A recent case1 from a federal court in Kentucky shows why the Anticybersquatting Consumer Protection Act (15 U.S.C. 1125(d) - the "ACPA") can be - when compared to the Uniform Domain Name Dispute Resolution Policy ("UDRP") - a relatively inefficient way of resolving a domain name dispute. Here is a quick rundown of the facts. Defendant owned a business directly competitive to plaintiff ServPro. Plaintiff had used its mark and trade dress since the 1960's... more
I've been at a bit of a loss over the last few days on what to write about, because suddenly newspapers, blogs, and social media are full of stories of how impossible it is for some students to work at home during the COVID-19 shutdowns. I've been writing this topic for years, and there doesn't seem to be a lot I can add right now - because the endless testimonials from students and families struggling with the issue speak louder than anything I can say. more
Since the world went virtual, often by using Zoom, several people have asked me if I use it, and if so, do I use their app or their web interface. If I do use it, isn't this odd, given that I've been doing security and privacy work for more than 30 years, and "everyone" knows that Zoom is a security disaster? To give too short an answer to a very complicated question: I do use it, via both Mac and iOS apps. Some of my reasons are specific to me and may not apply to you... more
In my last blog post about Zoom, I noted that the company says "that critics have misunderstood how they do encryption." New research from Citizen Lab show that not only were the critics correct, Zoom's design shows that they're completely ignorant about encryption. When companies roll their own crypto, I expect it to have flaws. I don't expect those flaws to be errors I'd find unacceptable in an introductory undergraduate class, but that's what happened here. more
The March 19, 2020, guidance from the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) declared what global citizens appreciate more each day as the COVID-19 pandemic crisis unfolds: "Functioning critical infrastructure is imperative during the response to the COVID-19 emergency for both public health and safety as well as community well-being." more
At the start of the year, many responsible for managing domain name portfolios may be considering spring cleaning! Traditionally, such a task consists of a review to check that all domains in the portfolio serve a purpose either from a commercial or defensive perspective. The aim is to ensure budget isn't wasted on domains of little to no value. It's fair to say that for many organizations, this is a difficult process - almost as feared as actually spring cleaning our own homes. more
Zoom - one of the hottest companies on the planet right now, as businesses, schools, and individuals switch to various forms of teleconferencing due to the pandemic - has come in for much criticism due to assorted security and privacy flaws. Some of the problems are real but easily fixable, some are due to a mismatch between what Zoom was intended for and how it's being used now - and some are worrisome. more
As businesses adjust to the "new normal" in the ongoing COVID-19 pandemic, it is important to quickly take stock of where your organization stands on privacy and security risk. Even in these unusual circumstances, organizations of all sizes and sophistication continue to be expected to act with reasonable care and comply with their public commitments and regulatory obligations. Enterprises may be finding different or better ways to operate, collaborate, and service customers. more
Reading up on COVID-19 and Zoom/Boris Johnson outcry yesterday, an analogy struck me between the two: the lack of testing. In both cases, to truly know how safe and secure we are, testing needs to be stepped up considerably. This post focuses on cybersecurity. Over the past days and weeks, more and more organisations have switched to digital products and services to sustain working from home, to keep productivity up and to be connected. more
The Internet's users rely on domain name registration information for vital purposes, including providing security, problem-solving, and legal and social accountability. The data is so important that users perform more than two billion WHOIS queries every day. ICANN has instituted new data policies over the last two years, and is also directing a migration to a new technical protocol, RDAP, that will replace WHOIS access in the near future. So at this critical juncture, how is it all going? more
This is the question being asked all across the industry as the volume of data traffic has leaped upward due to students and employees working from their homes. We got our first glimpse of the impact of the crisis when Verizon announced a week into the crisis that they were seeing a 22% increase in data traffic in their network. More recently, AT&T announced a 27% increase in network traffic. more
I am writing to you as someone who is not your citizen, (although I had the fortune to wed the most beautiful of your daughters), to share my thoughts about the recent US Government Cyber Solarium Commission report. U.S.A. We owe you one! Without you and your citizens there would be no free Internet as we know it. Thank You! Your constitution is our inspiration. We, the global digital citizenship want to be "the people", in order to "secure the Blessings of Liberty to ourselves and our Posterity..." more
OneWeb has filed for Chapter 11 bankruptcy. OneWeb CEO Adrian Steckel stated that they were "close to obtaining financing" but failed as a "consequence of the economic impact of the COVID-19 crisis." That is plausible, but they were also far behind SpaceX Starlink in launch cost and capacity. (SpaceX, remains open as an essential industry working on defense contracts, but two employees have tested positive for COVID-19) and financial analyst Tim Farrar said SpaceX faced a "near-term cash problem" even before the pandemic). more
Trademark owners in the U.S. have a choice in suing for alleged cybersquatting: either the Uniform Domain Name Dispute Resolution Policy (UDRP) or the Anticybersquatting Consumer Protection Act (ACPA). Of the two, the UDRP is far and away the forum of choice for a very good reason: it is speedy, efficient, and inexpensive. Complaint to award can be concluded in less than 45 days. more
Despite a recent Ninth Circuit decision denying immunity to malware detection software for targeting competitor's software, court holds that Section 230 protected Malwarebytes from liability for designating software driver program as potentially unwanted program. Plaintiff provided software that works in real-time in the background of the operating system to optimize processing and locate and install missing and outdated software drivers. more
Sponsored byRadix
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byDNIB.com
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byCSC