Recommended Posts

So my no-ip hostname stopped working this morning, couldn't work out what was going on.

I logged onto no-ip and find this.

 

ABSOLUTELY UNBELIEVABLE!

 

Microsoft have SEIZED 22 of NO-IP's domains on some crusade to stop malware, and have taken out maybe millions of legitimate users domains in the process!

 

How can Microsoft even get a court order to do this?

They clearly have misrepresented the impact they are going top have on legitimate users!

 

I hope Microsoft is sued for billions of dollars for this deliberate HACK ATTACK on millions of legitimate users domain names!

 

 

https://www.noip.com/blog/2014/06/30/ips-formal-statement-microsoft-takedown/

 

 

We want to update all our loyal customers about the service outages that many of you are experiencing today. It is not a technical issue. This morning, Microsoft served a federal court order and seized 22 of our most commonly used domains because they claimed that some of the subdomains have been abused by creators of malware. We were very surprised by this. We have a long history of proactively working with other companies when cases of alleged malicious activity have been reported to us. Unfortunately, Microsoft never contacted us or asked us to block any subdomains, even though we have an open line of communication with Microsoft corporate executives.

 

We have been in contact with Microsoft today. They claim that their intent is to only filter out the known bad hostnames in each seized domain, while continuing to allow the good hostnames to resolve. However, this is not happening. Apparently, the Microsoft infrastructure is not able to handle the billions of queries from our customers. Millions of innocent users are experiencing outages to their services because of Microsoft?s attempt to remediate hostnames associated with a few bad actors.

Link to comment
Share on other sites

I hope Microsoft is sued for billions of dollars for this deliberate HACK ATTACK on millions of legitimate users domain names!

 

Will not happen. They were given permission.

 

You could try going to court with your government.

Link to comment
Share on other sites

That's really bad Microsoft could actually do that to a legitimate company which has been around for 15+ years.

 

Why not just work with no-ip to get the bad domains taken down?

Link to comment
Share on other sites

Will not happen. They were given permission.

 

That was exactly my point, had they represented in court that they were going to impact millions of legitimate domain users in order to twart a handful of malware distributers, I doubt the court would have awarded them the order to take control of the domains.

 

To me they have misrepresented their intentions and the impact they would cause, and should pay for their lies to the court, and misuse of the domains. Imagine what would happen if someone took microsoft.com offline with one of these actions.

 

Personally, now that I know what happened it took me 5 minutes to mitigate microsofts criminal act of removing MY DNS host name, and I've lost maybe 10 hours of mail (due to the loss of the DNS name in SPF/DMARC) but there will be many businesses that lose a lot more including loss of business and money due to this.

 

No doubt the malware dispensers were not slowed down 1 little bit either!

Link to comment
Share on other sites

I was wondering why no-ip.org was not responding earlier. That explains it.

 

Unfortunately Microsoft taking down sites via court orders isn't without precedent. Refer to Neowin being pulled offline thanks to MS contacting this site's host at the time.

Link to comment
Share on other sites

 

 

To me they have misrepresented their intentions and the impact they would cause, and should pay for their lies to the court, and misuse of the domains. Imagine what would happen if someone took microsoft.com offline with one of these actions.

 

 

 

Do you know they represented their intentions in court? Do you know what was in the documents Microsoft used to get this court order?

Link to comment
Share on other sites

I admit I'm not well versed on the laws pertaining to this type of action, but it sure smells illegal to me. No.IP was not notified before court action was taken? Since when do corporations have the right to do whatever they want because they have money & politicians in their pockets? Oh, that's why.

Link to comment
Share on other sites

Since hearing about this I've jumped to FreeDNS. Upside is picking from a giant pool of domains, some owned by the guy running the service, but most owned by other users. Plus it does away with the 30 day nag that no-ip makes you do.

 

Doesn't help those with paid accounts but could be something to look into if you're looking for another free DDNS provider.

Link to comment
Share on other sites

Id like to see no-ip back up their claim of millions of users...

I'd say it's a fair estimate, considering how popular no-ip has been in past years.

Moreover, I'd like to know how Microsoft have the right to say "We want to take the property of another company because it's been misused". If something is ceased, surely it should go to the government, not another company.

Link to comment
Share on other sites

To be fair, the registered owner of the domain is responsible for the content on the main domain and all subdomains, Vitalwerks should be grateful Microsoft only want to filter out malicious content rather than getting the entire domains terminated. That said, if their blog post can be believed and Microsoft didn't first contact Vitalwerks to try and resolve the issue before taking them to court it was a poor move. 

 

The court papers are here: http://www.noticeoflawsuit.com/

Link to comment
Share on other sites

If they are distributing malware, they shall be terminated.

 

And why does the courtpapers web site have stuff written in squigglescript?

Link to comment
Share on other sites

Whoa! Big companies have more control over others than I thought. :o

 

There should definitely be a review process put into place to prevent this from happening. Microsoft could have just have asked politely for No-IP to check the domains and remove the infected ones instead of taking the entire thing down. :s

Link to comment
Share on other sites

If they are distributing malware, they shall be terminated.

 

And why does the courtpapers web site have stuff written in squigglescript?

squigglescript?....  you know that is a very big language that you are looking at right?

Link to comment
Share on other sites

No.IP was not notified before court action was taken?

Supposedly they were were several reports from different companies about the problem but No-IP didn't do anything to try and stop the problem.  They even responded to one on their blog so they obviously knew about it, basically saying "next time send an email to the abuse complaint address" and said it's up to the users to do the "police work" and report the problem.

Link to comment
Share on other sites

I'd say it's a fair estimate, considering how popular no-ip has been in past years.

Moreover, I'd like to know how Microsoft have the right to say "We want to take the property of another company because it's been misused". If something is ceased, surely it should go to the government, not another company.

 

 

I have my doubts about millions of users having a dynamic domain with no-ip. If they're going to give such claims they better back them up as well. Millions of unique registered users on the now disabled domains.

Link to comment
Share on other sites

 

 

Unfortunately, Microsoft never contacted us or asked us to block any subdomains, even though we have an open line of communication with Microsoft corporate executives.

 

 

I find it veeeery hard to believe that no-ip woke up one morning and came into the office to discover that the domains were taken.  :huh:

Link to comment
Share on other sites

Reading through the complaint and the exhibits, Microsoft cites "approximately 18,472 sub-domains of No-IP that are used by cybercriminals, there are likely many more" pg9, line 4 of the Complaint for Damages and Injunctive Relief. Also, suggest checking out the Factual Background of the complaint, page 6, sections 20, 21.

Link to comment
Share on other sites

I find it veeeery hard to believe that no-ip woke up one morning and came into the office to discover that the domains were taken.  :huh:

 

Exactly what i was thinking. 

It's not something that would suddenly just happen.

Link to comment
Share on other sites

I admit I'm not well versed on the laws pertaining to this type of action, but it sure smells illegal to me. No.IP was not notified before court action was taken? Since when do corporations have the right to do whatever they want because they have money & politicians in their pockets? Oh, that's why.

 

It's perfectly legal if a federal judge signs a warrant/order issuing the action. It only becomes illegal once it is challenged and over-turned by a higher court on an appeal.

Link to comment
Share on other sites

Judge Jury and Executioner. Its a sad day when legit users are taken out in one fell swoop. 

 

I know, this is really not the way to deal with the issue.

 

Microsoft really know how to buy themselves bad PR.

Link to comment
Share on other sites

This topic is now closed to further replies.