Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

It's Official: Registrars Cannot Hold Domains Hostage Without a Court Order

Soulskill posted about 8 months ago | from the dns-hostage-negotiators-suddenly-unemployed dept.

Networking 112

Stunt Pope writes "Back when the City of London Police issued those 'takedown requests' to domain registrars, most complied. However, as previously reported here, easyDNS didn't. A bunch of the taken-down domains wanted to move to easyDNS. One problem: their registrar wouldn't let them. It took awhile, but easyDNS fought it. They've finally gotten a ruling (PDF) under the ICANN policy that ordered the hostage domains transferred."

cancel ×

112 comments

Sorry! There are no comments related to the filter you selected.

hmm.... (4, Interesting)

Anonymous Coward | about 8 months ago | (#45919355)

how about like when whole domains are being used for malware, phishing, or fraud?

do we have to go thru a court to get a registrar to do something? that isn't reallllly that good of news.

namesearchhere.com is being used for botnet clickfraud. along with probably hundreds of others... now the registrar can just sit on their hands and say... welp. nothing i can do but charge fees. my hands are tied!

registrars are making money of DGA, clickfraud, and all manner of shitty activities. now they can really drag their feet.

Re:hmm.... (1)

TWiTfan (2887093) | about 8 months ago | (#45919483)

how about like when whole domains are being used for malware, phishing, or fraud?

Couldn't the browsers handle that?

Re:hmm.... (0)

Anonymous Coward | about 8 months ago | (#45919551)

except that trojans distributed by bots don't use your browser settings.

some domains out there really are JUST for botnets. kar-gen-pl1.net comes to mind.

Re:hmm.... (0, Flamebait)

Anonymous Coward | about 8 months ago | (#45919877)

It's up to you to take steps to protect yourself. If your going to use Microsoft Windows it's your own damn fault if you get infected. I should have a right to a domain even if its involved in criminal activity. The internet is not a single country and there are no laws which apply globally. Anything short of this is just stupid.

Re: hmm.... (0)

Anonymous Coward | about 8 months ago | (#45921685)

No, you should not. Once a domain name is involved in actual criminal activity you should lose all rights to it. Same as physical property is seized when its used for physical criminal activities.

If you break the law then, to quote you, it's your own damn fault.

Re: hmm.... (2, Informative)

Anonymous Coward | about 8 months ago | (#45922915)

That is done with court orders and warants dipshit.

Re: hmm.... (3, Insightful)

Dan541 (1032000) | about 8 months ago | (#45923495)

If you break the law then, to quote you, it's your own damn fault.

How can you tell if a website is breaking the law? An illegal activity in the United States may be legal in the country that the website is located in. Thus making it a legal website.

Did you think this through? (2)

xiando (770382) | about 8 months ago | (#45924231)

We have a bunch of free blog services. You can sign up and get a free blog and use it for the criminal activity until we notice or someone points it out to us. Do you really think it is fair take a domain with thousands of subdomains under it because it was " involved in actual criminal activity" at some point? You must really love fascism and the current governments in the "free world".

Re: hmm.... (1)

maxwell demon (590494) | about 8 months ago | (#45925209)

No, you should not. Once a domain name is involved in actual criminal activity you should lose all rights to it. Same as physical property is seized when its used for physical criminal activities.

So you think it should be allowed to seize your stuff without a court order? As in, the police claims you did something illegal, and then can legally take your possessions away?

I certainly don't want to live in such a country. There always has to be a judge in the loop if your fundamental rights are concerned.

Re:hmm.... (1)

Dan541 (1032000) | about 8 months ago | (#45923469)

The internet is not a single country and there are no laws which apply globally.

You're trying to explain that on a website full of americans. Good Luck.

Re:hmm.... (2)

gandhi_2 (1108023) | about 8 months ago | (#45919617)

Ahh. So with Google safe-browsing in Firefox and Chrome, and MS whateverthefuck filter, clearly there are no successful phishing attacks involving websites.

No, I've reported phishing domains that stayed up for over 48 hours. Google (stopbadware, opendns anti-phishing) and Netcraft respond pretty quickly to phishing reports but people still end up at the sites trying their damnest to log in.

Maybe hosting providers should be the same way when you report one of their servers as hacked and being used for a botnet check-in or malware hoster. Do nothing until a court order. That should work well!

Re:hmm.... (5, Insightful)

Anonymous Coward | about 8 months ago | (#45920057)

Maybe hosting providers should be the same way when you report one of their servers as hacked and being used for a botnet check-in or malware hoster. Do nothing until a court order. That should work well!

Better 100 idiots without a scanner installed get infected than one innocent site get shut down by an asshole with an agenda.

Re:hmm.... (1)

Anonymous Coward | about 8 months ago | (#45921509)

Better 100 idiots without a scanner installed get infected than one innocent site get shut down by an asshole with an agenda.

Is it? What metric are you using? Economic cost? Human suffering? I'm sure you have a sophisticated analysis and aren't just pulling a pithy expression out your ass.

Re:hmm.... (5, Funny)

Anonymous Coward | about 8 months ago | (#45922495)

Better one pithy expression pulled out of his ass than 100 sophisticated economic analyses.

