No-IP far from happy with secret Microsoft domain seizure handling

In response to interrupting the service of much of No-IP's customer base, Microsoft has offered an apology and regretted the inconvenience, but is it enough?

The would-be self-appointed online police force that resides at Redmond has reached a settlement with No-IP regarding a court order that Microsoft gained from a judge to take over 23 of the DNS entries of the dynamic DNS service.

While Microsoft initially said that it had gone to court to obtain an ex parte temporary restraining order to prevent the spreading of two strains of malware it had identified as being based in servers using No-IP, thanks to Redmond's extraordinary manoeuvres in the court and in incorrectly directing DNS traffic, No-IP said that "nearly 5 million hostnames went dark and 1.8 million customer websites and devices became unreachable."

In a blog post providing an overview of the situation of their end, No-IP said that while it was pleased with the terms of the settlement, it was "outraged" with the manner of Microsoft's actions.

"By filing an ex parte temporary restraining order, No-IP was prevented from having any knowledge of the case or offering any support in stopping malicious activity," the company said.

"Had Microsoft submitted evidence of abuse at any time, No-IP would have taken swift action to validate the claims and ban any accounts that were proven to be malicious. Instead, Microsoft wasted many months while malicious activity continued.

"To state this as emphatically as possible - this entire situation could have been avoided if only Microsoft had followed industry standards. A quick email or call to the No-IP abuse team would have removed the abusive hostnames from the No-IP network."

No-IP said that of the 22,000 hostname that Microsoft had claimed were abusive, "only a fraction" where active and the rest had already been banned through existing mechanisms.

After initially foiling its new DNS entries, Microsoft claimed to have restored all service by 6am PST on June 30, the dynamic DNS provider produced a traffic graph to refute that claim.

(Image: No-IP)

By July 3, Microsoft had returned all 23 DNS entries to no-IP, and normal service was resumed after the original DNS entries were re-propagated.

"We hope that Microsoft learned a lesson from this debacle and that in the future they will not seize other companies domains and will use appropriate channels to report abuse," No-IP said.

In its defence, Microsoft said an the joint official statement announcing the settlement: "In the process of redirecting traffic to its servers for malware detection, Microsoft acknowledges that a number of Vitalwerks customers were impacted by service outages as a result of a technical error. Microsoft regrets any inconvenience these customers may have experienced."

To my mind, that the only offering the software giant offers for potentially ruining a No-IP customers service for a period of five or six day period is an apology, is frankly insulting.

While dynamic DNS services can, and are, used for malware propagation, they are used used for many legitimate purposes, often by smaller business or home users that cannot afford to use static IP addresses for their internet connections.

One can only imagine the legal carnage and retribution that Microsoft would demand if a company secretly convinced a court to hand over the DNS entries to SkyDrive and made an equally ham-fisted job of preventing nefarious activities.

While it may have been motivated by noble ambitions, Microsoft's execution has been decidedly poor, and even more disturbing, it has now set a legal precedent that could be used in all sorts of ways that we haven't thought of yet in the future.

Hopefully this will serve as a warning to others, and not be used a blueprint, for how large corporations can use the courts to make a meal of wanting to bust a botnet.

By Chris Duckett

Some would say that it is a long way from software engineering to journalism, others would correctly argue that it is a mere 10 metres according to the floor plan. During his first five years with CBS Interactive, Chris started his journalistic adven...