Hacker News new | past | comments | ask | show | jobs | submit login
ATDHE Seized: How Site Takedowns Are Ceremonial (readwriteweb.com)
31 points by rwwmike on Feb 2, 2011 | hide | past | favorite | 10 comments



This is a much bigger problem than ATDHE: http://torrentfreak.com/us-resume-file-sharing-domain-seizur...

DHS seized a domain that had twice been ruled by a court of law in the corporation's home country, an EU state, to be operating completely legally. The corp. has absolutely no presence whatsoever in the US.

This one domain may be the straw that broke the camel's back — it wouldn't surprise me if the rest of the international community begins moving towards demanding that the US forfeit control over the 3 root TLDs posthaste.


In all of the cases so far (that I've checked) it seems that the registrar of the domain has been based in the US. So to seize a domain it would be sufficient to do this at the registrar level, instead of the registry level.

If the domain has been sized via the US-based registrar it's nothing to worry about.

If - on the other hand - the domain has been sized at the registry level (and the same would have happened with another foreign registrar) this would be one large reason for me to use other TLDs in the future. However, if this is really the case it makes me wonder why piratebay.org hasn't been sized yet (this domain is registered at a German registrar).


GoDaddy says they "have not touched anything". Of course, this may mean that they have built a self-serve seizure system in the past, but still...


Uh, well now this is amusing:

http://www.atdhe.net/ shows seizure notice

http://atdhe.net/ still works

(Site looks pretty shady, by the way. I'd suggest something like NoScript.)


They only seized the DNS. They haven't shut down the site.

Try http://88.80.11.29/


I'm confused. According to WHOIS, the DNS points to prq.se. And if they did seize the DNS, why wouldn't they change all the records to point to the seizure site?


"If you want to continue accessing site please bookmark www.atdhenet.tv. You can also follow us on twitter."

I guess it's up to Tuvalu now.


I wonder how long before we start seeing articles entitled .{com,org,net} domains considered harmful?


How do these seizures work? Is it only for US ISPs? I tried hitting http://atdhe.net/ and I get the regular site, not a DHS seizure page.

They have a banner at the top saying it was shut down this afternoon but how did they get it back? Or is it still blocked in the US?


DNS Registrar gave domain name to US government, the US government simply pointed the new domain name to a new server. If you're still viewing the old site, then the DNS propagation hasn't reached your ISP's DNS yet. The server hosting the files is unaffected as it's in another country hence someone provided a direct IP address.

This has the potential for attacks on unprotected clients with malicious JS.

But most likely, they will be logging browser details and ip address as an old honeypot tactic. If I was in their position, I would attempt to cross-match the IP addresses with list of associated profiles (For the paranoid, FB/HN/etc may provide profile associations due to sealed requests). Then there's a list of suspects for questioning.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: