. If one party doesn't show up, the judge doesn't hear their side of the story. The party who does show up still has to make a "prima facie" case, meaning that they briefly explain why they should win. The judge then considers the facts they present and their arguments and makes a decision. It's not too unusual the only party who shows up doesn't get EVERYTHING they want. They'll probably "win", meaning get most of what they want, though not always.
In one of my two cases, I showed the judge that what I was asking for was completely fair to the other party, that they would probably agree to it (which in fact they had, but we needed the court to make it official). The judge was interested in seeing that it was fair - he wasn't going to give me a default judgement that was clearly unfair to the party who didn't show up.
The losing party who didn't show up can then appeal. I had that happen with an insurance company. Their insured hit my car and it was his fault. When they didn't answer phone calls or letters, I sued. They didn't show up, allowing me to get a default judgement. I guess they were hoping I wouldn't show up either, because the very next day they filed an appeal - meaning they WERE paying close attention to the case. It's entirely possible they even had someone in the courtroom to see me win the default judgement, choosing to see if I would blow my own case in the default hearing before they paid their attorney to show up.
How could this be fucking legal even if it's a fucking court order? This should be handled by a government agency like the FBI not Microsoft. Maybe no-ip should get permissions from the courts to shutdown Hotmail or block all MS windows(yeah, of course not possible just dreaming) from connecting to the internet since both are prone to malware and viruses that spread and infect others. United States of America for the corporations and by the corporations.
Just setup a CloudFlare account and host your dns through them for free. Then use their api on your server whenever your ip changes.
An example of using the API is as follows... taken from https://www.cloudflare.com/doc...
curl https://www.cloudflare.com/api... \
-d 'a=rec_edit' \
-d 'tkn=8afbe6dea02407989af4dd4c97bb6e25' \
-d 'id=9001' \
-d 'email=sample@example.com' \
-d 'z=example.com' \
-d 'type=A' \
-d 'name=sub' \
-d 'content=1.2.3.4' \
-d 'service_mode=1' \
-d 'ttl=1'
From Microsoft's brief supporting an Ex-Parte hearing:
"Third, the balance of hardships weighs in Microsoft’s favor. The Malware Defendants’ criminal activities serve no legitimate purpose, and Microsoft only seeks to block traffic to the malicious sub-domains. Defendant Vitalwerks generates no known income from offering this free service. Thus, there is no hardship on Defendants or any third party."
This statement is patently false and unsuportable. By claiming that there is no hardship to any third party, they are claiming that there are no legitimate users of No-IP's Dynamic DNS services, which is patently false. Additionally, they claim that non-malware users of the domains will be unaffected, yet that has not happened. Additionally, based on the language in the Anselmi declaration used to support their case, it is clear that the technical expert who is presenting the method of allowing access to legitimate users highly doubts that there are any (he repeatedly ends his sentances about legitimate uses with "if there are any at all"). This raises the question in my mind as to whether the intention prevent disruption of legitimate users was stated in bad faith.
I don't know if it's possible, but can we get a lawyer to send some sort of brief to the judge in question and explain to him exactly why this order is a bad thing, and possibly get M$ smacked for it (not to mention getting our No-IP domains back)? I can find my one IP for my home server easily enough, but I'm probably the least affected of all their users...
This is a DDOS on all No-Ip users. Some enterprising lawyer should have an easy time to get a class action suit together.
You are going to have to take protective action yourself. Register or try to find a free a dn and rent you servers in the Netherlands, Switzerland or other freer protective countries. The socialist democrats are not concerned with your life, freedoms, and/or rights anymore in America. The FBI has shown this repeatedly by confiscating an entire data site's servers just to go after one wrong doer, disrupting and bankrupting companies in the process. Most governments (and some companies) are corrupted to the core and have soulless designs on doing whatever they want to the people.
Who do Microsoft think they are, the City of London Police?
They claim that their intent is to only filter out the known bad hostnames in each seized domain, while continuing to allow the good hostnames to resolve.
Total bullshit.
I have a no-ip hostname. Yesterday, it stopped resolving. That hostname has *never* been used for malware, anything illegal or otherwise abnormal. It still fails to resolve so whatever they are doing is wrong.
You can't just mess with people's stuff like this, or potentially destroy a business. Fucking unbelievable that microsoft got a judge to permit this.
SURELY NOT!!!!!
