The comments here are surprisingly pro-Microsoft. I'd personally rather deal with spam and botnets over a corporation legally being able to take over the DNS of other companies due to the actions of users of a service. Despite pretty clear slippery-slope arguments, I recognize this isn't a universal opinion. There are many people who would like to curb cyber-bullying at the expense of freedom of speech or curb terrorism at the expense of privacy and civil liberties. It takes all kinds, I guess.
It wasn't actually due to the actions of their user though, was it? It was because of the actions of NoIP themselves, who did not act to prevent abuse by their users.
From what Cisco and Microsoft are reporting NoIP is (was?) a hotspot of botnet activity. If NoIP was not doing anything against that Microsoft's lawsuit doesn't sound that unreasonable.
How this was actually implemented in the end (MS just taking over the DNS) does seem a bit strange to me though. They should at least have been taking over by a government agent.
Wouldn't a similar line of reasoning be "It seems that computers running Microsoft Windows are a hotspot of botnet activity. Year after year, a vast majority of computers used in botnets are running Windows; they are clearly not doing enough to prevent abuse by their users. Lets give control of the Windows code base to Linus"
I think most of the judges would be able to see through it and recognize that running a free DNS service which ignores abuse by botnets and having an OS which can be used to run various programs on, including malware, is a bit different thing. If you could prove Microsoft "clearly not doing enough to prevent abuse", you could probably win a juicy class-action lawsuit, but proving this would be extremely hard.
How would NO-IP detect C&C servers aliased to their subdomains, even if they connected to every single one of their subdomains daily -- they wouldn't know what ports to scan. By my, possibly naive thinking, they'd have to impose denial of service attacks on their own customers, constantly, and they would be easily thwarted by port knocking schemes. Probably their only recourse is to stop offering free service, and instead take payment, or require and verify customer IDs. I'm not sure there's a technical solution. Microsoft seems to be attacking their business model.
If they went through with their intended plan to stop supporting Windows XP, then proving that they were "clearly not doing enough to prevent abouse" would be trivially easy.
How so? Microsoft never promised it would support XP forever. EOLing old versions is a standard and widely accepted industry practice. Just buy (or install for free) a newer operating system. Buying a license to run Windows XP on your computer does not entitle you to unlimited amount of free labor from Microsoft. If you think that makes XP suck, nobody forces you to buy it or keep using it. Are you also expecting Linus to still make patches for Linux kernel 1.0?
I think some related arguments to your point are that you could say ISPs don't do enough to prevent pirated content from being transmitted on their networks or that Muslims don't do enough to prevent Islamist extremists in their communities. These claims might be true, but should companies or governments be stepping in to solve these situations? Who is mandating that they need to be "solved"? What are the consequences of solving things these ways? Could there be more nuanced implications than the solving of the thing they're trying to fix on the face of it?
You might just as well say it is the IANA's fault for issuing the IP addresses the malware authors used, or Ford's fault for building the getaway car used in a bank robbery.
Turning over IANA or Ford over to Microsoft would not prevent malware or robberies. Turning over NoIP to Microsoft will prevent malware (at least in the short term).
And what about any innocent users of Dynamic DNS who are currently suffering from the consequences of this action? No-IP's statement implies that this is somewhat widespread and due to Microsoft's inability to handle the responsibility it has somehow acquired in this case. Others on HN seem to be posting independent verification of this using standard tools from their own systems.
In short, it is neither obvious that turning over NoIP's domains to Microsoft will prevent malware, nor clear what should happen if it doesn't, and it is certainly not clear that Microsoft will not cause more damage than they repair by acting in this way or what should happen if they do.
You're kidding right? I honestly burst out with a laugh when I read this. In what world do you live in where Microsoft seizing control of a single dynamic DNS provider will "prevent malware" (even in the short term)?
It's not like this motion has created some insurmountable wall that malware creators can't possibly work around.
