How The DMCA's Digital Locks Provision Allowed A Company To Delete A URL From Adblock Lists
from the end-1201 dept
Starting late last week, there's been a bit of a fuss in various circles about a DMCA notice being used to remove a domain from one of the most prominent adblocking server lists, known as Easylist. AdGuard had a big blog post about it, as did TorrentFreak and Gizmodo. But, the whole situation is somewhat confusing, and requires understanding a variety of different things, from how adblocking works, to how certain paywalls work and, most importantly, how two separate parts of the DMCA -- the notice and takedown portions of DMCA 512 intersect with the anti-circumvention/"digital locks" provisions of DMCA 1201.
So, let's dig in. The easiest bit is how adblocking works. You probably already know the basics, but it relies on listing out designated servers, and then blocking resources from those servers from loading. Pretty straightforward. Now, there's a whole industry that has grown up around being anti-adblocking (we get pitches from these people all the time, and tell them to go away, because we actually let you turn off ads directly if you want). Most of the anti-adblock solutions are annoying in one way or another, of course. One popular solution that many popular sites have started using is that they try to detect if you are using an adblocker -- and if they think you are, you're blocked from reading the content unless you disable the adblocker. We've pointed out why we think this is a dumb strategy for a variety of reasons, not the least of which being that after Forbes made people turn off its adblockers, it served up malware via its ads. Oops.
Anyway, one of the companies that offers the technology for this kind of "turn off your adblocker to access this content" setup is a company called Admiral. One of the domains that Admiral apparently uses for its technology is called "functionalclam.com." You can go to the site where you'll see the following nonsense text that almost sorta kinda makes sense, but really doesn't:
This domain is used by digital publishers to control access to copyrighted content in accordance with the Digital Millennium Copyright Act and understand how visitors are accessing their copyrighted content.
Right? It almost makes sense, but then you're left wondering -- wait, how does a domain "control access to copyrighted content"? And, why would a domain have anything to do with the DMCA? Hang tight, we'll get there.
Let's go back to Easylist, which is housed, like so many things, on Github. Last week, Easylist's Github page showed a comment saying that "functionalclaim.com" had been removed "due to DMCA takedown request." This immediately got a lot of people upset -- perhaps reasonably so -- but the whole thing is a bit more complicated. When we talk about the DMCA there are two main parts that we often talk about -- and in nearly every case, the two separate parts of the DMCA we talk about them entirely separately, because they cover different things, and it's rare that they ever intersect.
We most commonly talk about DMCA 512, which is the notice-and-takedown part of the DMCA, laying out the rules for a copyright holder to send a DMCA takedown notice to a platform, as well as the rules for how a platform needs to respond. The other part of the DMCA, which we also still talk about pretty frequently is DMCA 1201, sometimes called the "anti-circumvention" section or the "digital locks" section. This is the (highly problematic!) part of the DMCA that says that circumventing "technological measures" that are designed to "control access" to a work protected by copyright. 1201 is dangerously broad in that it makes it a violation of the law to "manufacture, import, offer to the public, provide or otherwise traffic in any technology, product, service, device, component, or part thereof" if the purpose of that technology is to circumvent. In practice, this means that using or making a tool for perfectly legal circumvention -- such as for fair use or accessing public domain material -- can still be said to be in violation of this law.
So, here's where this particular DMCA notice gets tricky. When people talk about DMCA notices, they almost always mean a 512 notice. After all, that's the part about "notice and takedown." But this is not a 512 notice. They're actually sending a 1201 notice, which is relatively rare (I can't recall any others, though it's entirely possible they've been sent). Here, unlike with 512 notices, there isn't necessarily a strict procedure that needs to be followed under the law, but for fairly unsurprising reasons, Github more or less treats it as a 512 notice and acts according (as we'll explain later).
The full DMCA notice from Admiral is actually fairly interesting. To its credit, rather than the sort of smash-and-destroy-everything style of DMCA notices we often see, this one actually goes into detail and stresses, repeatedly, that it's not asking Github to remove all of Easylist at all. It's just asking for the removal of that one domain, and it believes that it should be removed because it violates 1201. The notice repeated references 1201, not 512. Now, I have some serious questions about how this can actually be a 1201 violation, but first let's finish what happened before we question things.
A few years back, Github implemented a process (which we approve of!) for dealing with DMCA notices. Rather than taking things down immediately, Github actually alerts the project owner first, and gives them time to review the notice and possibly fix things themselves (or to protest if they believe the notice is in error). And that's what happened here. Github passed along the notice and the Easylist people removed the domain in response, while also noting that if it really is an "Anti-Adblock Circumvention/Warning" service "it should be removed from Easylist without the need for a DMCA request." There's also some confusion over this, but it appears that that anti-adblock company Admiral created a Github user with the confusing name "dmcahelper" who had initially requested the removal in a comment last month. A lot of people thought that this might possibly be from Github, but Github has said it is not, and Admiral has since admitted to posting the request.