This give Microsoft a ton of information on this company's information, customers, usage - and now the Court has effectively handing all this information on this company to Microsoft. This is their business, and now Microsoft knows a lot more about it. What assurances was the Court and No-Ip given regarding the security of this corporate knowledge and information?
No Intellectual Property?
I have no problem with your religion until you decide it's reason to deprive others of the truth.
Thank-You, lgw - it appears "the /. troll WORM IS TURNING" regarding my posts on hosts here -> http://yro.slashdot.org/commen...
There's NO QUESTION custom hosts files give users more:
1.) Speed
2.) Security
3.) Reliability
4.) Anonymity
+ far more EFFICIENTLY than the "so-called 'competition'" in clearly INFERIOR browser addons (hosts do FAR more, with far less moving parts complexity room for breakdown as well as resources consumed)...
They even shore up DNS security issues in redirection, + abuse by FastFlux &/or Dynamic DNS using botnets (our very subject here in fact)...
* :)
(Lastly, my man? I've ALWAYS been right - it's just "how I roll"/"what I do"... & you all know it!)
APK
P.S.=> "Onwards, & UPWARDS"... apk
I sense a great disturbance in the DNS - as if millions of host records cried out in terror and were suddenly silenced.
How many of these stories does slashdot have to run before it becomes obvious that using non-US domain registrars and non-US DNS facilities is simply the smart thing to do? If you need to host files in the US for performance reasons then sure, go ahead. But keeping the literal keys to your business here is silly at this point.
To the Court that allowed it. Cease and Desist!
Microsoft is a private corporation, not law enforcement, and if it's not a issue of law, then why would the court even be involved? To the owners of the site. Use LINUX!
I'm thinking there should be retaliations against Microsoft for this. Microsoft does not own the domains, nor the data contained in them. This is the reason why we need a solution to eliminate the need for Domain servers; a solution that does not have a dependence of the DNS servers communicating with others.
HOSTS file work, but only in limited capacity.
After calling Microsoft technical support many times today, it is obvious they had no clue how many legitimate users No-IP has. They were completely unprepared for the calls to restore service and they were given no information about No-IP. Many times I was referred to their legal and corporate affairs office (425-706-7863). They don't know anything either. Eventually I was transfered to some Azure department where I was told they would offer to sell me a replacement service.
. Quit playing Monopoly with Bill. Switch to one of many non-Microsoft products today.
Our company has found evidence there are people driving cars while under the influence of alcohol in and out of the city, every single day. In order to safeguard our customers who frequently travel the city streets, we move to block all roads accessing the city.
Come on Microsoft ... if you want to be the hip guy who are just as cool as Apple and Google, you need to stop doing this kind of stuff. If you want to steam ahead as you are currently going, with draconian initiatives with questionable legal base that mess up the infrastructure of mostly tech savvy users (you know, the people who give advice to others what they should buy) who will tell their friends exactly what they believe people should expect from your company, then here is a free suggestion for a new company slogan, "Microsoft - because we can".
I don't know where you went to school, but you should ask for a refund. Or read up on basic percentage calculations.
Microsoft claims that 93% of the malware traffic is traced to No-IP. But that says nothing about the total amount of traffic for No-IP, nor does it say anything about the total volume of legitimate domains. Malware traffic could be as little as 1% on No-IP's infrastructure while still accounting for 93% of malware DDNS traffic.
It is completely wrong to state that 93% of No-IP domains are hosting malware. A large number of legitimate customers are being affected by this, and Microsoft is not resolving their DDNS domains correctly (as promised). The actual percentage of legitimate vs malicious domains is unknown, as is the distribution of legit/malicious traffic.
Also, Microsofts claims are disputed by No-IP, so we should not take them at face value. No real evidence of malice has been proven (yet), which makes it extremely questionable that this was conducted ex parte.
Finally, the fact that No-IP was a favorite for malware is not (or should not be) in itself sufficient to take control of the domains like this. I sincerely hope Microsoft can prove No-IP did not respond properly to requests. Or that they can document that an extremely large portion of total traffic on No-IP was malware (which we know nothing about at this point).
Simply quoting the 93% number is a pile of BS. I can't stand by itself. I can say with certainty that at least 93% of the Nigerian scam mail I have received the last year has used a hotmail.com or outlook.com account. But surely this does not prove that Microsoft is willingly aiding Nigerian scammers and that their domains should be seized?
My security clearance is so high I have to kill myself if I remember I have it...
working on my azure powered malware as we type
Judge Jackson, where are you when we need you most?