It of course did not create insurmountable wall, but many malware platforms rely on free DNS services for establishing communications, and if particular strain is hardcoded to use no-ip, the instances that rely on it would not be able to establish the connections and thus would not be controlled by botnet owner anymore, at least for the time it takes to either deliver update by other means (provided such means are coded in particular strain) or re-infect the machine with different strain of malware. Of course, once malware authors know no-ip is no longer their friend, they'd move on to use different services, but the instances that were produced before that may very well be disrupted.
In any event, the malware will at least not resolve to a no-ip.com address, since apparently nothing is able to consistently resolve to such addresses anymore...
Well, how exactly does this prevent malware? Oh, that's right: by shutting down thousands of malware-serving DNS records. (And, btw, millions of legitimate records - but hey, that's just collateral damage; a thousand, a million, same thing, right?)
Using the same logic, let's just prevent malware altogether by blackholing all of the Internet traffic - problem solved!
I would imagine most DDNS services push traffic to a blacklisted node. Your ISP blacklists the D-IP so that you, as a lowly end-user, can't run something like an email server. So, I would imagine effectively sorting out which IP addresses are blacklisted because of malware infection or simply ISP infection would be very hard indeed...
>It was because of the actions of NoIP themselves, who did not act to prevent abuse by their users
The article of this thread (that is the blog post of NoIP in response to MS's actions) which I'm sure we all read, says that NoIP themselves DID act to prevent abuse. They were not informed of this action by Microsoft.
I don't agree with the precedent set here but it does seem No-IP was doing a pretty bad job of responding to mass abuse.
While I do take issue to the actions of Microsoft and the courts I also think No-IP hasn't done themselves any favours and are at least partially to blame for this coming to pass.
It stands to reason that it's close to impossible to create a free service that is impervious to abuse however it's still their responsibility to avoid mass abuse of their platform to orchestrate botnets.
That responsibility is not absolute, and could be interpreted differently in the frameworks of ethicality, legality, economics, and liberty.
Ethically, I think you're correct that it's their responsibility to do what they can.
Legally, the court in this situation thought it was somehow Microsoft's responsibility to fix it.
Economically, I'd say being held liable to what users do on your platform will hurt innovation and competition.
In terms of liberty, botnets and spam don't seem like they compare to an attack on someone's business, their users, and their freedom to operate independently.
I guess you can choose which perspective makes the most sense to you, personally.
I don't believe they should be held liable for the actions of malicious users, that would violate all sorts of safe harbour provisions.
However, safe harbour does atleast imply reasonable effort to curb mass abuse.
Responding case by case is nice but it's not the same. As it leaves open the proverbial DDoS attack where botnets just create so many domains that the process put in place to resolve them is too burdensome for companies like Microsoft (or even law enforcement) to reasonably utilize.
Hence if you have a platform that is vulnerable to such abuses you should have systems in place to handle this at a bigger scale than single case by case means.
You believe in terms of liberty that botnets who compromise machines in order to steal data, spam and many other nefarious activities doesn't compare to one business being temporarily affected ?
In terms of liberty, one crime doesn't excuse another, especially when they're not directly related. If I manufacture cigarettes and someone dies of lung cancer, I could be ethically liable but my liberty to make cigarettes shouldn't be impacted. If someone uses YouTube to upload copyrighted things, should YouTube have its domain stolen and its users unable to use the site any more?
I don't think cigarettes are the best example because there is no use for them that doesn't potentially invoke the harmful effects for every single user. YouTube, ISPs, and dynamic domain providers have valid, widespread, legitimate, harmless uses, so YouTube is a better analogy IMO.
If one accepts the idea that courts should be seizing entire swaths of domains just to fight malware, it's still absolutely bizarre that Microsoft themselves should be given control of them, rather than an independent policing body. If there are to be Internet police, they should be independent of any one corporation, industry group, or government.