Re:hmm.... (0)

Anonymous Coward | about 8 months ago | (#45923001)

Touché!

Re:hmm.... (1)

Anonymous Coward | about 8 months ago | (#45923467)

It's a specific case of Blackstone's Formulation, which you're highly advised to go away and study at length. It's a really good principle.

Re:hmm.... (0)

Anonymous Coward | about 8 months ago | (#45923881)

lik da man sed, dis america, wedon't use no metric system.

Re:hmm.... (2)

LordLimecat (1103839) | about 8 months ago | (#45920161)

No, Ive got it, they should take the domains down immediately with no verification and no court order whenever someone presses the "report domain" button!

Seriously, what are you proposing?

Re:hmm.... (1)

gandhi_2 (1108023) | about 8 months ago | (#45920417)

hand over all your evidence of malicious activity to the registrar, they can decide if the domain should be deleted or not.

but they shouldn't get an easy "my hands are tied" excuse to do nothing.

Re:hmm.... (1)

LordLimecat (1103839) | about 8 months ago | (#45921927)

Im sure the registrar totally has the workload bandwidth to deal with the number of bogus domains that pop up every day.

but they shouldn't get an easy "my hands are tied" excuse to do nothing.

Yes they should, i dont want my registrar deciding whether he likes the content Im hosting on my domain. If theres an issue with the content, talk to the host, the ISP, or a judge.

Re:hmm.... (1)

Dan541 (1032000) | about 8 months ago | (#45923559)

Evidence, aka your word. Why should a provider simply take the word/evidence of someone who isn't even prepared to back their allegations in court.

Re:hmm.... (1)

Anonymous Psychopath (18031) | about 8 months ago | (#45921251)

Ahh. So with Google safe-browsing in Firefox and Chrome, and MS whateverthefuck filter, clearly there are no successful phishing attacks involving websites.

No, I've reported phishing domains that stayed up for over 48 hours. Google (stopbadware, opendns anti-phishing) and Netcraft respond pretty quickly to phishing reports but people still end up at the sites trying their damnest to log in.

Maybe hosting providers should be the same way when you report one of their servers as hacked and being used for a botnet check-in or malware hoster. Do nothing until a court order. That should work well!

Assuming they acted immediately, the root DNS servers would still retain their cache for a long time. Perhaps as much as 24 hours.

Re: hmm.... (0)

Anonymous Coward | about 8 months ago | (#45921719)

Root DNS is not involved here at all unless its a TLD.

Re: hmm.... (1)

Anonymous Psychopath (18031) | about 8 months ago | (#45922061)

Root DNS is not involved here at all unless its a TLD.

The roots don't cache? I always assumed they did. Learn something new every day.

Re: hmm.... (1)

petermgreen (876956) | about 8 months ago | (#45925061)

Authoratative namesevers (including the root nameservers) just serve up the information they are authoratative form.

The process of collecting the data needed to resolve a name from multiple disparate nameservers and then caching those results is the job of a "recursive resolver". Generally your ISP provides a recursive resolver for your use.

Re:hmm.... (1)

WoodstockJeff (568111) | about 8 months ago | (#45921493)

... but people still end up at the sites trying their damnest to log in

You mean there are people out there that don't take advantage of those sites to poison their data, by submitting hundreds of bogus "logins" via a script?!?

Re:hmm.... (1)

Dan541 (1032000) | about 8 months ago | (#45923539)

Very few abuse reports are genuine. A common complaint I get is from people who are offended and simply want the site gagged. Whant to shut down someones site get a court order.

Re:hmm.... (5, Insightful)

Anonymous Coward | about 8 months ago | (#45919655)

how about like when whole domains are being used for malware, phishing, or fraud?

do we have to go thru a court ....

How about when Anonymous Cowards like you are murdering babies? Do I have to go through the whole judicial thing to stop it? Shouldn't my word just be enough to come over and judicially execute you and have all your property transferred into my name as compensation for my time? I think all this "judicial stuff" is just getting in the way of my killing off idiots^W^W^W protecting the family.

Re:hmm.... (3, Insightful)

ancientt (569920) | about 8 months ago | (#45920285)

Mod parent up.

Not saying I haven't wanted to bypass the legal system myself from time to time, but given the choice, don't you want to live in a world with laws?

Sure, I'd like to live in a world that doesn't need laws, but since ours does need them, then having people forced to follow them is the best we can hope for.

Re:hmm.... (1)

HiThere (15173) | about 8 months ago | (#45921163)

If the laws are reasonably fair, then yes. There are plenty of examples, however, of cases where this doesn't happen. Still, the downside cost of living without laws is pretty high, so it needs to be egregious before that seems like a good idea.

Re:hmm.... (1)

Zedrick (764028) | about 8 months ago | (#45919767)

They are either real domains pointing to somebody's hacked old joomla/oscommerce/cms made simple-site, in which case the problem is with the website. Or if it's a real phishing/malware-domain, it's with 100% certainty ordered with fake user information and a stolen CC, so the registrar/host can simply delete domain (at least that's what we do).

Re:hmm.... (5, Insightful)

fred911 (83970) | about 8 months ago | (#45919895)

Why should he registrar be responsible for content? Is the phone company responsable for publishing phone numbers of unscrupulous businesses? The responsibility for mal-content is that of the host, not the directory.

