
No-IP's Formal Statement on Microsoft Takedown  - wfjackson
https://www.noip.com/blog/2014/06/30/ips-formal-statement-microsoft-takedown/
======
ddod
The comments here are surprisingly pro-Microsoft. I'd personally rather deal
with spam and botnets over a corporation legally being able to take over the
DNS of other companies due to the actions of users of a service. Despite
pretty clear slippery-slope arguments, I recognize this isn't a universal
opinion. There are many people who would like to curb cyber-bullying at the
expense of freedom of speech or curb terrorism at the expense of privacy and
civil liberties. It takes all kinds, I guess.

~~~
DangerousPie
It wasn't actually due to the actions of their user though, was it? It was
because of the actions of NoIP themselves, who did not act to prevent abuse by
their users.

From what Cisco and Microsoft are reporting NoIP is (was?) a hotspot of botnet
activity. If NoIP was not doing anything against that Microsoft's lawsuit
doesn't sound that unreasonable.

How this was actually implemented in the end (MS just taking over the DNS)
does seem a bit strange to me though. They should at least have been taking
over by a government agent.

~~~
cortesoft
Wouldn't a similar line of reasoning be "It seems that computers running
Microsoft Windows are a hotspot of botnet activity. Year after year, a vast
majority of computers used in botnets are running Windows; they are clearly
not doing enough to prevent abuse by their users. Lets give control of the
Windows code base to Linus"

~~~
smsm42
I think most of the judges would be able to see through it and recognize that
running a free DNS service which ignores abuse by botnets and having an OS
which can be used to run various programs on, including malware, is a bit
different thing. If you could prove Microsoft "clearly not doing enough to
prevent abuse", you could probably win a juicy class-action lawsuit, but
proving this would be extremely hard.

~~~
tomp
If they went through with their intended plan to stop supporting Windows XP,
then proving that they were "clearly not doing enough to prevent abouse" would
be trivially easy.

~~~
smsm42
How so? Microsoft never promised it would support XP forever. EOLing old
versions is a standard and widely accepted industry practice. Just buy (or
install for free) a newer operating system. Buying a license to run Windows XP
on your computer does not entitle you to unlimited amount of free labor from
Microsoft. If you think that makes XP suck, nobody forces you to buy it or
keep using it. Are you also expecting Linus to still make patches for Linux
kernel 1.0?

------
legutierr
What I don't understand is the legal basis of Microsoft, a private entity,
simply being handed over the property (the domain names) of another private
entity. I understand that this is something that was ordered by a court, but
under what legal theory was the order issued?

I'm not a lawyer, but I think I've got at least a basic idea of the
circumstances under which the government can take someone's property. This
doesn't seem to coincide with any of those potential circumstances, especially
when the seizure transfers the property to another non-governmental entity.

What's more, where's the due process? No-IP seems to be saying that they
didn't even know about the court case until being served with the order. Did
they really not have the opportunity to contest this?

EDIT: To summarize some of the documents people have linked to and analyzed
below, it looks like Microsoft was granted a temporary restraining order under
"Federal Rule of Civil Procedure 65(b)", which allows for such orders to be
granted without providing notice as long as certain requirements are met.

Microsoft was required to post a $200,000.00 bond, which is supposed to pay
for any damages incurred by No-IP, and No-IP will be granted the ability to
contest the order in court on July 10, and maybe earlier. However, it is clear
that No-IP knew nothing about even the lawsuit until they lost control of
their domains, as this was specifically ordered by the court.

Also, there is no answer as to whether transferring control over domain names
from a defendant to a plaintiff is something that courts should be empowered
to do as part of a temporary restraining order. I hope a lawyer with some
knowledge in this area can chime in to answer that question.

~~~
jevinskie
I don't think they had any opportunity to contest.