Oh, and while everyone was getting upset about this, Admiral put out a weirdish blog post that it titled "DMCA, Easylist, Adblock, Copyright Access Control & Admiral: 10 Things To Know," which explains all of this accurately, but requires an awful lot of background knowledge to actually understand what it's saying (knowledge that most people commenting on this story on various sites do not appear to have given the commentary I've been reading).
So, to summarize: Admiral tries to help publishers deny access to adblock users unless they disable adblocking tools or whitelist those particular publishers. Somehow, one of the long list of nonsensical/wacky domain names that Admiral uses to serve up those "please whitelist us to access" interstitial got included in Easylist. Admiral asked for it to be taken down, but in an awkward manner using a new Github account called "dmcahelper" and the people behind Easylist expressed some confusion. Admiral responded by filing a formal 1201 (not 512) DMCA notice -- that goes to great lengths to explain that it just wants functionalclam removed from the list for anti-circumvention reasons. Github forwards the notice to Easylist, as it would with a 512 notice, and Easylist removed functionalclam, while noting that it shouldn't be on the list anyway, because the domain is just for anti-adblocking tools. Phew.
Or, to make it even shorter: Admiral is arguing that it's "you need to whitelist us on your adblock to access this content" technology is a form of DRM -- and including one of its URLs in adblock itself is "circumventing" its DRM, and therefore in violation of 1201... and thus it sent a takedown notice that is a "DMCA takedown" notice, but not the kind of DMCA takedown notice you would normally see.
When you put all that together, you can see how this could all be pretty confusing -- and could at least lead people to suspect something nefarious in, say, an advertiser trying to get its servers off of an adblock list through a totally fraudulent DMCA notice. This is not quite that.
But is the DMCA notice really legit? That... is not quite as clear. Putting this all back together and zooming in on the specific issue, this would only be a valid DMCA notice if the mere inclusion of the URL counted as a "technology, product, service, device, component, or part thereof" that was "primarily designed or produced for the purpose of circumventing protection afforded by a technological measure that effectively protects a right of a copyright owner" and "has only limited commercially significant purpose or use other than to circumvent protection afforded by a technological measure that effectively protects a right of a copyright owner." And, for that I'm left scratching my head a bit. I'm not entirely sure how merely including a domain name would count. But that doesn't mean it wouldn't. Adblock itself isn't a tool designed for circumventing protection (even if some argue that it's circumventing a publication's business model, it's not circumventing copyright protection). But, perhaps there's a reasonable argument that the mere inclusion of a domain used solely to create a blocking on adblock users counts as circumvention in a way that violates 1201. That worries me for a variety of reasons, but it is possible that it's legitimate under the law.
While some are quick to call this a clear abuse of the DMCA or a frivolous takedown, I don't think it's that clear at all. It's not obviously frivolous. There's at least an interesting and possibly credible theory behind it, arguing that the inclusion violates 1201 -- even if I'm not sure it really does. What this really demonstrates to me is -- once again -- the serious problems of DMCA 1201 and how it allows for very dangerous results. The idea that merely including a URL in a list that I use on my own computer to tell my computer not to allow a certain server to send information to my computer... could be seen as violating copyright law is bonkers. This gets right to the heart of what Cory Doctorow frequently discusses concerning problems with 1201 and how it effectively is reaching into people's own computers and telling them what they can't do. And, in this case, what you "can't" do is put a specific URL on a list. That seems bad.
It's fine that Easylist agrees that it doesn't want those kinds of URLs on its list, but there's a larger question here about whether or not others should be able to merely list out the URLs of servers they don't want to send information to their computer. And the idea that merely doing so would be violating copyright law raises a whole bunch of troubling consequences.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: adblock, anti-circumvention, circuvmention, copyright, dmca 1201, dmca 512, easylist, takedown, whitelist
Companies: adguard, admiral, github
Reader Comments
The First Word
“If this is a valid 1201 claim, then I could make the equally valid claim that functionalclam's entire existence is a 1201 violation and the site (and all the rest of the ones that Admiral uses for similar purposes) need to come down immediately.
No no, seriously, hear me out.
First, the definition used here:
My web browser is a work protected by copyright. I use an adblocker to control access to it by preventing undesirable websites from accessing it. Therefore, it's a 1201 violation to attempt to circumvent my ad blocker, and quite possibly a CFAA violation as well... right?
