Featured Blogs

Latest

On the Time Value of Security Features in DNS

There are some real problems in DNS, related to the general absence of Source Address Validation (SAV) on many networks connected to the Internet. The core of the Internet is aware of destinations but blind to sources. If an attacker on ISP A wants to forge the source IP address of someone at University B when transmitting a packet toward Company C, that packet is likely be delivered complete and intact, including its forged IP source address. Many otherwise sensible people spend a lot of time and airline miles trying to improve this situation... The problems created for the Domain Name System (DNS) by the general lack of SAV are simply hellish. more

Travelogue Broadband Experiences

Throughout this year I have once again travelled extensively through USA, Europe, Asia and Latin America. Naturally, being in this industry I watch closely the various developments in broadband, mobile and WiFi. When you are travelling obtaining access is never far from one's mind. This also provides good opportunities to compare what is available, where, what the quality is, and so on. Looking back over many years there is no doubt that, no matter where you travel, there has been incredible progress. more

Diagnosing Load Test Errors - Where to Start for Holiday Success

Picture this: you just completed hours of internal Web services preparations with your system administrative team prior to the holidays. You discovered possible points of failure and made appropriate modifications with the expectation of a perfect load test. You take a few minutes to relax, refill the coffee mug sitting in front of you, and connect to the conference bridge where real-time discussion about the load test will occur. Things go well for the first 20 minutes of the test... Then it happens: one of the simulated users logs an error stating that it has timed out. more

You Just Signed a Registry Contract With ICANN. What Are Your Plans?

Back on February 4, 2013, I wrote a CircleID post entitled 'How the registrar Cash Flow Model Could Collapse with New ICANN gTLDs.' My key point back then was this: new gTLD applicants need to be mindful of how the cash flow policies of their registry (and of their back-end service provider) could impact whether their TLD is actively promoted by ICANN registrars... registries have historically assumed near-zero risk. This is going to change. more

Plumbing Neutrality

I've been having arguments about Network Neutrality with a lawyer. My position is that you can't adequately regulate ISPs to be neutral, because there's no agreement what "neutral" means in practice. He points out that the courts aren't interested in technical details like what packets are dropped, it's that all traffic has to be treated the same, and ISPs should just figure out how to do that. So I contemplated a city with Plumbing Neutrality with the simple rule that all people must be treated the same... more

Reflections on EUI’s New Community Priority Evaluation Guidelines for New gTLDs

The new Community Priority Evaluation (CPE) guidelines prepared by the Economist Intelligence Unit (EIU), and published by ICANN are now past their feedback period. We, at Radix, believe that ICANN has received feedback from approximately 10 stakeholders, and I for one, am looking forward to those being published. In light of the fact that none of the comments that ICANN received have been made public yet, I decided to blog about my multiple concerns with the new guidelines. Sparing a thought for the not-so-involved reader, I have limited my rant to some of the more important issues. more

More than 85% of Top 500 Most Highly-Trafficked Websites Vulnerable

Over the last 5 years, hacktivists have continued the practice of redirecting well-known domain names to politically motivated websites utilizing tactics such as SQL injection attacks and social engineering schemes to gain access to domain management accounts -- and that, in and of itself, is not surprising. But what IS surprising is the fact that less than 15% of the 500 most highly trafficked domains in the world are utilizing Registry Locking. more

IETF Chair’s Statement On Security, Privacy And Widespread Internet Monitoring

This weekend Jari Arkko, Chair of the Internet Engineering Task Force (IETF), and Stephen Farrell, IETF Security Area Director, published a joint statement on the IETF blog titled: "Security and Pervasive Monitoring"... They go on to outline some of the IETF's general principles around security and privacy as well as some of the new developments. They also point out a vigorous (and still ongoing) discussion within the IETF around how to improve the security of the Internet in light of recent disclosures. more

New gTLDs: The Registry Lock

Last week, The New York Times website domain was hacked by "the Syrian Electronic Army". Other famous websites faced the same attack in 2012 by the Hacker group "UGNazi" and, in 2011 by Turkish hackers. Basically, it seems that no Registrar on the Internet is safe from attack, but the launching of new gTLDs can offer new ways to mitigate these attacks. more

In Broadband, China Is Definitely the Middle Kingdom - 270M In 2015

With a goal of 270M fixed broadband lines in 2015 and near-universal service by 2020, the new "Broadband China" strategy is extraordinary. OFweek, a valuable site in Chinese, breaks the plan into three phases. The first is a full speed stage, ending in 2013, that deploys basic broadband and 3G widely. The second stage, 2014-2015, is dedicated to a further takeup and wider deployment. That will include 400,000+ LTE cell sites. more

Time for Outrage! (continued)

When the scale of global surveillance carried out by the NSA (USA) and by the GCHQ (UK) was exposed by Edward Snowden through The Guardian, people around the world were shocked to discover how two established democracies routinely resort to methods that they have long deplored -- and rightly so -- in dictatorships, theocracies and other single-party arrangements. In a previous article, I lamented the fact that by carrying out this surveillance on an unprecedented scale, the US and the UK are, in fact, converging with the very regimes they criticize. more

OIAC Report: Views on Economic Impacts of Open Internet, Mobile Ecosystems, Specialized Services

Having been a member of the Committee for this past year, I'm pleased to share that the US Federal Communications Commission (FCC) "Open Internet Advisory Committee" has published its first annual report... The report is weighty - 98pp if you kill trees to print it. The OIAC was established as part of the US FCC Open Internet activity and Open Internet Report and Order from 2010. The FCC appointed expert committee members from a broad range of commercial, academic, and not-for-profit organizations. more

Examples of Where ICANN Can Be More Accountable

During the "GNSO Discussion with the CEO" at the recent ICANN meeting in Durban, I stated that ICANN talks a lot about the importance of supporting the public interest, but in reality the organization's first priority is protecting itself and therefore it avoids accountability and works very hard at transferring risks to others. In response to my comments, ICANN CEO Fadi ChehadĂ© asked me to provide him examples of where ICANN can be more accountable. Copied below is my response letter to ChehadĂ©, which provides seven examples. more

DNS Amplification Attacks: Out of Sight, Out of Mind? (Part 2)

This post follows an earlier post about DNS amplification attacks being observed around the world. DNS Amplification Attacks are occurring regularly and even though they aren't generating headlines targets have to deal with floods of traffic and ISP infrastructure is needlessly stressed -- load balancers fail, network links get saturated, and servers get overloaded. And far more intense attacks can be launched at any time. more

Web Performance: Real vs. Virtual Browsers

Real browsers vs. virtual browsers. It's a hot topic among Web performance testing providers and customers. Which is the better choice? Well, it depends. They're not intended for use under the same circumstances and requirements, so you aren't comparing apples to apples, instead, you are comparing apples to grapples. more

Topics

Cybersecurity

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

DNS

Sponsored byDNIB.com

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days

Most Viewed – Last 30 Days