Re:hmm.... (2)

Obfuscant (592200) | about 8 months ago | (#45920283)

Why should he registrar be responsible for content?

Because they have made themselves responsible through their Acceptable Use Policy agreement. For example, EasyDNS [easydns.com] includes these conditions upon the registree:

  • The Applicant warrants to easyDNS that the details submitted by the Applicant to easyDNS are true and correct, and that future modifications or additions to those details will be true and correct.
  • The Applicant agrees not to use the services provided by easyDNS to conduct any business or activity or solicit the performance of any activity that is prohibited by law.
  • easyDNS reserves the right to revoke any or all services associated with a domain or user account, for policy abuses. What constitutes a policy abuse is at the sole discretion of easyDNS and includes (but is not limited to) the following:
    • transmitting Unsolicited Commercial Email (UCE)
    • transmitting bulk email
    • posting bulk Usenet articles
    • Denial of Service attacks of any kind
    • copyright infringement
    • unlawful or illegal activities of any kind (this includes Ponzi schemes and HYIPs)
    • promotes net abuse in any manner (providing software, tools or information which enables net abuse)
    • causing lossage or creating service degradation for other easyDNS users whether intentional or inadvertent.
    • Is listed in the DNS Providers' Blacklist or in any other blacklist / RBL which easyDNS may reference.

Emphasis mine. And even more interesting:

  • No Protection for Abusers: Domains and user accounts determined by easyDNS to be in violation of our Terms of Service are not entitled to privacy protection....

The City of London was well within reason to ask them to look at whether one of their users was violating their terms, and all they had to do was say "no".

Re: hmm.... (1)

OECD (639690) | about 8 months ago | (#45920445)

The City of London was well within reason to ask them to look at whether one of their users was violating their terms, and all they had to do was say "no". RTFS

Re: hmm.... (3, Informative)

Obfuscant (592200) | about 8 months ago | (#45920745)

I've read the summary. I've read the ruling. Have you? The summary and ruling aren't directed at the City of London and say nothing about whether the City of London was incorrect in asking easyDNS (or any other registrar) to review their terms for a possible breach. The summary and ruling deal with domain registrars who made the decision that the customer WAS in violation of their terms and thus shut them off, who then refused to release the domain name.

This should be clear from the very beginning of the ruling:

easyDNS Technologies Inc. v. PDR Ltd. d/b/a PublicDomainRegistry.com

It's easyDNS vs. another registrar, not easyDNS vs. City of London.

I've also read the "takedown order", which is quoted in part in the ruling itself. Maybe you should read it. It is rather clear in asking the registrar to review the conduct of the customer to see if it violates the registrar's acceptable use policy, and for the registrar to make a decision what action is appropriate.

The City of London did NOTHING that you or I could not do, and I have done many times in the past when trying to get spammers and such shut down. I've even been more forceful by saying that the registrar SHOULD shut them off, not just that they ought to review the policy to see if they think the customer is breaching it.

Yeah, the CoL went further by asking the registrar, once they had made a decision to shut the domain off, to take certain steps that would help the CoL maintain evidence of the activity for later legal action. That's not out of line, either, and it still is based on the registrar making a decision, not a demand from the CoL.

Re: hmm.... (-1)

Anonymous Coward | about 8 months ago | (#45923589)

The City of London did NOTHING that you or I could not do, and I have done many times in the past when trying to get spammers and such shut down. I've even been more forceful by saying that the registrar SHOULD shut them off, not just that they ought to review the policy to see if they think the customer is breaching it.

You need to get laid buddy.

Re:hmm.... (1)

parodyca (890419) | about 8 months ago | (#45920481)

Right, so now they deny you service if you are breaking the law, but the arbiters of whether you are breaking the law or not is the court. Not themselves and not any other body.

Re:hmm.... (2)

Obfuscant (592200) | about 8 months ago | (#45920805)

Right, so now they deny you service if you are breaking the law, but the arbiters of whether you are breaking the law or not is the court. Not themselves and not any other body.

Quoting the easyDNS terms of service:

Such determination on what constitutes a violation of the above or whether a domain has or is "likely" to violate the above is solely at the discretion of easyDNS.

"The above" includes "unlawful or illegal activities of any kind (this includes ponzi schemes and HYIPs)". I don't know where you get the idea that "now" it has to be a court. That wasn't what the ICANN ruling dealt with. The ICANN ruling dealt with transfer of domains being held hostage by other registrars, not whether the City of London needs a court order to ask a registrar to review a customer's activities for a potential violation of the registrar's terms. They don't, and neither do I. Or you.

Re:hmm.... (1)

HiThere (15173) | about 8 months ago | (#45921263)

The point is that that's a quite dangerous way to set things up, not that it wasn't legal, or that it didn't match the terms of service. I agree, it's a quite dangerous way to set things up. And the danger is born by then end users (both the web site builder and the user of said site.)
I'm quite dubious about letting a web site host have the ability to hold my data. In my case this is academic, as I don't have a web site, but were I to do so I'd be reluctant to trust it to a host that could ...I can't think of a better word than steal it. They would be depriving me of the use of it and allowing themselves the use of it, so it's not just copying.

