In major metros it is really hard to get roof rights. In larger buildings HOAs even have exclusive agreements with cable and satellite resellers that install a single set of equipment for the entire building.
You are trading one set of ridiculous laws for another.
The beginning of the article mentions using off the shelf parts, with terrible results. I'm sure if it was that easy and they got decent results from it, they would not have expended so many resources custom building stuff.
But is that a good thing? Being "unable to take down malicious domains"? I don't know. There is a part of me that wants to protect against this ability to take down domains - and another part of me that says if there were domains spewing malware and facilitating botnets I'd like to see them taken down somehow.
> But why wouldn't a blacklist of people trying to game the system be unmanageably huge?
First, you don't have to leave every entry on the list until the end of time. At some point (possibly as a result of the domain being on the blacklist) the attacker is going to discontinue using it and it could then be removed. Second, you don't have to store the blacklist on every client device.
You could even just integrate it with the DNS. If you want to know if foo.com is on the blacklist, you do a lookup for foo.com.blacklist.google.com and if that resolves then it's blacklisted. If you don't trust Google to maintain the blacklist then you change a setting and your computer looks up foo.com.blacklist.microsoft.com or foo.com.blacklist.spamhaus.org or whatever else instead.
The point is to decentralize the decision of who maintains the blacklist, so that users can stop using a blacklist if its maintainer makes unpopular decisions.
It could be "unmanageably huge" for clients, just like the blockchain itself is unmanageably huge for clients. This is the reason DNSChain is designed the way it is (having a personal, dedicated server to store the blockchain for "groups of friends"), thus allowing many client devices to send it arbitrary queries.
No need for a blacklist either, I don't believe there's been a single example of a malware using a purely DNS based C&C (e.g by utilizing TXT records) instead of using DNS to get the IP address for the C&C server.
Of course there's always an exception, in this case there exists DNS beacons included in pentesting suite Cobalt Strike, but that doesn't seem to be something widely used.
But that's an awful analogy and frankly you should be ashamed for even trying to paint it in that light. NOIP did nothing illegal whatsoever, their only "crime" was that they didn't do enough about malware distribution to keep Microsoft happy- which last I heard wasn't illegal.
To use your car wash analogy, it's more like the car wash unknowingly washed the car of a drug trafficker and then was essentially put out of business the next day for being "complicit in the illegal activity".
I am uneasy about this situation, but the car wash in question is more like the car painting shop in Grand Theft Auto. Even if painting cars is a legitimate activity, when 75% of your customers are trying to mask illegal activity you should be doing some due diligence to ensure that you're not enabling illegal activity.
I'm not totally okay with what happened here, but I'm confident that it was not a "oops, sorry, we'll ban that botnet" situation. no-ip's primary use case is botnets, and they do have a responsibility to minimize botnet use. They can't claim ignorance given the widespread use.
no-ip primary use case is certainly not botnets. It's used by dsl users to connect to their home network, or to get an easy to remember address for a vps, or maybe while developing something before getting a proper domain.
75% is a HUGE overstatement, No-IP allegedly has ~4 million active accounts. Of those 4 million, 3rd party security firms claimed ~12k of them were involved in the distribution of these two bits of malware, No-IP said the number was more like 2k. If those numbers are correct then you're talking thousandths of a percentile being the reason for this domain seizure.
Protecting picket lines is a strategy that goes back to the Chartist movement in England. The whole point of a picket line is to shut down production. Many early labor wars involved management hiring private armies that beat up and even shot strikers.
Organized cribs involvement started during McCarthyism in particular (red scares more generally). When socialists (with a rank and file power perspective) were driven out, the vacuum left was filled by mobsters (in some cases).
Yes, 100 years ago factory owners sure did (Ford being a classic example). More recently they have not.
Low level violence is frequently applied by strike workers today. I once worked (white color job) for a shipping company and we had one strike every couple of years, sometimes more than one in a year (stevedore and sailors were both unionized so there would be two separate negotiations, each of which inevitably ended in a week or two week strike).
Try driving through a picket line of stevedores and see what happens to your car. Actually don't, you will regret it. If they think you are a scab, you will be punched.
If a hardcore unionist calls you a scab, be scared. Its the worst insult they know, and its backed by extreme hatred.
As far as organized crime violence goes, I have no experience with that. I always assumed that was Sopranos fiction.
Unionism has done good things, but I don't believe it has a place in a high tech industry. What Uber needs is solid competition so that drivers can simply defect to a competitor.
I teach the LSAT. This fallacy occurs all the time. It's "incomplete comparison". Giving information about only one half of a comparison, then stating or implying a conclusion based on that inadequate information.