from the reasonably-so dept
Either way, it appears that Microsoft has now returned all the domains to No-IP and settled the lawsuit. According to a joint statement by the companies:
Microsoft has reviewed the evidence provided by Vitalwerks and enters into the settlement confident that Vitalwerks was not knowingly involved with the subdomains used to support malware. Those spreading the malware abused Vitalwerks’ services.No-IP for its part has also put out a more detailed explanation for how all of this happened. It's worth reading. It also takes apart a number of Microsoft's claims, including the company's claim that, prior to returning the domains, it had "fixed" the problems people were having accessing their sites. No-IP reiterates that if Microsoft had just contacted the company first, it would have taken down the abusive customers. Clearly, even though the situation was settled, No-IP is reasonably upset that it happened in the first place:
Microsoft identified malware that had escaped Vitalwerks’ detection. Upon notification and review of the evidence, Vitalwerks took immediate corrective action allowing Microsoft to identify victims of this malware. The parties have agreed to permanently disable Vitalwerks subdomains used to control the malware.
In the process of redirecting traffic to its servers for malware detection, Microsoft acknowledges that a number of Vitalwerks customers were impacted by service outages as a result of a technical error. Microsoft regrets any inconvenience these customers may have experienced.
While we are extremely pleased with the settlement terms, we are outraged by Microsoft’s tactics and that we were not able to completely and immediately restore services to the majority of our valuable customers that had been affected.Later it notes:
At No-IP, we are firm believers that the Internet should be free and open. We will continue to fight for the rights of our users and our business. Moving forward, we have provisioned a solution that will reduce the risk of domain seizures.
We hope that Microsoft learned a lesson from this debacle and that in the future they will not seize other companies domains and will use appropriate channels to report abuse.Wouldn't that be nice.