Re:hmm.... (1)

SteveTheNewbie (1171139) | about 8 months ago | (#45922035)

While they can refuse to supply service at their discretion, where does it say they have the right to refuse to honor a request for a domain transfer? Are you even following the chain of events here or are you just making things up as you go?

Re:hmm.... (1)

Obfuscant (592200) | about 8 months ago | (#45922753)

While they can refuse to supply service at their discretion, where does it say they have the right to refuse to honor a request for a domain transfer?

It doesn't, and I didn't claim it did. I was answering the question "Why should the registrar be responsible for content?" Then someone made the claim that "the arbiters of whether you are breaking the law or not is the court", which is contradicted by the same terms.

You might also note that I am quoting the easyDNS terms. I would never expect anyone to read a quote from easyDNS terms and think it was a justification for PDR holding on to domains, so I am at a loss why you are trying to read such a justification into anything I've written.

Are you even following the chain of events here...

Yes, and you could see that by clicking on "parent" if the material I quote is not sufficient to give you the context. I'm certainly following them more than the people who are trying to make this a victory over the City of London.

or are you just making things up as you go?

I'm quoting from the actual ruling pdf and the easyDNS terms of service.

Re:hmm.... (1)

russotto (537200) | about 8 months ago | (#45923445)

Because they have made themselves responsible through their Acceptable Use Policy agreement. For example, EasyDNS includes these conditions upon the registree

That's not how an acceptable use policy works. Having an Acceptable Use Policy does not make EasyDNS responsible to third parties to enforce that Acceptable Use Policy.

Re:hmm.... (0)

Anonymous Coward | about 8 months ago | (#45922167)

Yes, the phone company is responsible in the same way as the registrar when it comes to fraud. If a domain is bought for the express purpose of hosting a phishing site, then it is the registrar's responsibility to suspend the domain. If the domain is hijacked, then it is wrong for the registrar to suspend. In that case, its the responsibility of the hosting company and the ISP that provides connectivity to the IP address involved.
 
You mention the phone company. If someone buys a phone number and uses it as a vishing number (sets up a voicemail that sounds like a bank's fraud prevention dept or something like that), then the phone company is responsible for suspending the service to that number. This holds true everywhere that I have ever dealt with, and I have worked for years in the phishing and malware response industry on the phones calling registrars and hosts etc. I have even called hosts and registrars in Iran that respond to complaints just like GoDaddy or China Telecom: they work slow but they eventually suspend the service/domain/account/whatever.

Re:hmm.... (4, Insightful)

LordLimecat (1103839) | about 8 months ago | (#45920151)

Protecting the good guys from abuse often protects the bad guys to some degree.

Its all about what kind of internet you want to deal with: One where someone can trivially take your content down, or one where you know that theres bad stuff out there.

Re:hmm.... (1)

maugle (1369813) | about 8 months ago | (#45922869)

We can look at a microcosm of the Internet - YouTube and its ContentID system - to see what happens when people can trivially take down other peoples' content via bogus claims (or, worse, take control of the content and all its profit). In summary: it's not a fun place to be, unless you're a big company or someone who lives off misappropriated ad income.

Re:hmm.... (0)

Anonymous Coward | about 8 months ago | (#45924063)

I gather you aren't a youtube producer. In the past year or two they have really shifted gears on how copyright is enforced. Users with good standing (determined by how many confirmed claims you have agaisnt you) can dispute claims against them. Theres the trick, if you come out of the gate putting up other peoples music and videos you get screwed and rightly so, I spend at least 4 hours a week sifting through new uploads and flagging people who have re-uploaded my own content. If you only upload original content that you created then you will have the ability to contest a false flag. It doesn't matter if the song was on the radio or TV in the back ground, you don't have the right to re-distribute it on YouTube or anywhere else that allows you to profit from it.
 
YouTube assumes you are guity because most users are (according to the TOS and comunity rules they agreed to), you have to prove you are going to follow the rules before you can contest them. If you want to put up other people's content you can do it on break, liveleak or one of the other shifty sites.

Re:hmm.... (5, Insightful)

Stunt Pope (3287) | about 8 months ago | (#45920227)

Registrars can takedown domains for net abuse, the main thing is their terms of service are between them and their registrants, they enforce their policies.

The easyDNS Plain English terms of service state domains will be taken down for net abuse, but if you want to compel a takedown from the outside because *you* say it's illegal, you need a court order.

Re:hmm.... (1)

Obfuscant (592200) | about 8 months ago | (#45920361)

but if you want to compel a takedown from the outside because *you* say it's illegal, you need a court order.

And if you want to ask a registrar to review the activities of one of their registrees to see if they're violating the AUP, you don't. I've done it before, I'm not going to start getting a court order to report abusers and spammers and bears, oh my!

Re:hmm.... (3, Insightful)

ancientt (569920) | about 8 months ago | (#45920231)

do we have to go thru a court to get a registrar to do something? that isn't reallllly that good of news.

Registrars can voluntarily do something when asked, so no, you don't have to get a court order to get a registrar to do something. They are absolutely supposed to let people move their domains when people want to also, but some of them weren't following the rules. Having them follow the rules is a good thing.

If, however, you want to force a registrar to do something which isn't part of the rules, then yes, you should have to get a court order.

Did you like the scenario where companies don't have to follow the rules you both agreed to? Most of us don't.

Re:hmm.... (2)

Lazere (2809091) | about 8 months ago | (#45920429)

Since this is /. I'm assuming you didn't even read TFS in order to get first post. If you had, you'd have noticed that this has nothing to do with domain takedowns and everything to do with domain transfers. Basically, the legitimate people who had been taken down in this bit of BS tried to move their domain to easyDNS, but the registrars they were currently on wouldn't let them. All this decision says is the registrars have to let people move their domains unless there is a court order saying otherwise.

Re:hmm.... (0)

Anonymous Coward | about 8 months ago | (#45920839)

do we have to go thru a court to get a registrar to do something?

I'm not sure that this question is at all covered by these new legal findings, nor should it be:
From the decision:
"FINDINGS No court order has been issued which would prohibit the transfer of the domain
names at issue from the Registrar of Record to the Gaining Registrar. Therefore,
there is nothing in the Transfer Policy which authorizes the Registrar of Record to
refuse to transfer the domain names."

This only says that domain names cannot be held hostage without a specific court order requesting that they be locked. This doesn't address whether/how a domain can be taken down or blocked, only that if the domain name owner chooses to switch registrars that the current registar has no legal right to hold the name hostage.

Everyone will have their opinions as to whether any authority should pursue further legal action in order to stop supposed nefarious activity, but we already have legal recourse for any/all of these actions (read: get a court order!)

Re:hmm.... (0)

Anonymous Coward | about 8 months ago | (#45921049)

Life is not perfect. I would rather deal with those issues, than have a corporation or individual with his own agenda from having the ability to hold it hostage.

Re:hmm.... (0)

Anonymous Coward | about 8 months ago | (#45921375)

Bypassing courts is stupid.

Re:hmm.... (0)

Anonymous Coward | about 8 months ago | (#45922499)

how about like when whole domains are being used for malware, phishing, or fraud?

do we have to go thru a court to get a registrar to do something?

And why shouldn't you have to go through a count to get a registrar to do something. It is a mere accusation before going through a court. At least going through a court you will have to submit evidence such that your accusation becomes fact, not accusuation.
 

Re:hmm.... (0)

Anonymous Coward | about 8 months ago | (#45922765)

do we have to go thru a court to get a registrar to do something? that isn't reallllly that good of news.

I disagree. I find the government sticking to due process to be wonderful news.

Re:hmm.... (1)

Dan541 (1032000) | about 8 months ago | (#45923447)

do we have to go thru a court to get a registrar to do something? that isn't reallllly that good of news.

It's called due process. I'm guessing you're the type of person who would also complain if they were locked up without a trial.

Godaddy (5, Informative)

neoform (551705) | about 8 months ago | (#45919369)

As someone who had godaddy hold my domain hostage, this is great news.

GoDaddy had received a single complaint from an anonymous source, which was apparently enough for them to threaten to revoke my domain if I didn't pay their $200 extortion fee.

Re:Godaddy (1)

X0563511 (793323) | about 8 months ago | (#45919471)

NoDaddy: for all your hosting "needs."

Domain Registars to avoid (3)

FriendlyLurker (50431) | about 8 months ago | (#45919627)

As someone who had godaddy hold my domain hostage, this is great news.

GoDaddy had received a single complaint from an anonymous source, which was apparently enough for them to threaten to revoke my domain if I didn't pay their $200 extortion fee.

Buried in the ruling the offending registar is named: PublicDomainRegistry.com (PDR Ltd) wouldn't let EasyDNS do the transfer. Add GoDaddy to the list, what other registrars should we be voting with our wallets and abandoning?

Re:Domain Registars to avoid (0)

Anonymous Coward | about 8 months ago | (#45921109)

Anonymous has dealt with Godaddy on more than one ocassion. They need to be completely eliminated from the Internet.

Re:Godaddy (2, Informative)

TWiTfan (2887093) | about 8 months ago | (#45919681)

GoDaddy, oh man. Hard to believe that I used to actually recommend them to clients for hosting. Then they started in with those ad campaigns that made Hooters ads look like church bulletins. That alone guaranteed that I would never recommend them again, even without the accompanying rumors of assorted other sleazy practices. It's a shame too. Their hosting was reasonably-priced and pretty reliable in its day.

Re:Godaddy (0)

Anonymous Coward | about 8 months ago | (#45920103)

GoDaddy, oh man. Hard to believe that I used to actually recommend them to clients for hosting. Then they started in with those ad campaigns that made Hooters ads look like church bulletins. That alone guaranteed that I would never recommend them again, even without the accompanying rumors of assorted other sleazy practices. It's a shame too. Their hosting was reasonably-priced and pretty reliable in its day.

It's pretty damn sad when we have to use a metric like "reliability" when speaking of managing static records. A registrars job is not technically difficult at all. We all know this. The lawyers make it fucking unbearable.

Re: Godaddy (0)

Anonymous Coward | about 8 months ago | (#45922031)

You're confusing DNS and web hosting. GoDaddy provides both and you can use either one, the other or both for your hosting needs.

Re:Godaddy (0)

Anonymous Coward | about 8 months ago | (#45922211)

I was working for Yahoo! Small Business web hosting doing support and while I wouldn't recommend their domain/hosting services to anyone we at least knew what the hell we were doing. I found it bizarre that I would have to explain processes to GoDaddy employees at least a few times a month.

Re:Godaddy (0)

Vlad_the_Inhaler (32958) | about 8 months ago | (#45919817)

The information is very well hidden in the FA, but this applies to Canada. The "City of London" will be the one in Ontario. Do decisions of this kind apply in other countries? - I'd guess not.

Re:Godaddy (1)

Anonymous Coward | about 8 months ago | (#45919931)

You're half right. The City of London police in the UK sent emails to registrars round the world asking them to take down domains. A surprisingly large number complied.

This case is in Canada, but the original request came from the UK.

Re:Godaddy (2)

mythosaz (572040) | about 8 months ago | (#45920213)

The city of London, or the City of London?

http://en.wikipedia.org/wiki/City_of_London [wikipedia.org]

Up next, a discussion of "United Kingdom"

Re:Godaddy (1)

Lazere (2809091) | about 8 months ago | (#45920471)

City of London. Which is what makes the whole thing so laughable. Nearly all registrars complied with a "police force" that has power over nearly nobody.

Re:Godaddy (1)

Sarten-X (1102295) | about 8 months ago | (#45919957)

Probably. It's an ICANN ruling, so as far as I can tell it applies to all ICANN registrars.

What doesn't apply worldwide is the "court order". If an American court tries to issue a court order for a Chinese registrar to hold a name, the Chinese company is probably not required to follow the order, so per ICANN they'd have to release the name. On the other hand, a Chinese order would have jurisdiction, so the registrar would be able (and likely required) to hold the name.

Re:Godaddy (2)

Obfuscant (592200) | about 8 months ago | (#45920447)

The information is very well hidden in the FA, but this applies to Canada. The "City of London" will be the one in Ontario.

The "City of London" being referred to is the one in the UK. It says as much in the linked ruling:

On September 24, 2013, the City of London Police issued a Domain Name Suspension Request regarding a large number of domain names, including the three at issue in this case. The Request asked the relevant registrars to do the following: We request that you review your processes to see if you provide a service for the identified domain(s). If so, we would ask you to review the terms and conditions on the basis of which that service is provided and withdraw or suspend the service if you are satisfied that the terms and conditions have been breached.

This is the infamous "takedown order" that asks a registrar to review a customer's actions with respect to the registrar's own acceptable use policy and make their own decision. The ruling continues:

This request was for the following reason: "The owners of the aforementioned domains are suspected to be involved in the criminal distribution of copyrighted material either directly or indirectly and are liable to prosecution under UK law."

which makes it clear that it is the City of London in the UK. But this ruling actually has nothing to do with the City of London, it applies to domain registrars.

Re:Godaddy (1)

jonbryce (703250) | about 8 months ago | (#45921535)

No, this is the City of London that is a country-within-a-country in the the UK, and England's smallest city.

Re:Godaddy (2, Interesting)

Anonymous Coward | about 8 months ago | (#45920523)

I also had GoDaddy hold my domain hostage, it was for a web security site, mostly used to find security holes in OSS as a hobby. Someone reported my site to GoDaddy and said it was a "hacking website" so I had to pay GoDaddys "penalty fee" to get control of my domain again so I could transfer it to someone else. I read through all their ToS and there was nothing about this "penalty fee" anywhere, which I pointed out to them, they replied with something along the lines of tough shit (they used nicer language but does that really matter). So I paid their "fee" to "unlock" my domain and I tried to transfer it to another registrar, I couldn't, everything in the control panel was set to allow me to transfer, I checked with GoDaddy support they said nothing was stopping me from transferring so I checked with the Registrar I was transferring to and they said everything on their end was working and had to be something with GoDaddy.. So.. I contacted GoDaddy support again, they still claimed nothing was stopping me from transferring the domain.. I tried to transfer to a different registrar than the first and same thing it still wouldn't transfer.. the support of this registrar informed me that like the first GoDaddy wasn't allowing the transfer.. so... back to GoDadddy support, they still claim I should be able to transfer even though I provided them with evidence that I tried two different registrars at my expense with the same problem and the only common denominator was GoDaddy.. at this point I started to act like a flat out asshole and after being transferred around they finally admitted that oh turns out they were the reason for the vein popping out of my head and the reason why I couldn't transfer the domain and that they made a change and I should be able to transfer the domain in 48 hours and if not "to contact support" again, because that worked out so well in the first place.. so long story short my domain is not with GoDaddy anymore and I would not recommend anyone to use them.

Re:Godaddy (1)

sconeu (64226) | about 8 months ago | (#45921547)

File in small claims court for the extortion fee.

Re:Godaddy (0)

Anonymous Coward | about 8 months ago | (#45921247)

Meanwhile, speaking as a longtime EasyDNS customer, back when the east coast had the massive power outage that left most of the northeast in the dark for several days, I got an email from EasyDNS where they apologized for their tech support (not their actual DNS or registry service) being unavailable for 1 hour and offered a partial credit despite the fact that I've had zero reason to ever call them up and have logged no tickets with them.

