Hacker News new | past | comments | ask | show | jobs | submit login
DHS asks Mozilla to take down MafiaaFire add-on (lockshot.wordpress.com)
368 points by akavlie on May 5, 2011 | hide | past | web | favorite | 75 comments

I'm thrilled that Mozilla didn't give in to their demands (yet).

I'm confused as why the HN headline says "MediaaFire" while the linked article and add-on are "MafiaaFire", though. UPDATE: It was a mistake and was fixed.

Oh, and it's completely ridiculous that DHS is enforcing IP. I mean, what a completely inappropriate and wasteful use of that department.

Edit: Did a Google search for "MediaaFire" which brought up nothing relevant. It DID show this posting, though, which I find to be amazing (It's only existed for 15 minutes.)

> it's completely ridiculous that DHS is enforcing IP

The Secret Service was created by Lincoln to combat an extremely high rate of counterfeiting currency[1]. When the Department of Homeland Security was created, the Secret Service became part of that department.

I'm sure you will be happy to know that the Secret Service also provides protection for "important" citizens traveling abroad. They also investigate cases involving child pornography and various types of fraud.

[1] http://en.wikipedia.org/wiki/United_States_Secret_Service#Ea...

Defending currency is NOT anything like defending civil IP. It's not even covered by the same laws, for starters.

While I agree with you, it is interesting to note that ACTA originally started out as an anti-counterfeiting agreement. But then again, counterfeiting currency might still be under different laws from counterfeiting designer jeans.

Bureaucracies are grown, not designed.

They also rarely stop growing.

"Bureaucracy expands to meet the needs of the expanding bureaucracy." -- Oscar Wilde

That looks like a paraphrasing of Parkinson's Law[0]


Sometimes they grow by themselves, not unlike a cancer.

For example, just found out not too long ago that TVA* still exists!


To me that is a prime example of a self perpetuating bureaucracy. It is like a self-aware organ of a larger organism that refuses to die and does all it can to fight back and stay alive.

* For those who are wondering this is the Tennessee Valley Authority. Which was created during the Great Depression to help electrify the South. The South has pretty much been electrified but TVA still keeps on chugging along 80 years later.

It's a government chartered corporation. Like Fannie Mae or the Post Office. I was surprised to also found out they still existed when I got a call for a contracting gig with them. I believe the second sentence out my mouth after the introduction was, "I didn't know you guys were still here!". But it makes sense. It's not like all those dams, powerplants, and electrical lines continue to take care of themself once the installation is done.

Unlike the governments law enforcement apparatus, TVA still works in the domain they were deployed for, managing water and electricity in the areas around Tennessee.

Homeland Security is not one department — it's an umbrella for several previously unrelated departments, some of which (e.g. Customs) are involved in IP enforcement.

The very fact that ICE is involved in IP enforcement is itself a pretty shameful anachronism. If the US Government wants to have a department that acts as the enforcement arm of the content industry's copyright battles, then it should create a division whose primary duties are not "chasing down Mexicans". The link between bootlegging and the borders hasn't been germaine in over a decade, and asking ICE to be responsible for enforcement is almost guaranteed to cause the sorts of issues we've seen so far with regards to inappropriate domain name seizures and illegal requests made of organizations like Mozilla.

I don't personally believe that the gov't has any business acting as a uniformed proxy for the RIAA and MPAA, but if they're going to take on that role they need to create an organization with the mandate to do so, a clear mission statement, and transparent statements and limitations of power. They need to be independent of the content industry, and operate within well-defined boundaries if they are to have any legitimacy.

Actually, "chasing down Mexicans" was not one of the department's duties until very recently. For a long time, Customs was almost exclusively concerned with illegal imports and counterfeiting. It was only within the last 10 years that Customs got merged with the Immigration & Naturalization Service as part of Homeland Security's organization.

Chasing down mexicans could be either Border Patrol or ICE, depending on whether said mexicans are near the border or are deeper in the interior of the country.

> if they're going to take on that role they need to create an organization with the mandate to do so, a clear mission statement, and transparent statements and limitations of power.

I guess the FBI has too many cumbersome rules to be trusted with criminal investigation.

Agree that this is a gross abuse of power. For one thing, isn't DHS' job protecting the physical safety of the US home soil?

If so, what does IP law have to do with this? Don't they have terrorists to catch, luggage to search, and people to view naked through a machine?

I'm of the opinion that the DHS is a wholly unnecessary entity that is one of the worst legacies of 9/11. They don't do anything that the FBI/CIA wasn't already able to do before. Just another bureaucracy to waste our money and pervert our freedoms.

I just corrected the headline, don't know how I got "MediaaFire". Thanks.

Last I heard it was called MafiaaFire as an irony to MPAA and ICE.

