In its security bulletin, Akamai's Security Intelligence Response Team (SIRT) reported on abuse of DNS Security Extensions (DNSSEC) when mounting a volumetric reflection-amplification attack. This is not news, but I'll use this opportunity to talk a bit about whether there is a trade-off between the increased security provided by DNSSEC and increased size of DNS responses that can be leveraged by the attackers. more
It's a story told a thousand times: founder of a company ousted by investors. It's a story so common you can find it any day of the week as a minor headline in a tech blog. Not much of a story at all really, until it happened to me. Minds + Machines, the company I founded in 2009, informed me last week that I was no longer wanted as CEO. Without going into details, which I can't, there were differences and disagreements. Still, it was a surprise. All the plans, the hopes -- pfhhht! into thin air. It sucked. Now what? more
ICANN's current CEO Fadi Chehadé is leaving the organisation in a few weeks time. His replacement has been announced and the upcoming public meeting in Marrakech, Morrocco, will be Chehadé's final public engagement as ICANN CEO. A couple of days ago Chehadé sent the ICANN board a letter entitled "Summary of My Tenure". While the letter may have been addressed to the board, it was published on the ICANN website immediately. more
The world has changed significantly since 2000, when the countries of the world adopted the United Nations Millennium Development Goals (MDGs). While strong economic growth in the developing world has helped lift millions out of poverty, global population growth, modern lifestyles and consumption are now stretching the limits of the planet's resources. During this time, technological advances in information and communication technologies (ICT) have radically transformed the way people communicate and lead their lives; now ICT can play a vital, transformative role in helping to put the world on a more sustainable path. more
How can we make the Internet of Things (IoT) more interoperable? How can we help ensure that when you buy a light bulb from one IoT vendor it will work with the light bulb from another IoT vendor? How can we avoid getting to a place where we have to use many different apps to control all the different devices in our homes? As we said in the Internet Society's IoT Overview: Understanding the Issues and Challenges of a More Connected World, "a fragmented environment of proprietary IoT technical implementations will inhibit value for users and industry. more
Think your organization is exempt from in-house network abuse? Think again. A CFCA Global Fraud Survey of communication service providers found that dealer fraud was one of the top five methods of fraud, costing $US 3.35 billion annually. In this scenario, customer service representatives (CSRs) or administrators with access to account information may upgrade friends or family to a premium service package or even provide free access to services. more
As promised, 2016 is off to a busy start at ICANN, with important discussions about Whois/Registration Directory Services, subsequent rounds of the New gTLD Program and internet governance already underway, and more to come. Brand owner concerns will be front and center in the coming months, as community stakeholders set priorities and begin discussions of key challenges and desired results. more
Every year, Verisign iDefense Security Intelligence Services produces its Cyberthreats and Trends Report, which provides an overview of the key cybersecurity trends of the previous year and insight into how Verisign believes those trends will evolve. This report is designed to assist in informing cybersecurity and business operations teams of the critical cyberthreats and trends impacting their enterprises, helping them to anticipate key developments and more effectively triage attacks and allocate their limited resources. more
I have some bad news: the published literature on 'net neutrality' fails to grasp the stochastic nature of broadband and its implications. This means that the relationship of traffic management to QoE is universally misunderstood and/or misrepresented. As a result the whole policy process is being placed into opposition with nature! Nature isn't changing to accommodate the policy process. So the policy process has to change. more
Encryption is a way to keep private information private in the digital world. But there are government actors, particularly here in the US, that want access to our private data. The NSA has been snooping our data for years. Backdoors have been snuck into router encryption code to make it easier to break. Today at M3AAWG we had a keynote from Kim Zetter, talking about Stuxnet and how it spread well outside the control of the people who created it. more
I was fascinated to read today that over $1 billion (USD) in payments were made on Venmo in January 2016. What is Venmo, you might ask? Essentially it is a mobile app (on both iOS and Android) that provides an easy payment system, in many ways like a "digital wallet" where you can securely reach in and pull out some cash to give to someone... more
Over the last couple of years, the networking industry has grown aware of the various security issues that could potentially have a huge impact on their operations. One of the topics that has raised in appeal is DNS security. Considering that much of the publicity around DNS is made by vendors trying to differentiate their solutions, there are many misconceptions out there that guide people into making poor investment in their infrastructure. more
An increasing number of domain name disputes are being conducted in languages other than English, a trend that presents a new challenge for some trademark owners. In 2015, 85.77% of all domain names disputes at the World Intellectual Property Organization (WIPO) were conducted in English - down from an all-time average of 88.01% and a record high (in 2000) of 99.84% (disregarding 1999, the first year of the UDRP, because only one case was filed - in English -- that year). more
On 8th February, 2015, Internet users celebrated news that the Telecom Regulatory Authority of India had passed regulation prohibiting ISPs from discriminating access to data services based on content". This directive follows similar developments in the U.S, E.U, Chile et al, and is a huge milestone in the fight for Net Neutrality: the principle that ISPs should treat all Internet traffic the same way. Meanwhile, Net Neutrality issues are not unique to India. more
On Tuesday, Twitter announced the creation of the Trust and Safety Council, a body comprising 40 organisations and individuals from civil society and academia, tasked with "ensur[ing] that people feel safe expressing themselves on Twitter". The move is clearly a response to specific criticism of Twitter and its perceived inadequacies in dealing with hate speech?-- a theme so popular and well-trodden that it recently spawned a parody account. more
Sponsored byVerisign
Sponsored byCSC
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byWhoisXML API
Sponsored byRadix
Sponsored byDNIB.com