(Any lawyers in the house who wanna take a crack at this one?)
Subscribe: RSS
View by: Time | Thread
Dear Admiral
All I ask is to know what web sites you work with so that I CAN AVOID EVER VISITING THEM.
FOREVER.
It doesn't matter if they change their mind. Whatever sites are using this, I am done with. Forever. Period. I won't come back to sites that can serve up malware and want me to lower my defenses. If they will do this today, God only knows what they will do tomorrow.
Advertising run amok ruins ever medium it ever appears in. Newspapers. Magazines. Radio. Television. Let me pause a moment. The great promise of Cable TV was: no ads! Yeah, right. But once they let the advertising get its foot in the door, Cable TV was eventually overrun by ads. More ads than content even in some time slots! Ads that would pop up after the ads, and on top of the content, obscuring the program you're trying to watch -- right after a bunch of ads! Ads ruin the web. Websites with dozens of ads on a page, with one paragraph of content, or one picture, begging you to click the Next button to get the next page with a picture or paragraph of text and dozens of ads. No thanks!
Sincerely,
[ link to this | view in chronology ]
Re: Dear Admiral
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Not if I do not want access to their crappy content.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
Not the case. For example, the whole "unlocking smartphones" issue is for personal use (and not for financial gain), is controlled by section 1201, and is illegal at the whim of the Librarian of Congress.
[ link to this | view in chronology ]
im on the admirals ship too
[ link to this | view in chronology ]
An idea
If you want to argue that a hash really is a pretty strong indicator of uniqueness, then I would argue that you're using the wrong hash for this particular application.
[ link to this | view in chronology ]
Re: An idea
It seems like this wouldn't matter that much. Section 1201 doesn't require that your technology serves only to circumvent DRM protection measures, just that it does circumvent those measures. So making an argument that it is impossible to prove which URL you based your hash is not really relevant, except to prove that your technology also might serve dual purposes.
After all, if the hashes aren't unique than it would be trivial for you to replace your hash with one that doesn't block the DRM, but does block whatever you intended to block.
[ link to this | view in chronology ]
Re: Re: An idea
Don't put functionalclaim.com into an ad-blocker. Not at all. Sidestep the whole problem.
Have a new type of software that is a SITE blocker. It can block you from ever visiting various sites for any reason of your choosing. One valid reason an end user might want to NOT visit a site is because it makes reference to functionalclaim.com. After all, I don't want to circumvent your technology. I really don't! Not at all! I simply don't want to ever have to visit any site using your technology -- as is my right. You can't make me visit sites I don't want to visit.
[ link to this | view in chronology ]
Re: Re: Re: An idea
It's that I want to avoid ever visiting your site. Period.
[ link to this | view in chronology ]
I have expressed my opinion about the domain functionalclam.com by adding it to the list in my edge firewall device that blocks all traffic.
[ link to this | view in chronology ]
Re:
The EFF and Bunnie Huang are suing the government over exactly that.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
On the bright side, at least now I know what URL everyone was talking about, so now I can slap it into my uBlock Origins’ personal filter list.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
The former is the correct URL. The latter one does not work.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
►dig functionalclam.com
; <<>> DiG 9.3.2 <<>> functionalclam.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 603
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;functionalclam.com. IN A
;; ANSWER SECTION:
functionalclam.com. 30 IN A 35.186.249.84
;; Query time: 46 msec
;; SERVER: 208.67.220.220#53(208.67.220.220)
;; WHEN: Mon Aug 14 16:39:07 2017
;; MSG SIZE rcvd: 52
►dig functionalclaim.com
; <<>> DiG 9.3.2 <<>> functionalclaim.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 375
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;functionalclaim.com. IN A
;; AUTHORITY SECTION:
com. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 15027
43505 1800 900 604800 86400
;; Query time: 109 msec
;; SERVER: 208.67.220.220#53(208.67.220.220)
;; WHEN: Mon Aug 14 16:39:23 2017
;; MSG SIZE rcvd: 113
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Agreed.
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
So, what Admiral is saying is that functionalclam.com needs to be added to the list of domains that my local nameserver is authoritative for and which have a wildcard record resolving to a web server that responds to all requests with "404 Not Found". Glad they clarified that, now I'll never even contact their site to potentially copy their content so I'll never have to worry about whether I've circumvented anything Admiral's put in place to prevent that copying and thus never have to worry about Section 1201.
[ link to this | view in chronology ]
Re:
A HOSTS file block does seem like the proper response here, yes.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
The entire article is about how yes, they can.