I've never been a fan of ICE's technique of seizing domains. I don't think they should have the authority to do that. And then updating them and redirecting to their page that the domain was seized and potentially tracking the IPs of those that visit the site. It really bothers me that they have the authority to do that in the first place.

They have already got in to some hot water when they seized a dynamic dns domain that was hosting thousands of subdomains (only one was accused of pedophilia trafficking). They wildcard redirected the domain to an IP that hosts a page saying that domain was seized because the site was hosting pedophilia. Pedophilia labeling was strung across a lots of personal sites, church websites, and radio station websites in the processes. It took days for them to revert it and have all the DNS records propagated but the damage was partly already done as it labeled innocent parties as pedophiles without due process.

Not sure who is doing oversite of the DHS/ICE's efforts here. Probably best not to buy .COM/.NET domains, especially if you register it with US address in the WHOIS.

I saw someone point out that DHS's seized domain page isn't very accessible due to just being an image.

I noticed that the image is always named something generic like banner2.jpg and there's no other uniquely identifiable information in the HTML. I think they do it specifically to make it very difficult to Google Search for seized domains.

Violation of government accessibility requirements. Oh and it's horribly compressed (150k+ IIRC), text stored on a JPEG (PNG is so much better for graphics), not hosted on a CDN, lacks etags so there is no caching, and the background image of the "seized" text in red is just as bad. Wasting my tax money on massive bandwidth drain to host the page and wastes my bandwidth caps to load it. Makes me angry.

> Violation of government accessibility requirements.

I've always wondered if they could be sued for that.

I'll throw in a few bucks if you want to try.

IANAL and don't have the time to arrange something like this or I would def try.

PS: I would throw money someone's way to do this too.

It may violate the ADA, but the lack of accessibility only prevents a visitor from benefiting from the DHS's message, not a site that they would otherwise use without trouble (as is done for IRL ADA complaints). Even if someone could get in front of a judge with this, I'm sure the DHS has absolute immunity for stuff like this.

If they can't see, they can't be told what this image says on the page, the only image on the page. Imagine if there were important information in it or something other than just a warning.

Imagine if there were important information in it or something other than just a warning.

Sure, but there isn't. :)

Don't think they'll find anyone willing to contribute design effort. No graphic designer would want to add this page to their Design Portfolio.

If I did graphics design, I would have no problem with it -- heck, I would even tell people about it :)

Unless some other smartass is doing it too, it was probably me. Every time one of these domain seizures comes up I point out that the page you're redirected to isn't accessible to Americans With Disabilities. Petty? Maybe. It would be nice to force their hand once in a while.

> I think they do it specifically to make it very difficult to Google Search for seized domains.

You are willing to give them more credit than I am.

TL;DR -- Mafiaafire redirects you to an alternative domain when the primary domain is moved or seized. So basically the DHS is trying to suppress a workaround to their domain seizures.

I'm not sure they have much of a legal argument here though, nor do they have a due process workaround... well, unless they seize mozilla.org.

The validity of the "legal argument" is whatever a fellow government employee says it is. Some septuagenarian with an arts degree isn't likely to see this "computer stuff" as anything but a means to circumvent the law.


The linked article is excellent. If it's not been submitted to HN before, I suggest the parent do so.

They might use MGM v. Grokster to make some kind of inducement claim, but one might think that this would be the sort of thing copyright holders would do, rather than the DHS. I don't know that they have in mind, but it's probably one of the few straws they could grasp at.

And there's that other test case Grellas posted the other day, suing C|Net for distributing Limewire. It obviously hasn't been decided yet, but it could create a dangerous precedent in the future. I strongly suspect they expected everyone to just cave. As things stand, I expect that copies of the extension will get hosted outside the USA, making any further action meaningless.

Even had they quietly allowed it to get taken down, someone almost certainly would have hosted a copy or created a new extension outside the US.

If the DHS had a legal leg to stand on they would have delivered their request via official channels.

They didn't actually mention what channels they went through. What would an "official channel" look like, in this case?

Also, perhaps they didn't want to spend the $5k on a lawyer to draw up an official document, hoping that a simple request would suffice. Understandable, and laudable - as is Mozilla's refusal to comply with what is nothing more than a request.

What would an "official channel" look like, in this case?

Though nobody concerned is revealing the actual delivery method, it would look something like a process server and it wouldn't be called "asking."

They don't need official channels... they can just take the domain name for providing a plug-in that links to pirated content. The Mozilla domain might pull up a DHS graphic any day now! (it would be interesting if the DHS would go so far as to take down a site used by millions... but you never know as it appears DHS is above the law)

a site used by hundreds of millions, actually :-) and a site that helps ensure the security of every Firefox user across the globe.

> Also, perhaps they didn't want to spend the $5k on a lawyer

a government bureaucrat letting pass a chance to send more work to his lawyer friend? Nope. They just do not risk yet to attack Mozilla on such a shaky ground as declaring such an add-on as a paraphernalia of copyright infringement. Yet, it is just a matter of time. They will start with somebody less popular than Mozilla.