I wonder if the folks at Dropbox are worried about the same fate after all of the Cryptowall malware hosted by their service.
Those aren't the domains Microsoft seized. APK merely listed No-IPs ccTLDs, which is wrong. Microsoft seized all the domains associated with all the No-IP subdomains listed in http://www.noticeoflawsuit.com... - all the documentation can be read at http://www.noticeoflawsuit.com....
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
From the article:
> This is the third malware disruption by Microsoft since the November unveiling of the Microsoft Cybercrime Center
> —a center of excellence for advancing the global fight against cybercrime.
How clueless do you have to be to reach that level of excellence in Microsoft?
I mean, where do you live if you don't know that no-ip has a huge customer base and that tampering with their DNS just might be a difficult thing to do? You have no place in IT if you don't know this.
Why? AWS hosts far more malicious stuff than Azure does (probably because AWS has a free tier, and Azure does not).
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Then use one of the unaffected paid-customer-only domains. Sorted.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
So a US court has allowed a US corporation to take the law into its own hands (despite Microsoft having no clear mandate to be the internet's law enforcement). The side effect: NoIP users world wide (not just in the US) are left high-and-dry, despite most of the affected people using the service for legitimate purposes.
Why are we (the global community) still allowing the US to do whatever it likes to the internet? Sure, they invented it; but it's now a global resource that *should not* be allowed to be toyed with to such a degree by *any* country.
For the record, I use NoIP for scientific research projects. With NoIP down I've got no way to communicate with my equipment, meaning for the foreseeable future it's a dead asset, sitting around unusable.
Yeah, I used the common no-ip.org hosts even with paid business accounts because it's easy to remember. Am I ever kicking myself now.
At this point, can I even trust that other no-ip domains won't be seized? Or somehow Microsoft will get the entire company shut down? I already have to change a number of sites and a stupid amount of mobile workstation VPN profiles because these domains are gone.
After getting burned by Dyn changes over the years, and despite paying for NO-IP accounts a few years in advance, it's probably best to cut my losses and find yet another DDNS provider. Or wait until our duopoly of Canadian ISPs decide to offer static IPs AND high bandwidth in the same business packages (fat chance).
The question now is: Why aren't we all filing motions with the court to lift the TRO. TROs cannot be written to be overly broad with the intent to put a company out of business. It amounts to a seizure without due process. MS capitalized on the names (arabian) of the owners and claimed that they are shooting out viruses to ms's bastard software which is so insecure that it cannot be protected, unlike unix/bsd/linux/darwin based systems. .ME as this tld belongs to Montenegro.
I think each of us should file a motion (indepentantly) demanding the court (respectfully of course) lift the TRO on any noip address that is not associated with spam, which is probably 99+% Each petition should state that the TRO is overly broad, harms commerce of legitimate individuals and enterprises that do not use MS software, that blaming noip DDNS is roughly equivalent to blaming the post office for delivering junk mail to your mailbox because you have a postal address. The briefs should include a demand to lift the stay, and a claim against microsoft for time, damages, etc. Note that Microsoft only had to put up a $200,000 bond to accomplish this. I note that they do not lay claim to noip's
I also urge anyone who is local to the United States District Court for the District of Nevada (I can't find the case, and don't know if it's filed in Reno or Las Vegas, but I think it's Las Vegas based on the 2nd amended TRO), to attend the hearing and enter an appearance on behalf of yourself (in propria personna) as an aggrieved party. The Docket is 2:14-cv-00987-GMN-GWF, according to the web site noticeoflawsuit.com which appears to have all the documents related to the situation, but does not have the pacer records associated with them. I could not find the lawsuit info from the USDC District of Nevada web site. The documents state that a hearing is to be had JULY 10, 2014 AT 3 PM IN COURTROOM LV 7D. I presume that LV indicates the Las Vegas court and it would behoove anyone in Vegas who can attend this hearing to be there in person to let the Judge know that there is widespread interest in this matter.
If noip.com is indeed allowing abuse, that can and should be dealt with, but the courts must be cognizant of overly broad TROs and the damage they do to the millions of legitimate actors.
Well, fuck. No-IP going down? A million basement virgins lose access to their favorite minecraft server, and nothing of value was lost.
Actually, I've got over a dozen businesses running No-IP using them to create VPN's across dynamic IP addresses. This has created QUITE a bit of financial loss and headaches for a large number of businesses that utilize this.
Yea, ok. Losses for malware makers and botnet herders along with spammers/phishers just like you!
