Someone (may the fleas of thousand camels nest between his or her legs) at Microsoft must’ve figured out a few months ago that taking down the internet in order to stave the malware epidemic that’s sweeping the world is a good idea, so, yesterday (June 30), they filed a complaint in Federal Court against (among 502 defendants) NoIp.com and, overnight, 4 MILLION computers (among these are web sites and private servers for remote access, video surveillance and other legitimate uses) became unreachable.
NoIp is a company that provides Dynamic DNS service. What this means, is that if you need to be able to reliably access and operate remote computers without going through the hassle of registering your own domain (i.e. myhouse.com) and spending hours getting your own DNS service working, you can open a free or paid account with them, and access your remote computer as mycmptr.no-ip.org (or some unique name right before the “.no-ip.org” part). The same applies if you want to host a web site and not have to go through the extra expense of registration and commercial hosting.
Microsoft’s claim is that many criminals (they allege 18,000 – out of 4 million!) also used noip.com’s service to point to servers operating in furtherance of their criminal activities, however, to sue, and with it to bring down, the service is as asinine as shutting down google because people have managed to infect their computers through web sites listed along with legitimate search results. By the complaint’s very logic, Microsoft’s own cloud service ought to be shut down because it’s also allegedly-infested with malware-hosting sites, and unlike NoIp, Microsoft DOES DO THE ACTUAL HOSTING. Really, it makes as much sense as a man suing the friend who introduced him to the woman he married and later divorced!
I wholeheartedly hope that this lawsuit gets thrown out of court and Microsoft be harshly reprimanded because (1) it just screwed up my workday, (2) my clients will now have to pay for me to work around the issues created, (3) Microsoft’s crappy products, when it comes to security, are far more liable for the proliferation of malware than anything else, and (4) it sets a terrible precedent for other companies in the Dynamic DNS business and their millions of users and clients. (Internet service providers are likely to want this to succeed, as they charge extra for issuing static IP addresses to their clients – the alternative to dynamic DNS, which is a rather abusive practice.)
I hope that Microsoft is hit with a Class Action for their show of complete irresponsibility and disregard for the consequences to millions of legitimate users of the service and the losses they will endure because of this. I certainly will encourage my own clients to join the Class if it comes to this, and so should you.
You can read the actual complaint at http://www.noticeoflawsuit.com
Microsoft’s main counsel on this case seems to be Randal Haimovici – rhaimovici@shb.com
To express support, write to NoIp’s Marketing Manager, Natalie Goguen - press@no-ip.com
The Judge presiding over the case is the Honorable Gloria M. Navarro at the US District Court in the District of Nevada
18,000 : 4,000,000 = a false positive rate of 99.552%
I have no interest in Microsoft “protecting” me from two pieces of botnet malware that can’t infect my Mac/Linux setup by causing widespread, international damage to the very systems that underpin many of the services I use.
By closing down the DDNS server my Minecraft server without recognised legal power to do so here in the UK, they effectively DoS’d me – that’s a violation of the 2006 Police and Justice Act provisions making such actions illegal and punishable by 10 years in prison. It’s a shame that their US-obtained warrant affects me, but my UK-mandated legal protections can’t punish them for it.
Great piece of hacktivism, love it!
let’s hope they get sued and hit hard, very hard ….
i really hope they sue microsoft hard, so they will think twice before doing sutch an action again.
took my minecraft, unreal, halflive and battlefieldserver offline, aswell as the according sites and some more.
allthough i do this for free, to have some fun with my frieds, its still not ok.
if m$ would put the same effort in hardening ALL of their products, this issue never ever would have been an issue at all.
its allways easier to point on others.