For the last couple of years, the most common attack vector against the DNS system is the attack against the registrar. Either the attack is on the software itself using weaknesses in the code that could inject DNS changes into the TLD registry, or social engineering the registrar support systems and the attacker receives credentials that in turn allows the attacker to perform malicious changes in DNS. DNSSEC is the common security mechanism that protects the DNS protocol, but by using the registrar attack, any changes will result in a proper working DNS delegation. more
News flash: to help fight California's drought, Samsung is offering a $100,000 prize to the innovator who creates "the most effective use of IoT and ARTIK [Samsung's IoT platform] technology for reducing water consumption by individuals or municipalities." When the average reader of this news headline needs no explanation of what "IoT" means or what this contest is about, we know IoT, or the Internet of Things, is for real. There are already an estimated 25 billion connected devices around the world, according to expert estimates. more
Recently, there has been a lot of noise about China tightening control of the new top-level domains and how it could severely damper domain name registrations in China and one should make preparation for the worst. Initially, I tried to stay out of this as I know all the players behind this. But given that at least 3 people have emailed me asking what's going on, I decided to clear the air here. more
It is not often I go out to my driveway to pick up the Washington Post -- yes, I still enjoy reading a real physical paper, perhaps a sign of age -- and the headline is NOT about how the (insert DC sports team here) lost last night but is instead is about an IT technology. That technology is the Border Gateway Protocol (BGP), a major Internet protocol that has been around for more than a quarter century, before the Internet was commercialized and before most people even knew what the Internet was. more
As many people have heard, there's been a security problem at the Internal Revenue Service. Some stories have used the word hack; other people, though, have complained that nothing was hacked, that the only problem was unauthorized access to taxpayer data but via authorized, intentionally built channels. The problem with this analysis is that it's looking at security from far too narrow a perspective... more
Forgive me if you can, but I am about to say something blindingly obvious. The arrests made by the US Government and Swiss authorities of senior FIFA officials should remind us of a deep truth. Organizations must be accountable: to members, to users, to superiors, to markets, to someone who can say "stop what you are doing and amend your ways". When we consider the transfer of authority from the USG over the IANA function, let us keep in mind... more
Would you like to learn more about what the WSIS+10 Review process is all about? How can you participate in the process if you are not with a government? What is "WSIS" all about anyway -- and why should you care? Those questions and more will be part of a luncheon briefing on Thursday, May 28, 2015, from 13:15 - 14:45 Central European Time (UTC+2). more
The new Anti-Phishing Working Group (APWG) Global Phishing Survey has just been released. Written by myself and Rod Rasmussen of IID, the report is the "who, what, where, when, and why" look at phishing, examining the second half of 2014. The report has many findings, but here I'll concentrate on the new gTLDs. The second half of 2014 was when an appreciable number of new gTLDs entered general availability and started to gain market share. more
Last week, the CEO of ICANN, Fadi Chehadé, announced his intention to leave his position in March 2016, after almost four years as head of the organization. He plans to take a position in private industry, outside of the domain name space. Although the impact to the business community is unclear at this point, Chehadé's departure throws a spotlight on how important ICANN leadership can be in ensuring that business and brand interests maintain their voice in the Internet governance sphere. more
The second-round new gTLD applicants have a tool they don't even know about: "crowdinvesting." That's when a venture sidesteps banks and venture capitalists and instead raises money by selling shares directly to the public. Usually this is done over the Internet, and often enough the investors can hope for a financial return that's far better than what banks and stocks offer. more
Benjamin Franklin once said, "By failing to prepare, you are preparing to fail." As we consider how Internet domain and address registration data is managed and accessed in a post-WHOIS era, and given the long history of failure in addressing the shortcomings of WHOIS, it is extremely important to start preparing now for the eventual replacement of WHOIS. This is the fundamental purpose of the next Registration Operations Workshop (ROW) that is scheduled for Sunday, July 19, 2015, in Prague, Czech Republic. more
According to Reuters, Barclays has plead guilty to trying to manipulate foreign exchange rates, and has agreed to pay substantial fines, along with other major banks. Barclays is also the operator of the .Barclays new top-level domain name. This is not a case where it's a single rogue employee or officer has been found guilty of a financial crime. Here, it is the entire bank (and registry operator) that has plead guilty. more
Last week, Columbia University's School of International and Public Affairs (SIPA), in collaboration with the Global Commission on Internet Governance (GCIG), hosted a conference on Internet governance and cybersecurity. The conference gathered a variety of experts to discuss issues pertaining to Internet governance, human rights, data protection and privacy, digital trade, innovation and security. more
After talking to a few new gTLD applicants who participated in "Round One" of the ICANN new gTLD program, here is a list of complaints and questions I received, and probably a few things potential candidates should pay attention to prior to submitting an application... Applying is too expensive, I want my TLD for $200,000 "all included" (ICANN fee + consultancy services to fill in my application) more
For people attending The Internet and Television Exchange (INTX), the redubbed Cable Show for 2015, enabling technologies are as important as always, but the transformation of business models in the video delivery industry has certainly cast a huge grip on an industry caught in the middle of a seismic change -- driven by ever-increasing broadband speeds, mobile access to content, and yes, disruptive Over-The-Top (OTT) offerings. more
Sponsored byDNIB.com
Sponsored byWhoisXML API
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byVerisign
Sponsored byCSC
Sponsored byRadix