My legitimate web site is down because of this and the M$ call centre is totally useless in resolving this. The operator just kept asking me what product I need support for.
I hate Microsoft for this!
People said years ago they wanted their governments run like businesses. Well. Here you are. And they've done you a level better: government isn't run like a business; it's run by a business.
Shades of BeOS. Or "Internet Explorer is an operating system".. or manufacturers that offer multiple boot are blocked from OEM Windows.. or Aaah "Doesn't the "crunch" of bones being broken by that steamroller sound so goood"..
Jul 2 12:28:51 x3 ddclient[1752]: SUCCESS: updating davidwhodgins.no-ip.biz: good: IP address set to 216.240.15.187
It's working again
I couldn't "put out" the exact information is why as I stated, so I just popped out ones that had "no-ip" in them (the latter 3 earlier complained of were isolated incidences but it doesn't mean they are NOT 'bad' either...)
APK
P.S.=> I can't HELP if /. nowadays LIMITS how much you can post, or I would have put out 100's of them with no-ip per my list above - minus those last 2 polish, columbian, & french isolate incident ones (all I could put out were domains, not subdomains because of it & I complained of it myself)... apk
Your past's returned to haunt you Kalriath (your fails vs. me on hosts files) -> http://yro.slashdot.org/commen...
* :)
APK
P.S.=> Still can't disprove my points on hosts validly can you? Nope... you fail, as always, vs. myself (dumbass)... apk
Your past's returned to haunt you Kalriath (your fails vs. me on hosts files) -> http://yro.slashdot.org/commen...
* :)
APK
P.S.=> Still can't disprove my points on hosts validly can you? Nope... you fail, as always, vs. myself (dumbass)... apk
Your past's returned to haunt you Kalriath (your fails vs. me on hosts files) -> http://yro.slashdot.org/commen...
* :)
APK
P.S.=> Still can't disprove my points on hosts validly can you? Nope... you fail, as always, vs. myself (dumbass)... apk
Your past's returned to haunt you Kalriath (your fails vs. me on hosts files) -> http://yro.slashdot.org/commen...
* :)
APK
P.S.=> Still can't disprove my points on hosts validly can you? Nope... you fail, as always, vs. myself (you dumbass)... apk
Your past's returned to haunt you Kalriath (your fails vs. me on hosts files) -> http://yro.slashdot.org/commen...
* :)
APK
P.S.=> Still can't disprove my points on hosts validly can you? Nope... you fail, as always, vs. myself (you dumbass)... apk
Your past's returned to haunt you Kalriath (your fails vs. me on hosts files) -> http://yro.slashdot.org/commen...
* :)
APK
P.S.=> Still can't disprove my points on hosts validly can you? Nope... you fail, as always, vs. myself (you dumbass)... apk
Your past's returned to haunt you Kalriath (your fails vs. me on hosts files) -> http://yro.slashdot.org/commen...
* :)
APK
P.S.=> Still can't disprove my points on hosts validly can you? Nope... you fail, as always, vs. myself (you dumbass)... apk
Your past's returned to haunt you Kalriath (your fails vs. me on hosts files) -> http://yro.slashdot.org/commen...
* :)
APK
P.S.=> Still can't disprove my points on hosts validly can you? Nope... you fail, as always, vs. myself (you dumbass)... apk
Your past's returned to haunt you Kalriath (your fails vs. me on hosts files) -> http://yro.slashdot.org/commen...
* :)
APK
P.S.=> Still can't disprove my points on hosts validly can you? Nope... you fail, as always, vs. myself (you dumbass)... apk
Hey fuckwit, I didn't say anything about your fucking hosts files. I said your list was wrong because it included a bunch of domains which aren't seized, which is correct.
There's a reason people resort to profanity when dealing with you: because you're a contemptible trolling cunt who needs to fuck off and stop acting like a 5 year old. If you actually read my comment history, you'd see that on occasion I have even agreed with you, where you say things which make sense.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
You're avoiding THAT question shit for brains... "gosh, I wonder why?" (not).
APK
P.S.=> You resort to profanity because I put you into backing up your bullshit you can't prove, lol (& you know it, I KNOW IT, + so does anybody else) - trying to post *DAYS LATER*, thinking I wouldn't see it too, you little weasel? DOUBLE-FAIL... lol!
... apk
Can't help you now, can it? Nope (hahahaha) http://yro.slashdot.org/commen...
