Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Takes Down No-IP.com Domains

Posted by Unknown on from the slash-and-burn dept.

An anonymous reader writes For some reason that escapes me, a Judge has granted Microsoft permission to hijack NoIP's DNS. This is necessary according to Microsoft to thwart a "global cybercrime epidemic" being perpetrated by infected machines running Microsoft software. No-IP is a provider of dynamic DNS services (among other things). Many legitimate users were affected by the takedown: "This morning, Microsoft served a federal court order and seized 22 of our most commonly used domains because they claimed that some of the subdomains have been abused by creators of malware. We were very surprised by this. We have a long history of proactively working with other companies when cases of alleged malicious activity have been reported to us. Unfortunately, Microsoft never contacted us or asked us to block any subdomains, even though we have an open line of communication with Microsoft corporate executives. ... We have been in contact with Microsoft today. They claim that their intent is to only filter out the known bad hostnames in each seized domain, while continuing to allow the good hostnames to resolve. However, this is not happening."

5 of 495 comments (clear)

  1. Sue them for all they're worth by Anonymous Coward · · Score: 5, Interesting

    This is their business the court decided to hand over to Microsoft. Lawsuits should be flying in all directions.

    1. Re:Sue them for all they're worth by Sun · · Score: 5, Interesting

      Also, apparently No-ip didn't appear when summoned. Apparently, that's kinda of a big no-no. Maybe next time they will buy their domains somewhere with proper laws.

      IANAL. All of this is from following legal procedures.

      Not showing up is a big no-no. A judge can, usually, assume that the party not showing up has nothing to say in the matter, and just accept the petition as is. This is, however, not what happened here. From the first link:

      On June 19, Microsoft filed for an ex parte temporary restraining order (TRO) from the U.S. District Court for Nevada against No-IP.

      Emphasis mine.

      An Ex-Parte petition is filed without the other side being given a chance to answer. This is outrageous act by Microsoft. You ask for an ex-part hearing when there is danger that the other side, if given prior warning of your requested subpoena, will destroy evidence. Since Microsoft is claiming that no-ip are unknowingly hosting malware, this simply wrong.

      Before you go to blame the judge, however, please bear in mind that he can only rule based on the petitions before him. Presumably, a two-party hearing will be held soon, and then things can, and should, go differently. Also, the judge should have ordered Microsoft to place some money in escrow, which no-ip will automatically get in case the temporary restraining order is found to be unjustified.

      What I'm saying is that we don't have enough information so far to conclude that the judge did anything wrong, but the first link, written by Microsoft, clearly shows MS to be douche bags in this case.

      Shachar

  2. Hotmail? by Anonymous Coward · · Score: 5, Interesting

    So after decades of the community putting Microsoft on notice that HotMail is abused by spammers, can I sieze the domain name?

  3. Re:Malice? more like incompetence... by DarkHelmet433 · · Score: 5, Interesting

    I also suspect they've managed to botch the technical aspect of it as well.

    Presumably the plan was to put their caching name servers in front of the real no-ip servers, and gather the mappings for the malware suspect sites and then blackhole them after getting what they want. The problem was that Microsoft's side appears to have melted down, thus taking everything down. They won't be getting logs, behavior analysis or anything, because its all a pile of wreckage in a crater. Meanwhile, all the "bad guys(TM)" have now had hours head start to delete their C&C node registrations while microsoft's servers are down. And now they've ticked off the no-ip folks, so I wouldn't expect them to be in a cooperative mood to try and help.

    Bone headed all round. There's no other way to put it.

  4. Lawsuits will fly by Anonymous Coward · · Score: 5, Interesting

    IAAL (but this isn't legal advice). I noticed that it was an ex parte hearing, which is why this whole mess occurred. They're useful for preventing domestic violence, but ripe for abuse in all contexts. NO-IP should be moving for an emergency hearing and the whole issue should be resolved within hours. Beyond that, NO-IP should follow-up with a suit for damages (I suspect MS will pull the we-got-a-court-order card and NO-IP gets to respond back with you lied to the court. It all goes nowhere and they settle).

    The more interesting aspect is the disrupted users. While MS moved against NO-IP ex parte, they apparently made assertions that they would keep the service functioning properly. They've failed there and suits are now possible for those failures. More interestingly, however, is whether MS was recording, manipulating, or in any other way playing with the traffic. If so, there are some excellent wiretap statutes waiting to be had.

    I, sadly, didn't have an NO-IP account, but if I did, I'd be heading to the court house this afternoon. This is what happens when you skip due process, let a to-big-to-fail corporation do whatever it wants to private corporations through the guise of the courts. Corruption at it's finest. MS should be bludgeoned thoroughly enough to at least think twice before attempting it again.