>>> In terms of liberty, one crime doesn't excuse another,
Except it is not a crime if it's done under lawful authority (by definition) or in self-defense. Otherwise you'd argue imprisoning a murderer or using force to defend your life is a crime, because outside of these circumstances limiting one's freedom of movement or using force on somebody is a crime.
>>> If someone uses YouTube to upload copyrighted things, should YouTube have its domain stolen and its users unable to use the site any more?
If that's the only thing his domain is used for, it very well may happen, and similar things already happened. Seizures of domains used for illegal activities are commonplace.
It is even more strange because botnets are the source of most DDoS, so there are ton of companies out there who have been crippled by DDoS and/or blackmail.
What I don't understand is the legal basis of Microsoft, a private entity, simply being handed over the property (the domain names) of another private entity. I understand that this is something that was ordered by a court, but under what legal theory was the order issued?
I'm not a lawyer, but I think I've got at least a basic idea of the circumstances under which the government can take someone's property. This doesn't seem to coincide with any of those potential circumstances, especially when the seizure transfers the property to another non-governmental entity.
What's more, where's the due process? No-IP seems to be saying that they didn't even know about the court case until being served with the order. Did they really not have the opportunity to contest this?
EDIT: To summarize some of the documents people have linked to and analyzed below, it looks like Microsoft was granted a temporary restraining order under "Federal Rule of Civil Procedure 65(b)", which allows for such orders to be granted without providing notice as long as certain requirements are met.
Microsoft was required to post a $200,000.00 bond, which is supposed to pay for any damages incurred by No-IP, and No-IP will be granted the ability to contest the order in court on July 10, and maybe earlier. However, it is clear that No-IP knew nothing about even the lawsuit until they lost control of their domains, as this was specifically ordered by the court.
Also, there is no answer as to whether transferring control over domain names from a defendant to a plaintiff is something that courts should be empowered to do as part of a temporary restraining order. I hope a lawyer with some knowledge in this area can chime in to answer that question.
I don't think they had any opportunity to contest.
IT IS FURTHER ORDERED that the Registry Operators must:
...
d. Shall completely refrain from providing any notice or warning to, or communicating in any way with Defendants or Defendants’ representatives and shall refrain from publicizing this Order until this Order is executed in full, except as necessary to propagate the changes ordered herein to all parts of the Domain Name System;
How do we file the same action against Microsoft? I would like to take their domains for my own purposes, which are obviously far more worthy than what Microsoft is doing with them (I swear).
I am still looking through these files, but everything that I have read points to insufficient, or zero notice having been given to the defendants prior to this order. For instance, the complaint itself...
"IT IS FURTHER ORDERED, pursuant to Federal Rule of Civil Procedure 65(b) that the Defendants shall appear before this Court on July 10, 2014, at 3:00 p.m., in LV Courtroom 7D to show cause, if there is any, why this Court should not enter a Preliminary Injunction, pending final ruling on the Complaint against the Defendants, enjoining them from the conduct temporarily restrained by the preceding provisions of this Order."
Of course, July 1 is tomorrow.
In this document, Microsoft seems to be requesting that all of this stuff be sealed until it is ready to disclose the existence of the lawsuit to the defendant, presumably after it has completed its seizure the domains:
The facts of this seem pretty clear from your link. What I am wondering is if there is any precedence for this, and if this is really considered due process?
I'm pretty sure virtually none of the spam mails in my spamfilter were sent from a phone. Nor do phones have the bandwidth to carry out DDoS attacks or host phishing sites. Nor do many people do onlinebanking on their phone (though that number is certainly on the rise).
So yes, while malware exists on android, I doubt the total damages caused by it are more than a drop in the bucket when compared to windows malware.
Goole said "Well less than 0.5% have ever had a problem", you quote a blog that turns that into "up to five million have ever had malware" which shows some ignorance of statistics, and then you turn that into "about five million are infected with malware now".
Pretty much all botnets target consumer devices and thus have ip addresses that are common for consumer devices. I'm not sure I buy that a mobile IP is worth more than a Comcast one, especially factoring in the available bandwidth.
