Feeds

Mozilla refuses US request to ban Firefox add-on

Stiff-arms feds over seized domains

Choosing a cloud hosting partner with confidence

Mozilla officials have refused a US government request to ban a Firefox add-on that helps people to access sites that use internet domain names confiscated in an unprecedented seizure earlier this year.

The request came from officials at the Immigration and Customs Enforcement, the agency under the Department of Homeland Security that in February took the unprecedented step of seizing domain names accused of streaming live pay-per-view sporting events. Without giving the owners an opportunity to defend themselves, ICE officials obtained a court order that gave them control of the addresses, which ended in .com, .net, and .org.

That's where MafiaaFire came in. The Firefox add-on, available on Mozilla.org, made it easy for users to access sites that used some of the confiscated addresses. It did this by redirecting them to substitute domain names that were out of the reach of US courts, such as those with a .de top level domain.

“You simply type Demoniod.com into your browser as usual,” the add-on's authors wrote in an FAQ explaining how it works. “The browser sends the address to the add-on, the add-on checks if Demoniod.com is on the list of sites to be redirected and immediately redirects you to the mirror site.

According to a blog post published on Thursday by Mozilla General Counsel Harvey Anderson, ICE officials alleged MafiaaFire circumvented their seizure order and asked Mozilla to remove it.

The open-source group, in not so many words, said no.

“Our approach is to comply with valid court orders, warrants, and legal mandates, but in this case there was no such court order,” Anderson explained.

He continued: “The problem stems from the use of these government powers in service of private content holders when it can have unintended and harmful consequences. Longterm, the challenge is to find better mechanisms that provide both real due process and transparency without infringing upon developer and user freedoms traditionally associated with the internet.”

Indeed, a vocal chorus of lawmakers and policy wonks have decried the domain seizures, arguing that the ex parte actions are a serious power grab that threaten the stability of the internet. If the US government can confiscate addresses it doesn't agree with, what's to stop China or any other country from doing the same thing?

So far, at least 92 domain names have been seized under the program, which ICE officials have dubbed Operation in our Sites. Two of the affected domain names are rojadirecta.org and rojadirecta.com, which belong to a site that was recently ruled to be operating legally in Spain, where it is headquartered.

Anderson said he responded to the ICE request by sending officials a set of detailed questions that among other things asked: “What protections are in place for MAFIAAfire.com or the seized domain owners if eventually a court decides they were not unlawful?”

So far, he's received no response. ®

Internet Security Threat Report 2014

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Whistling Google: PLEASE! Brussels can only hurt Europe, not us
And Commish is VERY pro-Google. Why should we worry?
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
First in line to order a Nexus 6? AT&T has a BRICK for you
Black Screen of Death plagues early Google-mobe batch
Microsoft adds video offering to Office 365. Oh NOES, you'll need Adobe Flash
Lovely presentations... but not on your Flash-hating mobe
prev story

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.