Featured Blogs

Latest

The Importance of IP Resource Planning in Government ICT Strategic Plans

It seems everywhere I turn, there's someone throwing around statistics for how the Internet and broadband will drive economic growth, create jobs, end world hunger and bring world peace (ok, maybe not the later). Sure enough, government officials are buying into that rhetoric and extending it in initiatives like national broadband strategies, cybercrime and cybersecurity plans as well as e-governance strategies. more

Doing Crypto

The recent discovery of the goto fail and heartbleed bugs has prompted some public discussion on a very important topic: what advice should cryptologists give to implementors who need to use crypto? What should they do? There are three parts to the answer: don't invent things; use ordinary care; and take special care around crypto code. more

European Data Protection Supervisor Smacks ICANN Over Privacy Issues With 2013 RAA

ICANN has been sent a letter by the European Data Protection Supervisor calling them out with respect to both data collection, retention and privacy within the context of the 2013 Registrar contract (RAA). The letter is the first instance of one, to my knowledge, which makes reference to the ECJ's recent ruling that rendered the data retention directive null and void. more

Verisign’s Preliminary Comments on ICANN’s Name Collisions Phase One Report

Verisign posted preliminary public comments on the "Mitigating the Risk of DNS Namespace Collisions" Phase One Report released by ICANN earlier this month. JAS Global Advisors, authors of the report contracted by ICANN, have done solid work putting together a set of recommendations to address the name collisions problem, which is not an easy one, given the uncertainty for how installed systems actually interact with the global DNS. However, there is still much work to be done. I have outlined the four main observations... more

Blocking Amplification Attacks: Sometimes the Incentives Work Against You

Since the end of last year, amplification attacks have been increasingly used by attackers and received heavy media coverage. Everyday protocols not given much thought before, like Network Time Protocol (NTP), can be asked in a very short remote command to send a very large response (list of 600 clients last connected to the NTP server) to a spoofed IP address (the target) by the requestor/attacker. more

Applicant Auction Announces Suggested Schedule for 8 Future Private gTLD Auctions

The Applicant Auction team is getting an increasing number of requests from applicants who are scheduled for ICANN's Last Resort auction and would prefer to participate in the Applicant Auction instead. A common question is: What is my last chance to participate in an Applicant Auction? To be able to give a clear answer for this, we are suggesting a schedule for future Applicant Auctions. more

Open Source Software Is the Worst Kind Except for All of the Others

Heartbleed, for anyone who doesn't read the papers, is a serious bug in the popular OpenSSL security library. Its effects are particularly bad, because OpenSSL is so popular, used to implement the secure bit of https: secure web sites on many of the most popular web servers such as apache, nginx, and lighttpd. A few people have suggested that the problem is that OpenSSL is open source, and code this important should be left to trained professionals. They're wrong. more

NTAG Chair Blog: A Better Auction Framework

New gTLD Applicants now have a more fair and reasonable ICANN auction framework. A collaborative negotiation between the New TLD Applicant Group (NTAG) Auctions Working Group and ICANN Staff resulted in changes that improve the auction rules and bidder agreement. The indemnification and waivers in the agreement are now aligned with breaches that applicants can control. Applicants also now have an indemnification from Power Auction for third party claims related to IP infringement. more

Small Computers Will Connect Everything

Size and cost have always been restraining factors to the utilization of computers. The first computers occupied whole rooms. When personal computers arrived, they were still rather bulky. Today, we have slim ultrabooks and compact small form factor PCs. Computers are not only getting smaller in this age, they're also becoming cheaper. And single-board computers like the Raspberry Pi are taking cost and size down a step further. These units bring compact and affordable processing to the masses. more

Heartbleed: Don’t Panic

There's been a lot of ink and pixels spilled of late over the Heartbleed bug. Yes, it's serious. Yes, it potentially affects almost everyone. Yes, there are some precautions you should take. But there's good news, too: for many people, it's a non-event. Heartbleed allows an attacker to recover a random memory area from a web or email server running certain versions of OpenSSL. The question is what's in that memory. It may be nothing, or it may contain user passwords (this has reportedly been seen on Yahoo's mail service), cryptographic keys, etc. more

Wrap-up: ICANN 49 Singapore

Given the "going live" of New gTLDs as well as the NTIA's announcement of its intent to transition Internet domain name functions to a multi-stakeholder environment, the 49th ICANN meeting in Singapore was sure to be a busy one. Here's a breakdown of some of the key happenings during the week. more

A Bad Year for Phishing

Here at the Anti-Phishing Working Group meeting in Hong Kong, we've just released the latest APWG Global Phishing Survey. Produced by myself and my research partner Rod Rasmussen of Internet Identity, it's an in-depth look at the global phishing problem in the second half of 2013. Overall, the picture isn't pretty. There were at least 115,565 unique phishing attacks worldwide during the period. This is one of the highest semi-annual totals we've observed since we began our studies in 2007. more

Yahoo Addresses a Security Problem by Breaking Every Mailing List in the World

DMARC is what one might call an emerging e-mail security scheme. It's emerging pretty fast, since many of the largest mail systems in the world have already implemented it, including Gmail, Hotmail/MSN/Outlook, Comcast, and Yahoo. DMARC lets a domain owner make assertions about mail that has their domain in the address on the 'From:' line. It lets the owner assert that mail will have a DKIM signature with the same domain, or an envelope return (bounce) address in the same domain that will pass SPF validation. more

Who Are the Major New gTLD Applicants and… (Part Six: Starting Dot)

Starting Dot ("SD") is a French new gTLD applicant which applied for five strings: .ARCHI, .BIO, .DESIGN, (which has been withdrawn) .IMMO and .SKI. It is the only French applicant to have applied for several open new gTLDs. Some French brands have applied too but as closed Top-Level Domains... While Starting Dot may be one of the smaller portfolio applicants, there is a considerable difference here in the way their projects are handled when compared to some of the larger applicants. more

Interconnection Disputes Are Network Neutrality Issues (of Netflix, Comcast, and the FCC)

A lot of people have been talking about the "interconnection" deal between Comcast and Netflix and whether that deal is related to network neutrality. (It is.) This question comes partly because the FCC's 2010 Open Internet Order (also known as the network neutrality order) was recently struck down. So network neutrality lands back at the FCC, with a new Open Internet proceeding, at the same time Netflix starts working so poorly on Comcast that Netflix had to cut a special deal with Comcast. more

Topics

Cybersecurity

Sponsored byVerisign

Brand Protection

Sponsored byCSC

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

Domain Names

Sponsored byVerisign

DNS

Sponsored byDNIB.com

New TLDs

Sponsored byRadix

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days

Most Viewed – Last 30 Days