All internet traffic directed to those 23 domain names then began passing through Mircosoft’s internet infrastructure. The traffic was being scanned, classified, and if Microsoft deemed it “malicious”, it was being “disappeared” into what Microsoft termed a “sinkhole”, never to be seen again.
In a blog post, Microsoft justified their actions, claiming that as “malware authors continue to pollute the Internet, domain owners must act responsibly by monitoring for and defending against cybercrime on their infrastructure.”
This action by Microsoft and the US courts is unprecedented. No-ip.com provides a legitimate service to many thousands of people. It is a free service which allows people to convert the IP address supplied to them by their internet service provider into a domain name. Many people use this facility to give themselves access to their home computers from work or elsewhere on the internet, for example. There is no suggestion that no-ip.com has broken the law. Microsoft’s argument is that no-ip.com “weren’t following industry best practices”.
According to no-ip.com, Microsoft “claim that their intent is to only filter out the known bad hostnames in each seized domain, while continuing to allow the good hostnames to resolve. However, this is not happening. Apparently, the Microsoft infrastructure is not able to handle the billions of queries from our customers. Millions of innocent users are experiencing outages to their services because of Microsoft’s attempt to remediate hostnames associated with a few bad actors.”
So all traffic, including perfectly legitimate traffic, was being routed through Microsoft, scanned, logged and either passed along to its final destination, or “disappeared”. The US courts have established Microsoft, a corporation which itself has one of the worst security records of all, as a global internet police service.
It is true that the injunction is a temporary one. However it should also be noted that the court hearing was “ex-parte”. No-ip.com was not present, and had no representation. Microsoft has now given back control of 18 of the 23 domains affected - but they still own control and can retake those domains at any point.
This is yet another dangerous precedent with internet censorship potential.