
ATDHE Seized: How Site Takedowns Are Ceremonial - rwwmike
http://www.readwriteweb.com/archives/atdhe_seized_how_site_takedowns_are_ceremonial.php?sms_ss=hackernews&at_xt=4d48b675bbdef1e3%2C0
======
bbatsell
This is a much bigger problem than ATDHE: [http://torrentfreak.com/us-resume-
file-sharing-domain-seizur...](http://torrentfreak.com/us-resume-file-sharing-
domain-seizures-110201/)

DHS seized a domain that had twice been ruled by a court of law in the
corporation's home country, an EU state, to be operating completely legally.
The corp. has absolutely no presence whatsoever in the US.

This one domain may be the straw that broke the camel's back — it wouldn't
surprise me if the rest of the international community begins moving towards
demanding that the US forfeit control over the 3 root TLDs posthaste.

~~~
gst
In all of the cases so far (that I've checked) it seems that the registrar of
the domain has been based in the US. So to seize a domain it would be
sufficient to do this at the registrar level, instead of the registry level.

If the domain has been sized via the US-based registrar it's nothing to worry
about.

If - on the other hand - the domain has been sized at the registry level (and
the same would have happened with another foreign registrar) this would be one
large reason for me to use other TLDs in the future. However, if this is
really the case it makes me wonder why piratebay.org hasn't been sized yet
(this domain is registered at a German registrar).

~~~
JoachimSchipper
GoDaddy says they "have not touched anything". Of course, this may mean that
they have built a self-serve seizure system in the past, but still...

------
eli
Uh, well now this is amusing:

<http://www.atdhe.net/> shows seizure notice

<http://atdhe.net/> still works

(Site looks pretty shady, by the way. I'd suggest something like NoScript.)

~~~
marketer
They only seized the DNS. They haven't shut down the site.

Try <http://88.80.11.29/>

~~~
eli
I'm confused. According to WHOIS, the DNS points to prq.se. And if they did
seize the DNS, why wouldn't they change all the records to point to the
seizure site?

------
zaphar
I wonder how long before we start seeing articles entitled .{com,org,net}
domains considered harmful?

------
smokinn
How do these seizures work? Is it only for US ISPs? I tried hitting
<http://atdhe.net/> and I get the regular site, not a DHS seizure page.

They have a banner at the top saying it was shut down this afternoon but how
did they get it back? Or is it still blocked in the US?

~~~
Joakal
DNS Registrar gave domain name to US government, the US government simply
pointed the new domain name to a new server. If you're still viewing the old
site, then the DNS propagation hasn't reached your ISP's DNS yet. The server
hosting the files is unaffected as it's in another country hence someone
provided a direct IP address.

This has the potential for attacks on unprotected clients with malicious JS.

But most likely, they will be logging browser details and ip address as an old
honeypot tactic. If I was in their position, I would attempt to cross-match
the IP addresses with list of associated profiles (For the paranoid, FB/HN/etc
may provide profile associations due to sealed requests). Then there's a list
of suspects for questioning.

