There have been many news stories of late about potential attacks on the American electoral system. Which attacks are actually serious? As always, the answer depends on economics. There are two assertions I'll make up front. First, the attacker -- any attacker -- is resource-limited. They may have vast resources, and in particular, they may have more resources than the defenders -- but they're still limited. Why? more
At a recent workshop on cybersecurity at Ditchley House sponsored by the Ditchley Foundation in the U.K., a primary topic of consideration was how to preserve the freedom and openness of the Internet while protecting against the harmful behaviors that have emerged in this global medium. That this is a significant challenge cannot be overstated... That these harmful behaviors can and do cross international boundaries only makes it more difficult to fashion effective responses. more
The two major providers of arbitration services for adjudicating cybersquatting complaints under the Uniform Domain Name Dispute Resolution Policy (UDRP), the World Intellectual Property Organization (WIPO) and Forum, issue daily lists of decisions. In approximately 90% of those disputes, the registrations cannot be described as anything less than mischievous in acquiring second level domains incorporating well-known or famous marks. more
By some estimates, only half of the world's population has internet access, leaving the other half at a sizeable competitive disadvantage. This profound connectivity gap is especially significant in the unserved and underserved areas of developing and least-developed countries. For people who live in these places, Internet connectivity is not just about the Internet. It is a lifeline that gives access to electronic commerce and telehealth services, distance learning, social and political engagement, government services... more
With each passing day, a new public opinion article appears or U.S. government official pronounces how the open internet is abetting some discovered catastrophic effects on our societal institutions. In just one week, the examples include increased information on FSB & GRU attacks on electoral systems and infrastructure, Trump's obliging tactical destruction of societal norms and propagation of the QAnon cult, U.S government agency officials playing "cyber security spin-the-bottle" at press conferences... more
The number of IPv4 transactions and volume of IP addresses flowing to and from organizations in the ARIN region in the last 6 months put 2018 on track to be the most active year in the history of the IPv4 market. Nearly 25 million numbers were transferred in the first half of this year, more than doubling the volume of numbers transferred by this time last year and continuing the level of market activity in the last half of 2017 when just over 28 million numbers were transferred. more
I have written about the problems with the "little green lock" shown by browsers to indicate a web page (or site) is secure. In that article, I consider the problem of freely available certificates, and a hole in the way browsers load pages. In March of 2017, another paper was published documenting another problem with the "green lock" paradigm - the impact of HTTPS interception. more
What is the intrinsic (as opposed to trademark) value of short string domain names? It depends, of course. Rights holders have been willing to challenge domain name registrants even if they have no actionable claim for cybersquatting... UDRP Panels have over the years, and in many cases, affirmed that short strings are "inherently valuable in themselves precisely because they are (a) short and (b) can reflect a wide range of different uses." This does not mean it is open season against rights holders for short strings, but it does mean the facts and proof of cybersquatting must be in proper alignment, and this calls for some sober thinking about the evidentiary demands of the Uniform Domain Name Dispute Resolution Policy (UDRP). more
Veteran domain investor Abner Duarte from PremiumDomains.com.br is featuring a new event called Domaining Americas, to be held in Rio de Janeiro, Brazil, in October 2018. He is puting together a major domain conference for South America. The debut edition of Domaining Americas will be held at the five-star Grand Hyatt Rio De Janiero on Saturday and Sunday, October 6-7, 2018. more
In the rather unique world of public international law for cybersecurity, the treaty provisions of the International Telecommunication Union (ITU) stand alone. They form the multilateral basis for the existence of all communication networks, internets, and services worldwide and have obtained the assent by every nation in the world. They also contain the only meaningful multilateral cybersecurity provisions that have endured over a century and a half through all manner of technological change. more
One way or another we've been working on various aspects of securing the Internet's inter-domain routing system for many years. I recall presentations dating back to the late '90's that point vaguely to using some form of a digital signature on BGP updates that would allow a BGP speaker to assure themselves as to the veracity of a route advertisement. more
A recent study predicts that rising sea level might result in as much as 4,067 miles of fiber conduit being under water and 1,101 nodes (data centers, Internet exchanges, cable landing points, etc.) surrounded by water in U. S. coastal cities in 15 years. Paul Barford, professor of computer science at the University of Wisconsin, and his colleagues have been compiling data on the physical Internet and making it available to the research community at the Internet Atlas Web portal since 2011. more
In the ICANN realm, TechOps stands for Technical and Operations and its goal is to simplify processes, to find solutions, and to advise on technical and operational matters. There are three TechOps groups: The Registry, the Registrar and the joint Registry and Registrar, also known as Contracted Party House (CPH). How did we get there and what exactly are we doing? more
Bitcoin's unreal hype has obscured that it is mostly used to facilitate drug deals, ransomware, tax evasion, and even the occasional murder for hire. After the 60% price drop, demand for bitcoin mining gear has fallen so much TSMC has to lower sales estimates for 2018... Now, Austrian Ambassador in Tehran Stefan Scholz has suggested it could be a powerful boost to the European intent to bypass the U.S. economic blockade. That could provide demand for $billions of bitcoins. more
Sometimes, a government agency will post a PDF that doesn't contain searchable text. Most often, it's a scan of a printout. Why? Don't the NSA, the Department of Justice, etc., know how to convert Word (or whatever) directly to PDF? It turns out that they know more than some of their critics do. The reason? With a piece of paper, you know much more about what you're actually disclosing. more
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byCSC
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byWhoisXML API
Sponsored byVerisign