That is certainly true. But in terms of scale even a claimed
5 million compromised android phones just barely registers while desktop botnets of six times that size are discovered.
The bandwidth constraints imposed by most users draconic data plans and the realities of limited battery life further put a fairly low cap on what a mobile botnet can do in this day and age. (both of which admittedly will hopefully change sooner rather than later...)
Presumably you have a link where we can see the notarised documentation and proof of delivery of that which was sent to No-IP that they failed to respond to?
They did have lot of chances to contest. Apart from Microsoft's notices, the court sent a notice to No-IP which they didn't respond to. They cleary state that ex-parte decision will be taken if they don't respond. Maybe federal courts don't like it very much if you act like they don't exist.
That's not true. On June 19, Microsoft filed the Complaint, Motion to Seal, and Ex Parte TRO Application all at the same time.
The TRO actually says: “...good cause and the interest of justice require that this Order be Granted without prior notice to Defendants, and accordingly, Microsoft is relieved of the duty to provide Defendants with prior notice of Microsoft’s motion.”
It says that because Microsoft wanted it to say that; Microsoft used that language in their proposed TRO for the judge to sign, and the judge apparently agreed.
The Summons has nothing to do with this. The court issued the Summons, but the court doesn't do anything with it. It's the plaintiff's obligation to serve a summons on a defendant, and they have 120 days to do so before the Court would require the plaintiff dismiss the case without prejudice. The plaintiff could serve them the same day, or they could take their time. Corporations with registered agents are much easier to serve than an individual that dodges a process server.
There's often a good chance a defendant will receive a solicitation from an attorney (who searches court records for new cases) to represent them before they actually get served with the summons and complaint. However, nothing would come up in court records in this case because the entire docket is sealed.
There's no way Vitalwerks/No-IP would have known about this, and it sounds like they weren't served until today, after Microsoft's action.
I think it's pretty clear that Microsoft wanted to ensure that nobody, including No-IP, knew about the case until they were able to strike.
I'm not sure they did, the order has this statement (emphasis mine);
8. Microsoft’s request for this emergency ex parte relief is not the result of any lack of diligence on Microsoft’s part, but instead based upon the nature of Defendants’ unlawful conduct. Therefore, in accordance with Federal Rule of Civil Procedure 65(b) and Civil Local Rule 7-5, good cause and the interest of justice require that this Order be Granted without prior notice to Defendants, and accordingly, Microsoft is relieved of the duty to provide Defendants with prior
notice of Microsoft’s motion.
I should note my laymans reading is that Microsoft proved exigent circumstances that negated the need for prior notice.
(1) Issuing Without Notice. The court may issue a temporary restraining order without written or oral notice to the adverse party or its attorney only if:
(A) specific facts in an affidavit or a verified complaint clearly show that immediate and irreparable injury, loss, or damage will result to the movant before the adverse party can be heard in opposition; and
(B) the movant's attorney certifies in writing any efforts made to give notice and the reasons why it should not be required.
So, if all of this is considered a "temporary restraining order", then it must be based on these rules, which also seem to provide certain protections to the affected party, including requiring the plaintiff to put up security to reimburse the affected party for any damages they may suffer as a result of the order.
I hope that a lawyer can chime in here and give a decent opinion as to whether this is kosher, and also to answer whether it seems correct to effectively transfer control over property such as domain names through this mechanism.
Did you read that document that you linked to? There are two things about it that you may want to look at:
- First, it says "Within 21 days after service of this summons on you...you must serve on the plaintiff an answer.."
- Second, it is dated 06/19/2014
21 days from 06/19/2014 is July 10, 2014, a date which is still in the future. Do you have any other evidence that they didn't respond? Because the document you linked to is anything but evidence that they didn't respond.
The plaintiff (Microsoft) is responsible for serving that summons, not the court (The court just issues it). The court didn't even certify the summons until 6/19, and there's no record of service, so we don't know when Microsoft served No-Ip.