IT IS FURTHER ORDERED that the Registry Operators must:

...

d. Shall completely refrain from providing any notice or warning to, or
communicating in any way with Defendants or Defendants’ representatives and
shall refrain from publicizing this Order until this Order is executed in
full, except as necessary to propagate the changes ordered herein to all parts
of the Domain Name System;

[http://www.noticeoflawsuit.com/docs/Second%20Amended%20Order...](http://www.noticeoflawsuit.com/docs/Second%20Amended%20Order%20-%20flattened.pdf)

I haven't yet found Microsoft's justification for the seizure without notice.

~~~
wfjackson
Edit: Looks like Microsoft filed for and got a emergency temporary restraining
order against all the defendants including No-IP.

[http://www.noticeoflawsuit.com/docs/Second%20Amended%20Order...](http://www.noticeoflawsuit.com/docs/Second%20Amended%20Order%20-%20flattened.pdf)

Also this is No-IPs response to Cisco's previous accusations.
[http://www.noip.com/blog/2014/02/12/cisco-malware-
report/](http://www.noip.com/blog/2014/02/12/cisco-malware-report/)

They did have lot of chances to contest. Apart from Microsoft's notices, the
court sent a notice to No-IP which they didn't respond to. They cleary state
that ex-parte decision will be taken if they don't respond. Maybe federal
courts don't like it very much if you act like they don't exist.

[http://www.noticeoflawsuit.com/docs/Summons%20for%20Vitalwer...](http://www.noticeoflawsuit.com/docs/Summons%20for%20Vitalwerks.pdf)

~~~
mikeryan
I'm not sure they did, the order has this statement (emphasis mine);

8\. Microsoft’s request for this emergency ex parte relief is not the result
of any lack of diligence on Microsoft’s part, but instead based upon the
nature of Defendants’ unlawful conduct. Therefore, in accordance with Federal
Rule of Civil Procedure 65(b) and Civil Local Rule 7-5, good cause and the
interest of justice _require that this Order be Granted without prior notice
to Defendants, and accordingly, Microsoft is relieved of the duty to provide
Defendants with prior notice of Microsoft’s motion._

I should note my laymans reading is that Microsoft proved exigent
circumstances that negated the need for prior notice.

~~~
legutierr
Here is Federal Rule of Civil Procedure 65(b):

[http://www.law.cornell.edu/rules/frcp/rule_65](http://www.law.cornell.edu/rules/frcp/rule_65)

 _(1) Issuing Without Notice. The court may issue a temporary restraining
order without written or oral notice to the adverse party or its attorney only
if:_

 _(A) specific facts in an affidavit or a verified complaint clearly show that
immediate and irreparable injury, loss, or damage will result to the movant
before the adverse party can be heard in opposition; and_

 _(B) the movant 's attorney certifies in writing any efforts made to give
notice and the reasons why it should not be required._

So, if all of this is considered a "temporary restraining order", then it must
be based on these rules, which also seem to provide certain protections to the
affected party, including requiring the plaintiff to put up security to
reimburse the affected party for any damages they may suffer as a result of
the order.

I hope that a lawyer can chime in here and give a decent opinion as to whether
this is kosher, and also to answer whether it seems correct to effectively
transfer control over property such as domain names through this mechanism.

~~~
dlgeek
Later in the order they required Microsoft to post a $200,000 bond. Not sure
if that actually covers the potential damages.

------
ntakasaki
They also deny Cisco's allegations here.

[http://www.noip.com/blog/2014/02/12/cisco-malware-
report/](http://www.noip.com/blog/2014/02/12/cisco-malware-report/)

It doesn't compute that Cisco is casting blame on them and Microsoft got a
court order when all they had to do is send an email.

It's kind of strange, they're probably unable to keep up with the abuse
reports and validating them or something. There are a lot of dynamic DNS
providers so why do the bad guys pick them for the most part for their DNS
needs?

~~~
Omniusaspirer
Presumably because they have a free basic service if you use one of their
subdomains. While other companies I'm not aware of might offer the same I've
yet to stumble across them.

~~~
shawnz
DynDNS and afraid, which as far as I know are the next two most popular
services like this, both have free options.

EDIT: Looks like DynDNS recently got rid of their free offering. I wonder if
that was related to this?

~~~
LukeShu
DynDNS dropped their free offering a couple of years ago. If you had created
your account before then, you were grandfathered in, and still got 5(?)
domains for free; as long as you logged in frequently enough.

~~~
krallja
Dyn permanently ended its free hostname program in May 2014, with 30-day
notice given on April 7. [http://dyn.com/blog/why-we-decided-to-stop-offering-
free-acc...](http://dyn.com/blog/why-we-decided-to-stop-offering-free-
accounts/)

------
ggchappell
If this action is troubling, then we need to stop putting the blame in the
wrong place.

