Krebs reported on a particularly worrying development concerning Microsoft’s recent bid to use the legal system against those who are controlling a large botnet affecting many Windows users, supposedly obtaining an injuction from a Nevada court allowing them to effectively seize domains belonging to no-ip, a dynamic DNS provider. The agreement was that Microsoft would route ‘friendly’ traffic downstream but that is apparently not happening.
This is why we need the judiciary to be well versed in technology before allowing them to adjudicate such matters. The court has effectively given Microsoft permission to MiTM the servers of no-ip for the sake of a few thousand infected machines, and their imperfect implementation has resulted in their services not functioning for legitimate users. Given that no-ip is a business that offers free and paid services it is highly likely they will lose customers over the downtime. With paid services there is often a SLA involved, and this too may result in financial penalties that must be paid to the customer to make good any damage caused by such downtime. Courts meddling with the affairs of the Internet rarely make sensible decisions and it appears that this is yet another case of the law being an ass.
Mike the Crypto Goat 