Feeds

Unprecedented domain seizure shutters 84,000 sites

Feds' Operation Powergrab slammed

Combat fraud and increase customer satisfaction

The federal government's unprecedented practice of confiscating internet domain names in secret court proceedings took a new and ominous turn last week when it resulted in the closure of as many as 84,000 website addresses.

The power grab came last Friday, when the mooo.com, an address a service called Free DNS used to resolve more than user 84,000 websites was unceremoniously suspended at the registrar level. Sites that relied on mooo.com soon displayed a banner that said the domain name had been seized by the Immigration and Customs Enforcement, the main investigative arm of the US Department of Homeland Security. The banner went on to include this creepy nugget:

“Advertisement, distribution, transportation, receipt, and possession of child pornography constitute federal crimes that carry penalties for first time offenders of up to 30 years in federal prison, a $250,000 fine, forfeiture and restitution.”

Speculation has abounded ever since that mooo.com was one of almost a dozen domains confiscated under Operation Protect Our Children, in which the government obtained a secret court order to seize addresses allegedly involved in child pornography without first giving the owners a chance to defend themselves before a judge.

By Sunday evening, mooo.com was restored, but by then the damage was done. Not only had 84,000 websites been silenced for 72 hours (a term lawyers call prior restraint) with no legal authority, but it was going to take another day or so for the world's domain name servers to reflect the change in tables most people use to access the sites. Condemnation of the move by ICE, which is overseen by Director John Morton, was swift and scathing.

“Mr. Morton, with all due respect: 'fuck off,' one affected website operator wrote. “Pulling a total domain, sweeping up innocent people along the way, feeling that you don't have to comply with due process of law and indicating that you don't give a damn is wrong. It's not as wrong as child pornography or counterfeiting, but it's still wrong.”

Department of Homeland Security officials didn't respond to an email and phone calls seeking comment.

Lawyers and civil libertarians say the act was unprecedented and a naked affront to Free Speech guarantees at the heart of the US Constitution.

“You don't take down speech unless you have some sort of justification for it, and that's why, over and over, courts have said if you're going to take down a website, or take down speech anywhere, that take-down has to be narrowly tailored to a specific objective,” Corynne McSherry, intellectual property director for Electronic Frontier Foundation, told The Register. “This is basic constitutional law.”

Operation Protect Our Children comes on the heels of a separate ICE initiative dubbed Operation in our Sites, which seizes domain names for websites accused of offering pirated or counterfeited content or products. Like last week's operation, it didn't afford any prior notice to the owners, many of whom are located outside US borders.

The latest initiative came about the same time US Secretary of State Hillary Clinton criticized the Egyptian government for pulling the plug on the internet. The irony hasn't been lost on critics.

“Our government has gone rogue on us,” Eric Goldman, a professor at Santa Clara University School of Law, said. “Our government is going into court with half-baked facts and half-baked legal theories and shutting down operations. This is exactly what we thought the government couldn't do. I'm scratching my head why we aren’t' grabbing the pitchforks.” ®

SANS - Survey on application security programs

Whitepapers

Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.