[hlandau]

Author here.

If the sought action of the court case, and the outcome were, "the domain were taken down" that would be one thing. Domains get suspended by court cases all the time, that's not the issue.

What makes the no-ip.org case extraordinary is that Microsoft a) persuaded the court that the domain was being used for malware, and then b) persuaded the court that because of this, rather than doing something normal like compelling its operator to take down the afflicted subdomains, or failing that compelling a third party to suspend the domain, that they should be allowed to take over DNS service for the domain.

Microsoft is not the law and they have no special legal status. If a domain is being used for cybercrime it's one thing, it doesn't mean any random party should get to walk into court, complain about it, and then offer to "solve" the issue by randomly appointing itself DNS provider. Microsoft essentially hijacked and MitM'd the domain via court order, again demonstrating that the registries/registrars will always be a risk here.

The result I might add was a massive outage for a massive number of innocent no-ip.org users.

[huggingmouth]

I think the fundamental issue here is that the court actually granted Microsoft's rediculus request. The only valid ruling here was for the court to order the suspension of the domain.

Seeing that Microsoft are an unrelated third-party, what was the judge's reasoning for granting them specifically ownership of the defendant's property? Wouldn't it have made more sense to assign ownership to a government organization instead?

Did Microsoft reimburse the domain owner the value of the domain or did they just steal it without payment?

[hlandau]

It all got reversed eventually after massive negative press coverage. I don't think Microsoft took "ownership" of the domain, but simply got the court to make them the nameservers, though I may be wrong.

I do feel like the only way this request was granted was due to total ignorance on the part of the court of anything about how the internet works.

[naniwaduni]

> I do feel like the only way this request was granted was due to total ignorance on the part of the court of anything about how the internet works.

It sounds like the court, unlike you, has the power to make the internet work the way it thinks it does, and is thereby right about how it works.

[jdong]

It's not like Microsoft just convinced a single judge about this either.

https://techcrunch.com/2022/04/08/microsoft-seizes-domains-r...

https://arstechnica.com/information-technology/2021/12/micro...

https://securityaffairs.co/wordpress/132002/apt/microsoft-se...

https://virtualizationreview.com/articles/2022/11/22/ms-digi...

https://techcrunch.com/2020/07/07/microsoft-domains-covid-19...

https://www.geekwire.com/2019/microsoft-seized-network-50-do...

https://www.gizmodo.com.au/2018/08/microsoft-seizes-domains-...

https://blogs.microsoft.com/on-the-issues/2018/08/20/we-are-...

Since 2010 Microsoft alone has seized over 16k individual domain names in more than 24 court cases.

Microsoft is not alone in this, https://storage.googleapis.com/gweb-uniblog-publish-prod/doc...

https://about.fb.com/wp-content/uploads/2022/02/2022.02.08-D...

You'd have to be deeply delusional to think that this is not how the internet works, as this very clearly is exactly how the internet works.

[rosnd]

It's a completely reasonable request that has been granted countless of times now.

>I do feel like the only way this request was granted was due to total ignorance on the part of the court of anything about how the internet works.

This is absurd. The court ideologically disagrees with you about how the internet should work, not about how the internet works. This does not suggest that the court is ignorant of anything.

[rosnd]

>What makes the no-ip.org case extraordinary is that Microsoft a) persuaded the court that the domain was being used for malware, and then b) persuaded the court that because of this, rather than doing something normal like compelling its operator to take down the afflicted subdomains, or failing that compelling a third party to suspend the domain, that they should be allowed to take over DNS service for the domain.

This is a completely normal measure, simply taking down a domain is not nearly as effective anti-malware measure than sinkholing it. A sinkhole could in some cases uninstall the malware from affected computers, or at least identify their IP-addresses for notification purposes.

>Microsoft is not the law and they have no special legal status.

Exactly.

>If a domain is being used for cybercrime it's one thing, it doesn't mean any random party should get to walk into court, complain about it, and then offer to "solve" the issue by randomly appointing itself DNS provider

Microsoft is not a random party, it's a party whose business is directly affected by these illegal malware campaigns and has been repeatedly held to have standing in these cases.

>The result I might add was a massive outage for a massive number of innocent no-ip.org users.

Turns out that possibly most no-ip users were malicious https://umbrella.cisco.com/blog/on-the-trail-of-malicious-dy...