That summons also says they have 21 days to respond, which, even if they were served on 6/19, hasn't elapsed yet.
EDIT: mikeryan's post above mine is even more clear - it looks like as soon as they opened the suit, they petitioned for the TRO without notifying NoIP and the court specifically granted them the right to not notify until after the TRO was served.
no-ip and such are a required service for people to host their own "cloud" solutions from their home connections.
Microsoft makes money with their own "cloud" offering. which does not require such services. So by closing down on those services (or using the redirect to collect data) they are making their offering more attractive.
Obligatory car analogy: This is very well like Ford closing down all of Teslas charging stations because someone sold weed on one of them.
Nah, not really. A closer analogy is Ford shutting down all of Tesla's charging stations because the chargers had a nasty habit of attempting to bazooka any Ford cars that drove past.
The competition from no-ip to Microsoft from this is virtually zero. Any serious hoster will have a static IP, or own their own domain.
Ford shutting down all of Tesla's charging stations because the original chargers were replaced by mean people with new ones that had a nasty habit of attempting to bazooka any Ford charging station that were withing shooting distance. Those charger were installed by any customers who happened to be within earshot of a sleazy sales guy that had a solution to cure their cars for non-existent problems by smooth talking them about "did you know internet explorer could run 200% faster" even though their car ran firefox or chrome.
more like ford closing all charger stations because a few fords left unlocked got the stereos stolen. (how could i forgot the analogy windows=car left unlocked)
It doesn't compute that Cisco is casting blame on them and Microsoft got a court order when all they had to do is send an email.
It's kind of strange, they're probably unable to keep up with the abuse reports and validating them or something. There are a lot of dynamic DNS providers so why do the bad guys pick them for the most part for their DNS needs?
The press release smells to me like they're playing the innocent, and are savvy to the kind of language their audience likes. "We were very surprised this morning"... "Had Microsoft contacted us, we could and would have taken immediate action."? Surely at some point legal proceedings would have initiated some contact?
Presumably because they have a free basic service if you use one of their subdomains. While other companies I'm not aware of might offer the same I've yet to stumble across them.
DynDNS dropped their free offering a couple of years ago. If you had created your account before then, you were grandfathered in, and still got 5(?) domains for free; as long as you logged in frequently enough.
If this action is troubling, then we need to stop putting the blame in the wrong place.
Microsoft does not have the power to seize domains. A federal court order made that happen. This order is (apparently) the responsibility of the U.S. District Court of Nevada. If you want to blame someone, then blame the court.
Obnoxious people ask courts to do obnoxious things every day. Good courts do not comply.
So why not blame the "obnoxious people" in this case, too? It's like the patent system abusers (which perhaps not by coincidence, Microsoft is one, too) excuse: "don't hate the player, hate the game". Yeah, right. Nobody held a gun to their head to do this. It was a premeditated action by Microsoft.
You are correct that Microsoft would deserve some of the blame, if there is to be blame. However, user pessimizer put it very well:
> Microsoft has no obligation to you. Your judicial system does.
In any case, there is no "hating the game" here. The fault -- if one has a problem with this action -- is not with "the system", but with a very specific player: the federal judge who issued the order. (I don't feel like going through the trouble of finding his/her name, but I doubt it would be difficult.)
Independent of the ethics of this particular case, I don't think your argument makes sense: The filing was a necessary, while not sufficient, condition for this restraining order, so you can't deny responsibility by denying agency.
Problem is, there is no good court. It's always vary case by case. Is the Supreme Court good court? It did rule in favor of gay married couples entitled to federal benefits but not so on some other issues. Laws are meant to be interpreted differently and handled differently by different judges at different time.
What you (and I and everyone is doing) is expressing our own opinion of how the complaint should be handle based on our interpretation of the law, responsibility, and society.
Exactly. Microsoft has no obligation to you. Your judicial system does. Microsoft might even be doing a good deed here, but the courts shouldn't have let them.
