New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
And where did you get this wisdom from? Or did you just simply make it up? The most reasonable explanation would be malware complaints/reports and not random conspiracy theories.
And this is now based on what? From Microsoft's statements one can take they did contact them. As I said many times, its a classic word against word case.
Ohh please! Any more unfounded trollish bashing attempts? Such statements definitely do not strengthen your arguments.
Making assumptions are we? And you complain about me making it up. I'm sure that if the complaints to Microsoft were sent to No-IP, they would have done something about it. It's not Microsoft's job to handle No-IP's domains. You expect No-IP to be able to trace every bit of abuse on their network, it's like expecting a shared webhosting company to know that their services are being used to host copyrighted content. You'd be surprised at what a difference contacting the host can make.
You're making political statements, which is at odds with business, especially software development.
No software is hack/crack/malware proof. None. If there's a way into anything, there's a way out. All anyone can do is patch and be pro-active to take out what can destroy the product.
In this instance MS did the right thing, it had to protect it's product/business from potential malware infections. If it wasn't nameservers, it'll be something else.
If they didn't, I'm sure you'd complain about "the man" screwing people over, then, too. -_-
@SandyK
1) I would not have complained about "the man" screwing people over. That's from your hippie generation, not mine.
2) If Microsoft really did contact No-IP about the malicious domains (though No-IP has openly accused Microsoft of moving behind their backs) they would have posted logs of letters and emails as evidence for it. Cisco went and wrote an article a while back about the domains and No-IP sent them a response, as well as made efforts to help clean it up. My main concern isn't the malware-related domains, it's the method Microsoft used to stopping them.
I have no problems with Microsoft taking over No-IP's domains to help control malware as long as they do it in a fair method. Going behind No-IP's back and obtaining a court order to hijack their domains is not correct at all.
How would you know? None of us knows what No-IP or MS were doing, nor can we prove otherwise, we weren't privy to their conversations.
All we can do is either accept or deny their accounts as rubberneckers.
We do know MS has to protect it's product (any developer for that matter), though. That's a given. It depends on how urgent the need was, a preemptive strike or after the effect deal.
@Pwner
There are dozens of documents filed with the claim that show the contact and attempted contact with the company VitalWerks. The info is linked earlier in this thread and you choosing not to read it but to make your own inferences and choose to accept one parties statements over the documents filed in court is your choice.
Why it is seize by Microsoft not FBI?
I see dozens of documents filed with the claim. None of them I looked over "show contact and attempted contact with the company" Vitalwerks LLC. Can you post the ones that show Microsoft contacting them?
Edit: hell, Microsoft didn't even warn Vitalwerks that it was going to seize the domains, and you're still trying to defend them?
This. I think because microsoft claimed they will clean them up and the innocent will not suffer. However, since that is not the case, it looks now like microsoft only took them as loot from the legal battle they won because the company owning the domains is too poor to defend themselves against their billions.
Justice the american way.
This isn't justice the American way at all, this is "justice" the Corporate way. I'm an American and I am disgusted by all this. Microsoft should have never been given permission to obtain control of these domains. It's not their job, it's the government's.
Actually, it is the american way. Your justice system is based on payment. As such, only the rich can get justice, it has been proven time an again in all cases of people condemned to death and later proven as being wrongfully so that I heard about, it all happened because the defendant couldnt afford a real defense.
Mao, this is indeed the american way, but we, also, in Europe, are not having a... flawless justice system... I definitely don't know about Romania, but, if I use examples of justice in Greece or in some other EU countries (mostly PIIGS) the justice system is not good: only if you have money and know key-people (politicians etc.) you can have a proper handling... Here, too, corporates are almost always winning (at least, at the higher level courts, lower level courts are still better, you can find there humans)
That is true all over, however, in EU you have ways to appeal up to the european court of human rights or whatever it is called (CEDO in Romanian). There are some checks and balances, you will never see US politicians and agencies facing trials for the crimes in various countries, not even for breaking the constitution at home, while in EU and even the US lapdog UK this does happen.
I am pretty sure No-IP wasn't interested in helping Microsoft due to lack of manpower and (financial) gain in doing so. (It's after all microsoft's product. This could happen to any free dns service but no-ip happens to be popular with the amateur hackers and I doubt the people from No-IP intended that)
Then again, copyright holders may have been evolved behind the scenes considering many (amateur) private servers for all kinds of games use No-IP.
This can't be just about malware, the only malware relying on No-IP is those produced by script kiddies using hackforums tutorials and generators.
To sum up:
All in all, good job for the judge, another malware company bites the dust, it was a big victory for the little guy, the taxpayer that funds all this. Our kids are safer now.
Don't forget that in many cases, there are underground agreements or relationships between companies. For example, I would not be surprised if in this case are involved no-ip competitors: don't forget that this provider is one of the very few that still give dynamic dns and some other staff for free, the same time that a lot of isp's official routers are not support no-ip but has integration only for dyndns and some other paid providers. At least, in Greece (that I live) and in UK (as a friend of mine informed me) a lot of the provider's firms and models of the cheap routers they use, do not support no-ip for auto update.
Finally they're returning the domain names.
Any articles posted about it? I haven't been looking around.
Edit
Running a WHOIS lookup resolves that No-IP has regained control of their IPs. Glad to see Microsoft gave back the domains, hopefully they even cleared out the malware-related domains that were abusing the free service.
http://who.is/whois/no-ip.com
http://who.is/whois/no-ip.org
read it here -- http://arstechnica.com/security/2014/07/order-restored-to-universe-as-microsoft-surrenders-confiscated-no-ip-domains/
noip should ask for compensations if it is indeed proven ms did not ask them to remove said domains first.
Rattle on, my friend!
You're confusing justice with retribution. American law seems to be all about revenge, and hurting someone if they've wronged you.
However, I wish Canadian law was more like American law; People often go to mental rehabilitation facilities after committing violent crimes instead of going to jail. Those who commit white-collar crimes have too much pride to abuse the system, and end up in prison. Our prisons, at least locally on a provincial level, are over capacity by ~50% right now.
Microsoft has absolutely no business being involved in this. They should not be a force to dictate the internet, simple as that. It's creating an extremely unfair advantage to them and could send a bad message to others involved in CST, particularly software developers. They're playing extremely dirty.
Although moving away from Windows has no impact to Microsoft and its' many assets, people are eventually going to have to in order to prevent them from creating a monopoly in the desktop computing market. The close relationship between M$ and Intel only furthers this effect.
I cannot stress enough how horrible it would be to allow Microsoft to apply their ignorant, broken design/usability standards to any part of the internet.
I may be in the minority, but I have admired Microsoft for taking the initiative and investing time and effort to take down malicious botnets, which has achieved a major benefit to most everyone on the Internet. It is painstaking work with a high degree of risk. Microsoft has to be absolutely sure that they are taking down all of the right nodes simultaneously. It must be done in a way that minimizes the opportunity for botnet herders to quickly reconstitute their command-and-control infrastructures. At the same time they must avoid inflicting collateral damage to legitimate Internet users. That is really really hard to do.
Edit: ... and they must do it all without any advance warning to the bad guys, who have escape tactics already prepared and waiting.
Perhaps their previous successes made them overconfident when they tried to take down botnet servers running under the NO-IP domains. Obviously they messed up, and they know it. There was significant collateral damage. I wish that Microsoft had done a better job of apologizing to affected users.
There must be a lot of angst within Microsoft over this fiasco. The result of this mistake will have serious internal repercussions. They will be more cautious and careful in the future, but I hope that it does not paralyze them into inactivity. Their actions against botnets over the last couple years have had an effect. Despite their courageous effort, Microsoft cannot fight this fight alone - they need allies. Unfortunately, the people best equipped to help (last mile ISPs) see no appreciable ROI if they join the fight. They don't care about the horrendous impact to their customers that comes from their failure to implement the most basic security features, because it does not directly affect their bottom line.
Am I the only person who noticed a huge decrease in spam since the Microsoft takeover of the NO-IP domains (independent of your other feelings about the takeover)?
It depends what lists are you using and what are you blocking. If you block residential IPs it will not matter much even if there was a lot of spam coming from there, if you do not, well, I wonder what would be the justification for not doing so.
I am referring to my own email addresses. Some of them are quite old, and have been leaked to spammers. Since the Microsoft takedown of NO-IP, the amount of spam coming into my inboxes has decreased to 1/10 of what it was before. No kidding. The decrease is striking. So far today (6 PM), I have received one spam message. The normal amount would be 20-30 spam messages. The change is obvious.
@emg, once the Hotmail.com and Outlook.com domains are taken down by someone in a similar fashion, THAT is when we ALL see a marked decrease in SPAM.
Those two domains and gmail.com are likely to be used the most often for spam activities (including Forum SPAM).
Reference: StopForumSpam
I do not understand. If you host your own server, you can block only what you wish, for example dynamic residential ranges.
If you have service from gmail, yahoo, whatever, then they must filter spam, if you get a lot of spam, then they are not doing a good job, let me guess, it is microsoft your provider?
If you have service from gmail, yahoo, whatever, then they must filter spam, if you get a lot of spam, then they are not doing a good job, let me guess, it is microsoft your provider?
I receive email at addresses provided by two home ISPs plus my own domains. In case it matters, my ISPs are AT&T DSL (Yahoo administers their email, albeit very poorly) and Time Warner cable. My "production" domains are hosted by a shared hosting provider - I have not yet moved any of them to a VPS yet, and won't until I have sufficient confidence that I can send and receive email with a very high level of reliability. My work depends on it.
I have never had any Microsoft email accounts, nor a Gmail account. My ISP accounts are used primarily as points-of-contact for domain registrations, hosting services, VPS registrations, etc. just in case something goes wrong with one of them - I still have a way to communicate with the service providers even if my own domain hosting or registrar-provided DNS goes down. The bulk of my email is accounts or aliases/forwarders in my own domains.
Spam filtering at the ISPs and hosting service is disabled. I retrieve all email without filtering (spam included) to my home computer, then delete the email from the servers immediately after retrieving it. (I manage my own local and offsite backups, which includes the locally stored email.) Thus, all spam comes to my home computer.
The home computer email client filters spam into a junk email folder using a set of my own filters plus its own algorithms. About once a day, I check the junk mail box before deleting the messages, to make sure that I have not overlooked any false positives, which are rare, but happen.
Thus, I know how many spam messages are sent to me each day. I don't keep statistics, but I can easily sense a significant drop such as the one we just experienced from Microsoft's NO-IP takeover. To my stunned amazement, I received only one spam email all day yesterday, which is a record low.
Microsoft messed up badly when they took over NO-IP, because they seriously harmed innocent bystanders. However, their actions resulted in a huge decrease in the amount of spam being sent to my email accounts. There is no question of it.
(OFF TOPIC)
For the record, Yahoo is the worst email provider I have ever dealt with. It is hard to believe how large and successful they are, despite such a high degree of incompetence. I do not understand why ISPs such as AT&T pay them vast sums of money to ruin their reputations through poor email services. Despite all of their press releases about improving security between clients and mail servers, and between their mail servers and other companies' mail servers, Yahoo continues to reimage old mail servers with expired or invalid certificates, which then fail to establish authenticated SSL connections from my email client. It was epidemic a few months ago, when approximately one-third of my attempted connections to their mail servers failed SSL/TLS authentication. They don't care. And don't get me started about how they deal with hacked email accounts spewing out spam, while at the same time, they block huge quantities of legitimate email from small services without recourse or appeal. (/OFF TOPIC)
I feel your pain. I was in charge of a small mail server (a few hundred users) and was hard to filter spam since the domain was in use since before 1997 and people were not very smart, sending to each other info about the latest virus or kids with rare group AB+ which badly needed blood or even sending birthday cards and seasonal greetings from third party sites compromising both accounts. It was so bad at times that it managed to choke 100 mbps link or slow the server to a crawl with so much incoming and sorting. After blocking residential addresses (those that use no-ip and similar providers) by ip ranges, it meant botnets were more or less out of the loop and spam dropped some 90%. Spamhaus maintains a list of those, you should be able to use it when you will host your own mail server. At least block no-PTR mail, no serious provider will send without.
An update on the issue, all seized noip domains are restored.