Microsoft does not have the power to seize domains. A federal court order made
that happen. This order is (apparently) the responsibility of the U.S.
District Court of Nevada. If you want to blame someone, then blame the court.

Obnoxious people ask courts to do obnoxious things every day. Good courts do
not comply.

~~~
higherpurpose
So why not blame the "obnoxious people" in this case, too? It's like the
patent system abusers (which perhaps not by coincidence, Microsoft is one,
too) excuse: "don't hate the player, hate the game". Yeah, right. Nobody held
a gun to their head to do this. It was a premeditated action by Microsoft.

~~~
ggchappell
You are correct that Microsoft would deserve some of the blame, if there is to
be blame. However, user pessimizer put it very well:

> Microsoft has no obligation to you. Your judicial system does.

In any case, there is no "hating the game" here. The fault -- if one has a
problem with this action -- is not with "the system", but with a very specific
player: the federal judge who issued the order. (I don't feel like going
through the trouble of finding his/her name, but I doubt it would be
difficult.)

------
randunel
So when will Canonical file an ex-parte TRO against Microsoft for failing to
secure Windows XP against malware? It would be nice to see a windows update
which upgrades to linux :P

Later edit: Isn't this ironic, how most botnet members are running Microsoft's
software, yet they get to do this?

~~~
mpyne
Creating the tools by which _anyone_ might theoretically spawn abuse is not
the same as proactively hosting those engaging in the same.

E.g. one might reasonably disrupt a farmer's market known to be selling beef
infected with salmonella without banning cows of the same breed across the
world.

~~~
pbhjpbhj
Would you shut down the printing company that makes the flyers that tell
people where the market is though? Oh, and hand over the presses to a local
supermarket to keep printing the flyers but with the convert replacement of
the address of the supermarket as the place to source your meat.

------
starik36
I was affected. Even though I used NoIP's free service simply to get to my
home network, I still can't get in.

Thanks Microsoft.

------
norswap
Wait, how can a company seize the domains of another?

~~~
nimish
By convincing a judge that it was necessary?

Actual detail here:
[http://www.noticeoflawsuit.com/index.htm](http://www.noticeoflawsuit.com/index.htm)

~~~
jevinskie
The legal team got a domain just for the notice?

------
jpgvm
This smells like BS, this also isn't the first time that other entities have
had to step in to cleanup their crap.

Especially this quote: "Apparently, the Microsoft infrastructure is not able
to handle the billions of queries from our customers."

Azure DNS, Microsoft.com, Bing. Yeah, all of those already require billions of
DNS queries. I don't doubt things are not working correctly, but insinuating
Microsoft can't handle the load just makes their case smell even worse.

~~~
norswap
I think what is insinuated is that they botched the job, not that they're not
technically capable of doing it.

~~~
jpgvm
I can agree with the fact they probably botched it (potentially on purpose),
but the way it's articulated in the No-IP reply leaves little ambiguity that
it was intended as an attack on their technical capability.

I am not in love with what Microsoft did here but No-IP is not doing the best
job of defending their position.

------
secalex
The Microsoft hate here is unfounded and ill informed.

Those of us working defense at large organizations have known for a while that
No-IP domains are wretched hives of scum and villainy. Any company with a
threat model that includes at least one of a diverse set of characters ranging
from malware authors to organized crime to nation state teams should be
logging all DNS requests and treating any request to a No-IP domain as an
indicator of compromise.

Microsoft has a successful history of disrupting botnet C&C and distribution
channels via domain seizures, which is why this request probably sailed
through Federal Court. The only difference in this situation is that there are
innocent bystanders affected, which generally doesn't happen since the other
domains they have seized have been 100% used for fraud.

I feel bad for those folks and the people at No-IP who maybe meant well, but
the truth is that the fight to keep normal people safe is bigger than just
technological, and needs to include civil legal actions like this.

~~~
liquidise
You seem to miss a key takeaway from this: the analogous comparisons to this
in physical services companies is laughable:

If, as a car company, i sell cars with potentially lethal flaws, i am
required/told to recall and fix those vehicles. Other companies who sell cars
are NOT allowed to have a court order the seizure of my phone numbers and have
them direct to competitive business, so they can figure out who is driving
safe cars and who isn't.

Secondly, the idea that private companies can be labeled "wretched hives of
scum and villainy" by other private employees and have that permissible as
anything other than meaningless hearsay is itself, nonsense.

I have read many documents on this today and every HN comment and I have yet
to find someone present a case as to why on earth this is a good and
sustainable precedent.

