A few days ago Microsoft, in what is probably the silliest action they’ve taken in a while now, took down 22 domains belonging to dynamic DNS company noip.com. We know ’cause we use their services at Cosmical. Their move, against a service provider of this sort, is unprecedented and somewhat dangerous from a legal perspective; their argument was that hosts using the dynamic DNS services of noip.com were spreading malware and engaged in illegal activity.
Instead of engaging with noip.com to disable those hosts and block those accounts, they opted to go to (US) Federal Court and get warrant seizing the domains and crippling not just the culprits, but effectively thousands (if not millions) of noip.com customers.
The problem here is that there is no proportion in Microsoft’s response and no concern for the legitimate users of the service, while jeopardising the service provider’s integrity and reputation in the process. It would be akin to disconnecting a nation from the internet, just because there were a few hacking attempts originating in it. By that same logic employed by Microsoft, other service providers, including Microsoft itself, might be in danger of domain seizures, disconnection etc. because a very small percentage of their customers broke the law.
Obviously the responsibility does not only lie with Microsoft here, but also with the Federal Court that allowed and enabled Microsoft to disrupt noip.com’s service. On its part noip.com claimed that Microsoft never contacted them about the problems they experienced and that they would have been able to take targeted measures to stop the abuse from happening without affecting the vast majority of their customers who are now experiencing an outage.
It will be interesting to see how noip.com customers will react; it would be great if a Class Action Lawsuit arose and was filed against Microsoft, which would hopefully lead to other companies choosing more civilized ways of resolving disputes and countering abuse in the future. I guess nothing of the sort is going to happen. Instead of any legal proceedings against Microsoft, noip.com will eventually get hold of its domains back from Microsoft and the service will be restored.
But the very fact that those domains got ‘hijacked’ by Microsoft so easily in the first place and the precedence it sets is frightening and dangerous. That is, the fact that a single corporation, without any due care for the side-effects to lawful customers of a service provider, is able to take the service down, is cause for great concern.