[ link to this | view in chronology ]
Re: Re: Re:
No, it's not. They can force a software creator -- even an open-source publisher -- to do this.
They absolutely can't force ME not to add them back in after I download the software. Nor can they prevent me from using some other software that continues to block them.
[ link to this | view in chronology ]
Re: Re: Re: Re:
They absolutely can't force ME not to add them back in after I download the software.
If their legal argument is sound, then yes, they can. Section 1201 applies to everybody, regardless of whether or not they qualify as a "software creator" in your mind (as "software creator" does not have a legal definition in copyright law).
While it would likely be a waste of time and money on their part to discover and go after you for doing this, they can do it if they were so inclined.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Free speech
'Stephen T. Stone' somehow read my [anonymous] mind. My first thought was "thanks for the new personal filter item".
[ link to this | view in chronology ]
And seriously, just list the domains in some separated file so the users can add manually and problem solved.
And this is yet one more reason to scrap IP laws.
[ link to this | view in chronology ]
If this is a valid 1201 claim, then I could make the equally valid claim that functionalclam's entire existence is a 1201 violation and the site (and all the rest of the ones that Admiral uses for similar purposes) need to come down immediately.
No no, seriously, hear me out.
First, the definition used here:
My web browser is a work protected by copyright. I use an adblocker to control access to it by preventing undesirable websites from accessing it. Therefore, it's a 1201 violation to attempt to circumvent my ad blocker, and quite possibly a CFAA violation as well... right?
(Any lawyers in the house who wanna take a crack at this one?)
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Streisand strikes again.
[ link to this | view in chronology ]
Effective
"... "technology, product, service, device, component, or part thereof" that was "primarily designed or produced for the purpose of circumventing protection afforded by a technological measure that [EFFECTIVELY] protects a right of a copyright owner"..."
If the meaning behind that word is that the "... technological measure, [in effect,] protects a right..." then it would seem to be legitimate, though I share the concern detailed in the original post.
If the meaning behind the word is that the "... technological measure, [in an effective manner,] protects a right..." then that is clearly not the case here.
An access control mechanism ("measure" above) that relies to this extent on the client-side request via open network traffic standards (namely, HTTP traffic to an Internet-accessible domain name) can hardly be said to operate in an effective manner insofar as protecting the rights of the copyright holder is concerned.
It is trivial to bypass the behavior on the client side in any number of ways. As many have mentioned above, setting the hostname in a hosts file would prevent access to it. A custom DNS server that black-holes traffic to that domain would also suffice. A web proxy could also be configured to kill any traffic destined for that domain.
Each of these methods could be justified for ANY or NO reason, and could occur incidentally for reasons entirely unrelated to bypassing technical measures intended to protect copyright holder rights, because HTTP traffic itself is not inherently tied to that purpose.
To try and translate it into a somewhat tortured analogy, it would be akin to operating a grocery store that is always locked; the key to the store is available outside the locked door, with a little agreement nearby that states you may only use the key if you REALLY PROMISE to take a look at our advertisements section first.
It does not account for those who choose not to look, those who are blind, those who don't/can't read, or those who don't read the language the message is written in.
There is no technical enforcement present, which renders the "measure" subject to the honor system (or in this case, abusing the DMCA to try and enforce the honor system). It doesn't work, and such a "measure" can hardly be said to be operating in an effective manner.
[ link to this | view in chronology ]
From EasyList to EasyPrivacy
[ link to this | view in chronology ]
My illegal HOSTS file:
[ link to this | view in chronology ]
Re: My illegal HOSTS file:
[ link to this | view in chronology ]
A more complex long term idea than it looks like
It really looks like the website is being used for a simple anti-adblock scheme that would require that the user accept it with the ads or do not receive anything at all. However, by using a more DRMish lingo and implementation, it became more a circumvention case of their specific "terms of service" (also get the ads or get nothing) to access this copyrighted content than a simple adblocking. And it really looks like a DRM deployment on a whole website.
Although it would result in a mere anti-adblock case that will drive the users out of the website, this won't happen at all. It is also irrelevant for them if the users have the right to block it and a few will come with their own (non-scalable) solutions to avoid some ads. Their real objective is to create a precedent to obtain domains that cannot be blocked by adblocks. And what better domain to serve ads than one that cannot be blocked by an adblock made by a company with legal liability? [and the DMCA anti-circumvention already proved to be strong enough to build a case against someone.]
[ link to this | view in chronology ]
Came here to say this
Will it work? Maybe but a more likely outcome would be adblocking lists hosted outside of a DMCA compliant location. Github was likely chosen from convenience.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
It's literally the same argument. Someone downloads a song without paying = I lost money = they're stealing from me! Someone blocks an ad = I lost money = they're stealing from me!