Needless to say, while their $35/yr price is above many other registrars, I find their business practices to be well worth the added expense. I can't recommend them highly enough...I've had zero problems with them in ~10 years I've had my domain registered with them.

Good, my domain & domain server will stay onli (1)

vikingpower (768921) | about 8 months ago | (#45919417)

I mean, the place being named organizedcrime.nl .....

There's money at stake (5, Insightful)

damn_registrars (1103043) | about 8 months ago | (#45919427)

... so ICANN cares. Where were they when people were asking them for help shutting down spammer-friendly (and scammer and thief friendly) registrars? When the registrars could make more money, ICANN was happy to comply. Now something is up that could interfere with registrars' ability to make money, so we see from them again.

The rest of us, of course, can all go to hell as far as ICANN is concerned.

Re:There's money at stake (-1, Flamebait)

Bacon Bits (926911) | about 8 months ago | (#45919521)

But the private sector can always do it better! The Libertarians say so!

Re:There's money at stake (0)

Anonymous Coward | about 8 months ago | (#45919665)

Because the cops have done a great job fighting botnets and the people behind them?

There are people on twitter doing more damage to botnet owners in a month that the collective whole of law enforcement has accomplished ever.

I'm not joking. If you want to argue this point, then you really are ignorant to what has been going on.

Re:There's money at stake (1)

RandomFactor (22447) | about 8 months ago | (#45919973)

While I am loathe to present a counterargument (since I generally agree...)

Give them their due - they did some significant good recently by nailing the creator of the Blackhole Exploit Kit (http://threatpost.com/viable-blackhole-successor-could-take-years-to-emerge/103492)

Re:There's money at stake (1)

Kalriath (849904) | about 8 months ago | (#45921379)

The frightening thing is that Microsoft has done more to fight botnets in any given month than the collective law enforcement of the world ever.

Re:There's money at stake (2)

damn_registrars (1103043) | about 8 months ago | (#45919703)

But the private sector can always do it better! The Libertarians say so!

I'm not entirely sure which way you're arguing here, as a lot of people errantly assume that ICANN is somehow a part of the US government. You may already know that the colossal fuck-ups known as ICANN are actually a nonprofit private organization [wikipedia.org] . Personally I take exception with their "nonprofit" status as clearly they are, at the very least, driven by interest in producing profit for their members.

Re:There's money at stake (0)

Anonymous Coward | about 8 months ago | (#45919855)

I'm pretty sure he's making fun of people who think the "private sector" solves everything. He probably is using this term colloquially to mean any non-governmental organization.

Re:There's money at stake (2)

Yakasha (42321) | about 8 months ago | (#45920313)

But the private sector can always do it better! The Libertarians say so!

They can.

The problem is there are 7,000,000,000 different opinions on this planet about what "better" means, exactly.

hey buddy can you spare a .com? (0)

Anonymous Coward | about 8 months ago | (#45919481)

the new age of open & honest communications & commerce has been sidetracked & waylaid by the ever fearful corepirate nazi WMD on credit franchisees. never a better time to consider ourselves in relation to momkind our spiritual sync with creation. free the innocent stem cells.... holding them hostage is a major infraction of the MANic viagrants

Thanks EasyDNS. (2)

Capt.DrumkenBum (1173011) | about 8 months ago | (#45919525)

Thank you for your good work on behalf of all of us.
I have used EasyDNS in the past, and found them a very pleasant company to deal with.

Re:Thanks EasyDNS. (1)

Richard_at_work (517087) | about 8 months ago | (#45919669)

Its a pity they didn't fix their DNS record management system until after I had to bitch about them on twitter. Other than that, happy with them for over a decade.

Re:Thanks EasyDNS. (5, Interesting)

Anonymous Coward | about 8 months ago | (#45919851)

EasyDNS is a great registrar. Some years ago I had an issue with one of my domain names because a law firm in North Carolina registered a very similar name. The only difference was that they inserted a hyphen in their name and I didn't have one. Naturally some of their clients omitted the hyphen in the address and I received the emails instead, which I passed on to them.

That was a mistake. The law company was very angry at me, and they accused me of intercepting their mail, using my domain in bad faith, etc. They ignored the fact that my domain name was registered over 5 years before they registered their name. They attempted to get EasyDNS to lock my domain and transfer it to them. They attempted to harass both me and EasyDNS. Eventually they attempted to take my domain through ICANN name dispute resolution proceedings, which failed. They even attempted to get the FBI involved, which resulted in an interesting interview with two agents, but nothing else.

EasyDNS was wonderful. They investigated and they decided there was no reason to interrupt my domain service. They supported me through the resolution proceedings. I would not use any other domain registrar for any domain name I really care about.

EasyDNS isn't the least expensive registrar, but they aren't the most expensive either. The fact they in Canada (and therefore outside USA jurisdiction) is an added bonus.

Re:Thanks EasyDNS. (1)

Obfuscant (592200) | about 8 months ago | (#45923599)

Naturally some of their clients omitted the hyphen in the address and I received the emails instead, which I passed on to them.

Yes, doing anything beyond reading the errant email and laughing, and then deleting it, is begging for trouble. I used to have the .com version of an ISP's .net and it is remarkable the number of people who think the only TLD is .com. And that when they send their email to the wrong place, it's your fault for getting it.

That includes a rather large software/OS company located somewhere in Washington state, that kept sending me email they intended for a partner at the .net address.

Re:Thanks EasyDNS. (1)

petermgreen (876956) | about 8 months ago | (#45925097)

EasyDNS isn't the least expensive registrar, but they aren't the most expensive either. The fact they in Canada (and therefore outside USA jurisdiction) is an added bonus.

Surely by using a registrar in a jurisdiction other than the one the TLD in question is based in you are increasing your vulnerability to court orders forcing transefer of the domain. If you registrer a .com domain with a canadian register then surely a US court could order ICANN to transfer it while a canadian court could order your registrar to transfer it.

The rotten and corrupt DNS (0)

Anonymous Coward | about 8 months ago | (#45919909)

Re:The rotten and corrupt DNS (1)

Kalriath (849904) | about 8 months ago | (#45921563)

Stop linking that shit every time someone mentions DNS. If you actually research the writer, you'd never - EVER - lend any credibility to anything he ever wrote again. Basically some registrars cut him off for spam, child pornography, and in one case not paying the bill, and he complains that they're the corrupt ones? Yeah, nah.

City of London = Privately owned Corporation (4, Interesting)

rea1l1 (903073) | about 8 months ago | (#45920169)

the City of London is a privately owned corporation. I would imagine their police are also.

Do not mistake London the city with the City of London.

http://www.theguardian.com/commentisfree/2011/oct/31/corporation-london-city-medieval [theguardian.com]

Re:City of London = Privately owned Corporation (2)

mythosaz (572040) | about 8 months ago | (#45920275)

They exist in another time-space, I'm certain of it...

The Lord Mayor of London and the two Sheriffs are chosen by liverymen meeting in Common Hall. Sheriffs, who serve as assistants to the Lord Mayor, are chosen on Midsummer Day. The Lord Mayor, who must have previously been a Sheriff, is chosen on Michaelmas. Both the Lord Mayor and the Sheriffs are chosen for terms of one year.

Midsummer Day? Are you effing kidding me?

Re:City of London = Privately owned Corporation (1)

Anonymous Coward | about 8 months ago | (#45921539)

Midsummer Day and Michaelmas are two of the Quarter Days (the other two are Christmas Day and Lady Day - https://en.wikipedia.org/wiki/Quarter_days). A lot of significant events used to happen on the Quarter Days, though they don't have much significance nowadays.

namecoin to the rescue (2)

mydigitallifesucks (3493869) | about 8 months ago | (#45920261)

...if we only had some form of decentralized name registration. oh wait we do. namecoin ftw.

Alternative summary? (1)

gallondr00nk (868673) | about 8 months ago | (#45921605)

The summary and some of the replies seem a little misguided. I've probably got it wrong as well, but here goes.

Essentially, the City of London (the borough, not Londinium itself) emailed or wrote to domain registrars asking that they suspend the domain of what they alleged to be copyright infringing sites. This was a request, not an order. As we know a lot of domain registrars really don't give a toss and suspended the domains, probably without investigating whether the takedown request was accurate at all. EasyDNS, as reported before, didn't take down or suspend the domains.

Said suspended domain owners wished to take their business from their old registrars to EasyDNS, but their old registrars wouldn't transfer the domains. EasyDNS wasn't happy and petitioned ICANN, who ruled that the registrars were against policy for refusing to transfer them unless a court order was involved.

It sounds more sinister than it is. Anyone can submit a takedown request like that for a perceived TOS violation.

Captcha: Debunk. I hope so!

Re:Alternative summary? (1)

petermgreen (876956) | about 8 months ago | (#45925107)

The big question I have is what happens next? Do icann ask the losing registrars nicely to folow policy and transfer the domains or do they actually force the transfer?

National Association of Boards of Pharmacy (4, Interesting)

rueger (210566) | about 8 months ago | (#45921821)

Lord - things are never dull over at easyDNS. Hot on the heels of the decision above, some called the National Association of Boards of Pharmacy (NABP) is demanding [easydns.org] that easyDNS play Cop.

It's almost surreal to be getting this letter from the National Association of Boards of Pharmacy (NABP) addressed to ICANN Registrars requesting that "you adopt and implement policies and procedures, consistent with this letter,", given the timing of what we just went through with the City of London Police takedown requests. What are those policies and procedures the NAPB wants all ICANN Registrars to adopt? Glad you asked:...

Editors! (0)

Anonymous Coward | about 8 months ago | (#45922619)

Do some editing, once in a while. There's a good silly lazy bunch.

I don't understand /. here (1)

storkus (179708) | about 8 months ago | (#45923277)

You villify the MPAA/RIAA mafiaa, agree with Voltaire on defending the right to free speech, hate NSA and RSA,

AND YET

you say that EasyDNS is in the wrong here?!? I don't get it. I just don't. Regardless that the defendant here was another registrar rather than the City of London itself, the question remains the same: can a police department authorize the seizure of property without so much as a court order? If so, why not do away with the courts altogether since police agencies now play the roles of judge, jury, and executioner?

For me, EasyDNS has earned a customer when it comes time for me to renew my domain. And while I'm only one, I know that, as this news spreads, I won't be the only one.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>