They're how I was able to list no-ip.com (which YOU said isn't valid - it is though, isn't it?) & all the others that began in "no-ip" - which YOUR LAME ASS COULDN'T COME UP WITH BY YOURSELF, lamo!
(Which as I said, unfortunately, /.'s size limits now wouldn't let me post the SUBDOMAINS that are BAD off of those DOMAINS I could post only since I was limited).
* :)
(You still can't validly disprove my points on hosts here though, now can you? Nope -> http://yro.slashdot.org/commen... & they even FURTHER TRASH your "so-called 'points'" I totally NUKED in the thread where I pointed out even folks @ Microsoft AGREED with other points of mine about hosts files, lol... you fail!)
APK
P.S.=> Thus, as ANYONE CAN SEE & UNDERSTAND? The only IRRELEVANT total BULLSHIT was yours I pointed out here from the past (profanity & all from you out of "FrUsTrAtiOn" @ your numerous FAILS vs. myself on hosts) too -> http://yro.slashdot.org/commen...
(Where you STUPIDLY *tried* to "take me on" regarding hosts files and you FAILED BADLY then too as always, lol...)
... apk
Issuing a downmod on my post that was upmodded to +1 & YOU logging out of your "registered 'luser'" account AFTER you did it, on the date of this post (days LATER now that you waited 3 days *thinking* with your DULL BRAIN I wasn't watching for your bullshit troll tactics, loser - you lose/fail, again, vs. myself...)
* :)
Clue: YOU ARE BUSTED, little worm... lol!
(Regarding "the LOW likes of YOU"? Man - heck, THIS is the BEST ONE YET to use against you in the future, fool!)
APK
P.S.=> You're TOTALLY pitiful (& I have NO reason to lie here, my other posts before your reply I am replying to, since you can't PROVE ME WRONG as usuall, have put your ASS into the shitter, where it belongs, already... lmao!)
... apk
What gives? The parent post here was upmodded until a few minutes ago http://yro.slashdot.org/commen... ?
Busted by APK no less, red-handed http://yro.slashdot.org/commen... doing the old trick of issuing a downmod, logging out of his "registered 'luser'" account, and altering his state-saving cookie so can can *try* to use the old bullshit line of "I can't issue a downmod in a post I replied in and make it stick if I post again" crap (which goes on here all the time on /.: Home of the liberalist bullshitters that ABUSE moderation to no end that way, and using sockpuppets too, despite their "freedom of speech" bullshit when they're the worst ABUSERS of that, blocking valid posts that don't fit their personal agendas).
It has housed malicious domains (just like the others I noted): Prove it hasn't (my original challenge to you). It's just a single example I posted & used there is all.
APK
P.S.=> Funniest part is, I can come up with my own vali data & from a program I WROTE - whereas by way of comparison?
LMAO - A total dunce like YOU by way of comparison? Has to "scour the web" since you're an incompetent GOOF in the art & science of computing (which I've shown numerous times already during our conflicts on hosts files you always lose, lol)... apk
Reduced to illogical off topic illogical ad hominem attacks again, you being busted cheating the moderation system now too? How transparent could you be Kalriath!
Kalriath's foaming at the mouth + his reading comprehenion's off as he runs from your challenge.
http://slashdot.org/comments.p...
One of my sources for hosts file data ( http://mirror1.malwaredomains.... )
FILENAME = Microsoft-Botnet-domains-no-ip.zip
* 4th file down... & there is 22,037 subdomains in it (I most likely HAD them all too, but again - /.'s posting size limit would've stopped me, for SURE... however - it PRETTY MUCH MATCHES the domains I posted too from my hosts file, AND, those names look very familiar in MANY of them from doing my hosts file population via my program anyhow as well...!)
APK
P.S.=> Sorry - I could've got that for you the other day - I just didn't look like I should have (it was there on July 2nd 2014)... apk
I had them anyhow (same as what I posted, except for seeing a FEW 'straggler domains' (their subdomains) like zapto.org, sytes.net, noip.me, servegame.com, 3utilities.com, myvnc.com, & servebeer.com) http://yro.slashdot.org/commen... which I have ANYHOW in my custom hosts file (since that site's one of my sources from the security community I use to populate my custom hosts file).
APK
P.S.=> What I did list, however, ARE known domains that house more than just a few BAD subdomains (most of mine were correct for THIS topic too, no less)- Also again: You're MORE THAN WELCOME to disprove that statement of mine (even regarding no-ip.com housing bad domains @ times) which you KEEP RUNNING FROM, "Forrest"... apk