Did Homeland Security Seize... And Then Unseize... A Dynamic DNS Domain?

from the cluelessness-knows-no-bounds dept

Over the weekend, we started getting a bunch of reports from folks claiming that the dynamic DNS service afraid.org had been seized in the latest DHS/ICE domain seizures, and that all of the sites associated with afraid.org had been replaced with a notice that they had been seized over child porn claims. The main site involved was mooo.com. If you're unfamiliar with the way these dynamic DNS services work, they basically let you put a permanent URL, often using a subdomain like putsomesubdomainhere.mooo.com, and then you point it at whatever machine is actually hosting your content. For some folks and some projects, it's easier than getting your own full URL. But, of course, as a service, it can point to just about any kind of content. Remember, afraid isn't hosting any of this stuff. It's basically just acting as a directory.

Despite multiple reports, and various blog posts from individuals really pissed off that ICE had accused them of trafficking in child porn, we didn't write about it earlier for a few reasons. First off, with each of the past few ICE seizures, various hucksters have claimed that their domains were seized as well, and it later turns out to not be true at all. In the last round, I ended up talking with a guy who claimed his domain was seized for a few days, before realizing he was full of it. Second, afraid.org and mooo.com came back online a day and a half later, with the admin claiming that the domain was "suspended at the registrar level", but not mentioning DHS/ICE at all. I emailed afraid.org's admin asking him for details a few days ago, and heard absolutely nothing in response.

So despite more and more people bringing it up in our comments, I was ready to let it drop. However, late yesterday, Homeland Security and ICE did officially announced more domain seizures, but these were different than the last four rounds we've spoken about -- which were a part of "Operation in Our Sites," and was focused on IP violations. Instead, this is called "Operation Protect Our Children," and was focused on child porn. Yes, Homeland Security is pulling out the old "protect the children!" line to defend domain seizures.

Unlike the "In Our Sites" announcements, however, with "Protect Our Children," DHS didn't actually name the domains. So, right now I'm just not sure if mooo.com was really seized... and then given back (which would be a surprise, if true). Since I'm at a dead end in the normal channels, I figured I'd just put the story out here, and see if we can dig up any proof either way. Was mooo.com really seized as part of this program... and if so, was it really given back? If so, why? Did ICE realize that seizing a dynamic DNS service that links to a ton of perfectly legitimate content would clearly push it over the line on prior restraint? Remember, nearly all of the "prior restraint" cases we've discussed as examples of why the domain seizures are unconstitutional involve pornographic materials. And, one of the counterpoints that people have argued is that those rulings only apply to porn, but not copyright (no one has a good explanation of why that would be, but we'll leave that aside).

So, what happened here? Did DHS/ICE demonstrate even more technical cluelessness in seizing a dynamic DNS directory that linked to tons of perfectly legit content, and then realize its mistake and give it back? Or were the reports of mooo.com's seizure overblown? Or did something else happen altogether?

Filed Under: domain names, porn, seizures

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Anonymous Coward, 16 Feb 2011 @ 10:46am

    Re: Re: Re: Re: Re: Re:

    I think the fear is (and is often the case) that the dynamic DNS provider is profiting from the illegal acts, so they will either act as slowly as possible to remove the sites, or will do the ultimate trick, removing the sites and redirecting the traffic to profitable pages for them. Oh yeah, then they allow the CP sites to sign right back up 10 minutes later.

    Also, what many sites that want to hide do these days is this:

    User dynamic DNS to point to an IP address, usually on a DSL connection. But it isn't their computer, just a machine their back doored and installed a rootkit on, putting ngix or similar small package webserver on there to act only as a proxy redirector. That redirection might point to multiple mirrors or even through a series of redirections before getting to the content.

    The end result is that except for pulling down the dynamic dns, there is no real way to track or stop them.

    If you want a history lesson in nasty tricks, go look at the history of Estdomains, Esthost, and other related companies. When people really want to avoid the law, they can do it without issue.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.