I would imagine DHS has their own lawyers on staff?

Wouldn't that fall to the Department of Justice?

No, all government agencies have a legal staff. The DoJ's mandate doesn't include screening all government actions for legality.

>If the DHS had a legal leg to stand on

they would have raided the mozilla's offices and as GP mentioned seized the domain. When they can - they do.

Is it just me, or does DHS really seem like a rogue organization that thinks they're above things like due process?

Which is bad enough when they are, you know, securing the homeland.

This kind of thing just makes them look like hired thugs (working essentially for free, no less).

Yea, definitely not for free though. That's my tax money paying their salaries.

I kind of wonder why there isn't more outrage over stuff like this. I guess I'm either overreacting or people just don't understand it (or don't care).

There is quite a lot of outrage over it. But on the other hand, people feel powerless to do anything against these kind of things. There is so much to be outraged about. The current course of events, resulting in more and more restrictions of freedom, seems inevitable.

There also seems to be a huge segment of the population who don't notice anything at all unless it happens somewhere between their television and the nearest WalMart.

They run the TSA... what did you expect?

subset of a department being stupid doesn't make the entire department stupid. Classic class inheritance example.

Well in this case, I think the stupidity attribute was probably declared on the parent class.

Incorrect analogy. A subclass is defined as a class which can be used anywhere its parent can be used. Your comment implies that the TSA could be used to perform any duty of the DHS, which is obviously false. The DHS can however perform any duty of the TSA, since the TSA is under control of the DHS.

So yes, stupidity of the child organization does imply some degree of stupidity of the organization as a whole. The converse however is indeed false (incompetence of the DHS does not imply incompetence of say, the Secret Service).

Domains seem sort of like property but on some level are really speech. Were the NY Times to write an article that said, "The IP address of www.whatever.com is" would DHS try to shut down the presses? Ultimately, conveying that piece of information is what this plugin (and indeed, the DNS system before DHS got to it) does.

If you upvoted this article and think raising awareness of such overreaches is important consider contacting your elected representative, the person whose job is to hold government organizations accountable to the public's concerns.


Well, I guess they can ask for whatever they want.

IANAL, but I don't see how it could be illegal to violate a court order that is not directed at you.

Typical Government High-handed tactic. We will ask sternly that you "Remove/Stop/Cease" certain activity as it renders some of our actions slightly less effective.

Basically Mozilla replied with "Oh Yeah...Show me which law compels me to listen to your non-threat threat? " Fantastic and perfectly legal response.

99% of others would have just blindly complied - which is probably more scary to me than anything any External entity might do to America.

This will be another occurrence of Streisand effect.

Anybody else curious about these "seized domains" Homeland Security is trying to "protect" us from?

Ok, I was really curious, so here's what I found so far:






Most were video streaming websites.

Last year ICE seized 9 other domains too (also mostly video streaming). Details here: http://articles.latimes.com/2010/jul/01/business/la-fi-ct-pi...

Another interesting thing here is that Mozilla has just provided the blueprint for responses should other sites get this kind of request. Perhaps this could seed a project for "how to respond if it happens to you".

Wow, what a text-book perfect response from Mozilla. Well played, guys.

DHS will not get far as is it's evident that they are asking, not telling. The law isn't on their side and let's hope that they're not above it.

As far as Mozilla is concerned, I have always held them in high regard and this case reaffirms my point of view. What scares me though, is the far reaching arm of DHS being able to take down domains in the first place.

Is anyone else worried that the MafiaaFire authors might start putting bogus redirects in the plugin? Does anyone know the people behind it?

The authors of all kinds of extensions could do all kinds of trickery, when you install an extension you generally are trusting the author of that extension.

The circus will run out of fuel eventually.

I'm not so optimistic.

The airport security circus has been going for a very long time, and only getting worse.

And before too long it will be expanded to include the "High Speed Rail security circus"!

Well how else are we to keep a terrorist from crashing a train into the White House?

Or: how else are we to get even more subjects (er, citizens) fully accepting of getting full-body xray-scans of their "privates" (saved on a server somewhere forever, no doubt) performed by their neighbor the DHS bureaucrat, who is "just doing his/her [badly needed] job"?

And hopefully gas prices will go up well past $10/G so even more subjects will be forced into mass transit. Then, one "terrorist bomb" on a muni bus, and bingo: DHS for all (or would that be "DHS uber alles"?)! (Unemployment will drop sharply due to DHS hiring; the MSM will be gleeful!).

Thank goodness for Big Brother.

Quite worrying development. I don't see why DHS should police IP.

The proper name should be the Union of Motherland Securities (it might be a better fit for them to be a part of old Soviet Union)

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact