Guan

home

Microsoft steals No-IP domain names with help from Nevada court

30 Jun 2014

Microsoft obtained an ex parte temporary restraining order on June 26 from the U.S. District Court in Nevada giving them control over 22 domain names used by No-IP, a dynamic domain name service that I use. Ars Technica has a piece on it.

You can also read Microsoft’s statement and No-IP’s statement. According to No-IP, Microsoft cannot handle all the presumably legitimate traffic they have taken on, causing problems for all No-IP users.

From the latter statement and the court records, it’s clear that Microsoft did not contact No-IP about the alleged malware connection that motivated the theft and did not have an opportunity to defend themselves in court (that’s what the “ex parte” part means). Most of the docket is still sealed, so we can’t see exactly what arguments Microsoft made to the court to pull off the theft, but the earliest that No-IP can get their domain names back is July 10, which is Microsoft’s deadline for replying to No-IP’s response.

If they can do this to No-IP, they can do this to anyone. Even if you can afford to defend yourself against Microsoft’s lawyers, you won’t get an opportunity to do so before the theft is effected!

This incident is a very good argument for having at least one domain name with a TLD, registry and registrar that is outside the control of U.S. courts. Note that some country code TLD registries are operated by U.S. companies.

Update: If Microsoft claims that legitimate No-IP users are not affected, they’re lying. In addition to the reported downtime incidents, none of the No-IP addresses I am responsible for are resolving right now. I am getting empty responses from both ns7.microsoftinternetsafety.net and ns8.microsoftinternetsafety.net (returning only the .org TLD NS records).