~~~
CHY872
How does missing the 'car analogy' help at all? Analogies are only ever useful
to explain to those who do not understand the first case - trying to draw
parallels otherwise inevitably leads to gross simplifications, and they're
incredibly frequently abused to try and make another point. Analogies are
great if John Oliver, or you're at the bar and talking to Erv the local HVAC
guy - but this is hacker news, we normally understand this - and trying to
port it to a completely different legal framework is probably disingenuous.

------
vzhang
If I keep getting spam emails from a Hotmail account, should I file a motion
to take down the whole Hotmail domain?

~~~
McGuffin
Sure, you could do that. Personally, I have always had a reply from their
abuse department within the hour (usually it's solved by then, too).

But indeed, if you feel you have sufficient evidence that MSFT is downright
neglectful and turning a blind eye to spam accounts, feel free to file a
motion and post a $200k+ bond.

------
davidbanham
If anyone needs a replacement for no-ip, I wrote this the other day:

[https://github.com/davidbanham/cloudflare_dyndns](https://github.com/davidbanham/cloudflare_dyndns)

~~~
stevekemp
And I recently setup [http://dhcp.io/](http://dhcp.io/) \- source also on
github.

~~~
andor
Nice! Simple HTTP API, no custom client needed, very easy to include in
scripts.

Is there any reason why you're not serving via HTTPS? Without encryption,
credentials are completely open to the network.

~~~
stevekemp
Largely because this is a toy-project which has no income behind it.

(It was initially going to be commercialized, but in the end I found people
pretended they'd pay, rather than actually wanted to do so for extras like
more hostnames, MX records, etc. So in the end I went with a different project
[https://dns-api.com/](https://dns-api.com/))

I could pretend I regard DNS data as public, but sniffing the update token
could allow malicious users to change things in surprising fashions so it
really does deserve SSL, but I'm not going to pay for it. I would hope that if
users cared about security they'd deploy their own instance - and pay for the
resulting Amazon traffic.

------
wfjackson
Interesting that the claim they didn't get any notice, this is what Microsoft
has to say in their complaint.

>...United States, including those located in the state of Nevada and the city
of Las Vegas. Defendant has a contractual obligation to take reasonable and
prompt steps to investigate and respond to reports of Internet or computer
abuse, and the company has also made representations to the public that it has
an “abuse team” to police and take action against such malicious activity. Yet
Defèndant has failed to take sufficient action to stop, prevent, or
effectively control this malicious conduct in breach of its contractual
obligations and best practices of the industry, causing further harm to Nevada
and Las Vegas residents.

~~~
Mandatum
We assume that this is on-going (No-IP was the go-to since 2004) and Microsoft
has finally decided they'd be able to take it over. Unfortunately they didn't
plan enough to anticipate the amount of traffic they'd receive. If I was No-
IP, I'd be out for blood.

Someone sends a court order to essentially handicap your business, putting it
at risk for the sake of malevolent users. This was a situation where No-IP's
"resolution" process should have been reported (ie they cater to criminals for
profit), and not man-handled by a separate law and business body.

~~~
wfjackson
>Someone sends a court order to essentially handicap your business, putting it
at risk for the sake of malevolent users.

"Someone" in this is case is a federal district court which did that because
there was no communication from No-IP. MS does not have the power to send
court orders. The court ordered No-IP to send a response and looks like there
was no response.

>If I was No-IP, I'd be out for blood.

Who's blood?

~~~
tonywebster
> "...which did that because there was no communication from No-IP ... The
> court ordered No-IP to send a response and looks like there was no
> response."

That's absolutely false. Microsoft explicitly asked the court to allow them to
file the entire case under seal, and to obtain ex parte emergency relief
_without notifying the defendants_.

The TRO states: “...good cause and the interest of justice require that this
Order be Granted without prior notice to Defendants, and accordingly,
Microsoft is relieved of the duty to provide Defendants with prior notice of
Microsoft’s motion.”

The judge signed that. No-IP did not receive any advance warning or service by
Microsoft's own admission, and No-IP's blog post confirms they weren't served
until today.

