In my comments on the draft Cross-Community Working Group (CWG) on Naming Related Functions proposal for the IANA transition, I expressed my overall support, albeit somewhat reserved, for the proposal... but with the ICG's deadline of January 15 having come and gone, and the informal deadline of January 31 looming for the revised proposal from the Names community to be submitted, I'd like to shed some light on what I believe the role and reasoning for some of the mechanisms identified by the CWG, specifically the Contract Co., to be. more
As I was entering in data for the weekly DNSSEC Deployment Maps, I was struck by the fact that we are now at the point where 617 of the 795 top-level domains (TLDs) are now signed with DNSSEC. You can see this easily at Rick Lamb's DNSSEC statistics site...Now, granted, most of that amazing growth in the chart is because all of the "new generic TLDs" (newgTLDs) are required to be signed with DNSSEC, but we are still seeing solid growth around the world. more
Today we continue with part 2 of the 10 part series on IPv6 Security Myths by debunking one of the myths I overhear people propagating out loud far too much: That you don't need to worry about security because IPv6 has it built into the protocol. In this post, we'll explore several of the reasons that this is in fact a myth and look at some harsh realities surrounding IPv6 security. more
In Ripley Scott's classic 1982 science fiction film Blade Runner, replicant Roy Batty (portrayed by Rutger Hauer) delivers this soliloquy... "I've...seen things you people wouldn't believe... Attack ships on fire off the shoulder of Orion. I watched C-beams glitter in the dark near the Tannhäuser Gate. All those... moments... will be lost in time, like (cough) tears... in... rain. Time... to die." more
The bring-your-own-device (BYOD) trend continues to make corporate inroads. According to Security Intelligence, more than 60 percent of enterprises now allow or "tolerate" employee mobile device use in the workplace. But companies still have significant security concerns, especially when it comes to the specter of lost data. Here are seven tips to boost BYOD security in 2015. more
Hundreds of individuals from across the Internet community have spent countless hours over the last several months crafting plans for the transition of the stewardship of the IANA functions from NTIA to the global multistakeholder community. The fruits of that labor have become highly evident within the past weeks, as two out of three components of the transition plan obtained the consensus of their communities while the third continued its intensive progress. more
Your company can't ignore cloud computing: Some kind of distributed-access model is now necessary to tap global markets, manage big data and get access to best-in-class software. But with increased cloud adoption comes the issue of management, since it's no longer enough to simply spin up a cloud and hope for the best. Here are five of the top cloud management trends to watch this year -- and the risks of opting out. more
Cyber security was a hot topic in 2014. It seemed not a week went by without details of a high profile data breach hitting the headlines. To recap, the Sony breach was one of the most notable, as was the Home Depot hack, while details of widespread security vulnerabilities such as Heartbleed, Shellshock and Poodle were also revealed. But what will 2015 bring? Will it be more of the same, or have cyber criminals got some new tricks up their sleeves? more
Now that IPv6 is being actively deployed around the world, security is more and more a growing concern. Unfortunately, there are still a large number of myths that plague the IPv6 security world. These are things that people state as fact but simply aren't true. While traveling the world, talking to the people who've already deployed IPv6, I've identified what I believe are the ten most common IPv6 security myths. more
As I read through multiple postings covering the proposed Computer Fraud and Misuse Act, such as the ever-insightful writing of Rob Graham in his Obama's War on Hackers or the EFF's analysis, and the deluge of Facebook discussion threads where dozens of my security-minded friends shriek at the damage passing such an act would bring to our industry, I can't but help myself think that surely it's an early April Fools joke. more
The internet has become almost part of our daily involvement and reality is that it affects every facet of our modern lives. We are increasingly becoming dependent on the Internet, for which reason its availability, functionality, safety, stability and security are now of great and continuing concern to all of us and most importantly to US Congress, who so far has maintained stewardship over these key functions. more
You might expect that the IT department or security team knows who's sending email using your company's domains. But for a variety of reasons these groups are often unaware of many legitimate senders -- not to mention all the bad actors. Fortunately you can get a more complete view by using DMARC's reporting features. How does it happen? Product teams managing a new product launch or customer survey hire marketing consultants and Email Service Providers (ESP)... more
New gTLDs can be an efficient way to immediately propel a registrant's online relevance and profitability. Registrants are the companies, organizations and individuals who seek to better utilize the Internet to reach their goals. Marketing Professionals acting on their behalf should understand that protection mechanisms for new gTLDs have been created by ICANN. New gTLDs are powerful and inexpensive marketing tools that have improved measures of online stability and security... more
The White House has announced a new proposal to fix cybersecurity. Unfortunately, the positive effects will be minor at best; the real issue is not addressed. This is a serious missed opportunity by the Obama adminstration; it will expend a lot of political capital, to no real effect... The proposals focus on two things: improvements to the Computer Fraud and Abuse Act and provisions intended to encourage information sharing. At most, these will help at the margins; they'll do little to fix the underlying problems. more
I have often remarked that any fool can run a DNS-Based Blacklist (DNSBL) and many fools do so. Since approximately nobody uses the incompetently run black lists, they don't matter. Unfortunately, using a DNSBL requires equally little expertise, which becomes a problem when an operator wants to shut down a list. When someone sets up a mail server (which we'll call an MTA for Mail Transfer Agent), one of the tasks is to configure the anti-spam features, which invariably involves using DNSBLs. more
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byCSC