The reality of both situations states otherwise, but these people have no qualms trying to use the courts to bend reality to their will, rather than adjusting their business to suit reality.
[ link to this | view in chronology ]
Re:
Because the DMCA is a broken pile of horse crap, and intentionally written that way to make attempts to challenge it effectively toothless.
[ link to this | view in chronology ]
There is one filtering software, that if it were still made, would not be subject to US laws. SuperScout, before it was bought out by a US company, was developed and sold from Britain.
Thereore, SuperScout, it it were still around, could add functionalclam.com to its filtering lists for ad blocking, and the DMCA would not apply to them, on account of the software vendor being in London.
So SuperScout, if they still existed, could tell Admiral to go take a long walk off a short pier, and that is nothing they could do about it, as a software company in the United Kingdom, is not subject to US laws
[ link to this | view in chronology ]
Re:
It doesn't matter where/by whom it is made from, it could not be sold in the US if it doesn't subject itself to US laws. Similarly to the case of American companies Google and Apple in China.
I'm not sure but I guess that other countries also have similar DRM and anti-circumvention laws, and it is even worse as some have a more lax approach to enable blocking based on copyright claims.
[ link to this | view in chronology ]
Re: Re:
In other words, they could sell it US Customers, if they were still around, and would not be subject to prosecution in the United States.
[ link to this | view in chronology ]
Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re:
Of course they can ignore the US laws, those pirate sites also do that. Unfortunately, some evil yankee companies (like visa and paypal) won't help them receive the money from Americans customers (and probably also from everybody else).
Every time someone believes that, Kim Dotcom sentence is increased by one day.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
So credit card or Paypal blockades would not work when payment for SuperScout was sent by check.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
A network admin merely installs the software in the network, then selects the categories to be block, and either the filtering vendor sends regular updates to the network, or the filtering list is kept in the cloud, also also encrypted as well.
Companies do hide their exact filtering lists, so there would be no way for anyone to examine SuperScout's lists, if the company was still around.
There is no way either the US or British governments could have ever forced SuperScout to decrypt their filter lists, since that list was kept on a secure server in mainland Europe, which would outside either US or UK jurisdiction. So there is no way, if they company still existed that either the US or UK government could force SuperScout to decrypt their list.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re:
It is not necessary to decrypt the lists, since it is not difficult to test and discover that a specific domain is being blocked, and then sue for DRM circumvention.
Those companies are risk averse and would not include any of those domains in their lists.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re: Re: Re:
And given how big a part of the tech industry would be to an independent California, I could see California telling the remaining United States to take long walk off a short pier, and allow companies to sell non-compliant ad blocking or filtering to products to the remaining United States.
If an independent Caliornia refused to cooperate with the reamining USA, there is nothing much that the American could do to enforce its laws in the reamining United States.
[ link to this | view in chronology ]
An independent California would be even more dependent on tech money
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
No one is stupid to leave those simple options open.
[ link to this | view in chronology ]
Dear Admiral
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Now I could go out and find the latest tech out there that avoids the javascript which checks but I have no desire to do that. You see if they don't want to show their content I'm good with that. I don't want them counting my eyeballs as to how much to charge for their ads.
When ever I see the content blocked until adblock is disabled I move on. Their content is not that precious to me. If I really want to know about some topic, all I have to do is search for it. If it is not up at a site that doesn't require hoops to jump through it will be up within a day.
I've avoided many malvertising hits that others got, simply because the ads were blocked. It's a security issue. I never hear any ad company say, "We'll send some one right on over to fix that" nor do I ever hear them say "Here's some software that will fix that". If the hours it takes me to fix my machines is on me, so is the cure.
[ link to this | view in chronology ]
Admiral is using spammer tactics: treat them the same
They also threaten researchers and security investigators who try to figure out what they're doing and furnish Internet users with the tools and data they need to defend themselves from attacks.
The best response to this is to PERMANENTLY blacklist everything they touch. (Quite often spammers will attempt to get domains delisted by transferring their ownership and then having the "new" owners whine about the "incorrect" blacklisting. This is always a scam and it's often carried out poorly. Once a domain has been contaminated by spammers, it should be considered malicious forever.)
So this is what I've done. I've tracked down as many Admiral domains as I can find, and I've put in place measures to detect new ones. I've reported them all as malicious and have been busily filing those reports with every public and every private blacklist I'm aware of...and I know about a couple thousand. (This isn't my first rodeo.)
[ link to this | view in chronology ]
[ link to this | view in chronology ]