So when will Canonical file an ex-parte TRO against Microsoft for failing to secure Windows XP against malware? It would be nice to see a windows update which upgrades to linux :P
Later edit: Isn't this ironic, how most botnet members are running Microsoft's software, yet they get to do this?
Creating the tools by which anyone might theoretically spawn abuse is not the same as proactively hosting those engaging in the same.
E.g. one might reasonably disrupt a farmer's market known to be selling beef infected with salmonella without banning cows of the same breed across the world.
Would you shut down the printing company that makes the flyers that tell people where the market is though? Oh, and hand over the presses to a local supermarket to keep printing the flyers but with the convert replacement of the address of the supermarket as the place to source your meat.
Creating a faulty lock mechanism that can be circumvented by anyone, then putting a gate at the end of the street to stop people getting back to their own houses that are now full of crack dealers because of the faulty locks...
You go to court make a claim (copyright, trademark, or in this case negligence). Then with the judgement in hand fax that over to the registrar who has no choice but to comply. If the registrar won't comply you kick it up to the national body.
This has been going on for years. You don't own a domain name you just rent it.
This smells like BS, this also isn't the first time that other entities have had to step in to cleanup their crap.
Especially this quote:
"Apparently, the Microsoft infrastructure is not able to handle the billions of queries from our customers."
Azure DNS, Microsoft.com, Bing. Yeah, all of those already require billions of DNS queries.
I don't doubt things are not working correctly, but insinuating Microsoft can't handle the load just makes their case smell even worse.
I can agree with the fact they probably botched it (potentially on purpose), but the way it's articulated in the No-IP reply leaves little ambiguity that it was intended as an attack on their technical capability.
I am not in love with what Microsoft did here but No-IP is not doing the best job of defending their position.
Try and query anything.no-ip.biz. At the moment, I'm getting regular timeouts on queries to both ns7.microsoftinternetsafety.net and ns8.microsoftinternetsafety.net. It shouldn't take much for microsoft to log all incoming dns requests and put in an NS record to let traffic continue flowing down to no-ip's actual nameservers. A simple `dig whatever.no-ip.biz @a.root-servers.net +trace` will show you this.
The Microsoft hate here is unfounded and ill informed.
Those of us working defense at large organizations have known for a while that No-IP domains are wretched hives of scum and villainy. Any company with a threat model that includes at least one of a diverse set of characters ranging from malware authors to organized crime to nation state teams should be logging all DNS requests and treating any request to a No-IP domain as an indicator of compromise.
Microsoft has a successful history of disrupting botnet C&C and distribution channels via domain seizures, which is why this request probably sailed through Federal Court. The only difference in this situation is that there are innocent bystanders affected, which generally doesn't happen since the other domains they have seized have been 100% used for fraud.
I feel bad for those folks and the people at No-IP who maybe meant well, but the truth is that the fight to keep normal people safe is bigger than just technological, and needs to include civil legal actions like this.
You seem to miss a key takeaway from this: the analogous comparisons to this in physical services companies is laughable:
If, as a car company, i sell cars with potentially lethal flaws, i am required/told to recall and fix those vehicles. Other companies who sell cars are NOT allowed to have a court order the seizure of my phone numbers and have them direct to competitive business, so they can figure out who is driving safe cars and who isn't.
Secondly, the idea that private companies can be labeled "wretched hives of scum and villainy" by other private employees and have that permissible as anything other than meaningless hearsay is itself, nonsense.
I have read many documents on this today and every HN comment and I have yet to find someone present a case as to why on earth this is a good and sustainable precedent.
How does missing the 'car analogy' help at all? Analogies are only ever useful to explain to those who do not understand the first case - trying to draw parallels otherwise inevitably leads to gross simplifications, and they're incredibly frequently abused to try and make another point.
Analogies are great if John Oliver, or you're at the bar and talking to Erv the local HVAC guy - but this is hacker news, we normally understand this - and trying to port it to a completely different legal framework is probably disingenuous.
I did not miss that, nor did I make any comparisons to car dealers. In fact, I've been to seven ICANN meetings and have participated in the debate on the proper role of law enforcement and civil seizure in policing the namespace.
Microsoft presented evidence to the court that No-IP domains were being used to facilitate real crimes against real people, and the court acted. I think there is an interesting debate to be had on venue and the level of malicious activity that needs to happen before a domain is seized, but instead all I see is standard HN smashing of the keyboard and "Microsoft Bad!"
>No-IP domains are wretched hives of scum and villainy //
Is that rather like saying "Bing domains are full of malware". You appear to be claiming that No-IP are complicit in the actual hosting of content that gets pointed to with No-IP domains. MS facilitates a ton of illegal activity, I could spin up a Windows box and break 5 laws before bedtime. Of course shutting down MS would harm some innocent bystanders but handing their windowsupdate domains over to Google will lead to less malware, less spam, less successful scamming.
Sure, you could do that. Personally, I have always had a reply from their abuse department within the hour (usually it's solved by then, too).
But indeed, if you feel you have sufficient evidence that MSFT is downright neglectful and turning a blind eye to spam accounts, feel free to file a motion and post a $200k+ bond.
Largely because this is a toy-project which has no income behind it.
(It was initially going to be commercialized, but in the end I found people pretended they'd pay, rather than actually wanted to do so for extras like more hostnames, MX records, etc. So in the end I went with a different project https://dns-api.com/)
I could pretend I regard DNS data as public, but sniffing the update token could allow malicious users to change things in surprising fashions so it really does deserve SSL, but I'm not going to pay for it. I would hope that if users cared about security they'd deploy their own instance - and pay for the resulting Amazon traffic.
Interesting that the claim they didn't get any notice, this is what Microsoft has to say in their complaint.
>...United States, including those located in the state of Nevada and the city of Las Vegas. Defendant
has a contractual obligation to take reasonable and prompt steps to investigate and respond to reports
of Internet or computer abuse, and the company has also made representations to the public that it
has an “abuse team” to police and take action against such malicious activity. Yet Defèndant has
failed to take sufficient action to stop, prevent, or effectively control this malicious conduct in
breach of its contractual obligations and best practices of the industry, causing further harm to
Nevada and Las Vegas residents.
We assume that this is on-going (No-IP was the go-to since 2004) and Microsoft has finally decided they'd be able to take it over. Unfortunately they didn't plan enough to anticipate the amount of traffic they'd receive. If I was No-IP, I'd be out for blood.
Someone sends a court order to essentially handicap your business, putting it at risk for the sake of malevolent users. This was a situation where No-IP's "resolution" process should have been reported (ie they cater to criminals for profit), and not man-handled by a separate law and business body.
>Someone sends a court order to essentially handicap your business, putting it at risk for the sake of malevolent users.
"Someone" in this is case is a federal district court which did that because there was no communication from No-IP. MS does not have the power to send court orders. The court ordered No-IP to send a response and looks like there was no response.
> "...which did that because there was no communication from No-IP ... The court ordered No-IP to send a response and looks like there was no response."
That's absolutely false. Microsoft explicitly asked the court to allow them to file the entire case under seal, and to obtain ex parte emergency relief without notifying the defendants.
The TRO states: “...good cause and the interest of justice require that this Order be Granted without prior notice to Defendants, and accordingly, Microsoft is relieved of the duty to provide Defendants with prior notice of Microsoft’s motion.”
The judge signed that. No-IP did not receive any advance warning or service by Microsoft's own admission, and No-IP's blog post confirms they weren't served until today.
Sorry I worded that incorrectly. Someone requests for a court order to essentially handicap your business. It's not that No-IP didn't respond, it's that they don't continuously respond. Arguably No-IP does cater for these types of users who pay using gift cards bought with cash and generally only last a few weeks before signing up under another alias..
