As unusual as it may be for a lawyer to speak at a IETF meeting, Ian Walden gave a lecture on Data Protection Directives and updates thereof. He said they affect some 90 jurisdictions. A difference between email addresses and cookies - the latter are the main subject of the January 2012 update of the directives - is that after more than a decade of enforcement, specific browser extensions may allow users to browse what cookies they have, while no record states whom they conferred their email addresses to. more
It is great to see US and European governments undertake initiatives to promote the development of research into Big Data utilizing commercial clouds. Many cloud providers are offering free resources to support these initiatives. R&E networks will play a critical role in linking researchers to the commercial clouds and developing collaboration platforms and portals. more
The King is dead. Long live the King! Or, given this week's events, should the phrase now be "Kelihos is dead. Long live Kelihos"? It is with a little amusement and a lot of cynicism that I've been watching the kerfuffle relating to the latest attempt to take down the Kelihos botnet. You may remember that a similar event ("Kelihos is dead") occurred late last year after Microsoft and Kaspersky took it on themselves to shut down the botnet known as Kelihos (or sometimes as Waledac 2.0 or Hlux). more
China continues to add broadband subscribers at a rate of about 30M per year. MIIT puts the January growth at 2.5M to a total of 152.5M. Of those, about 1.5M were DSL. They don't release fiber counts, but Jeff Heynen of Infonetics is reporting tens of millions of lines of fiber gear are in the pipeline. China has been consistently at 2-3M net adds per month. Two key policy moves are likely to maintain or even increase the growth rate. more
There was a period of time not long ago in which signature-based threat detection was cutting-edge. Antivirus, intrusion detection systems (IDS), data leakage prevention (DLP), content filtering and even anomaly detection systems (ADS) all continue to rely heavily upon static signatures. In recent years vendors have shied away from discussing their dependence on such signatures -- instead extolling supplemental "non-signature-based" detection technologies. more
In our continuing review of Rogue Registrars we have stumbled upon on a very elaborate fake banking site for "Swiss Bank" or "Bank of Switzerland". To the casual Internet consumer this site probably appears legitimate, but a number of clues tip off the fraud. Phishing sites are everywhere so this does not immediately raise eyebrows until you review the Thick WHOIS record for the domain. more
One fine night in November 2011 I got an opportunity to get my hands dirty, working on a project for the United States Federal Bureau of Investigation (FBI). They were planning to seize a bunch of computing assets in New York City that were being used as part of a criminal empire that we called "DNS Changer" since that was the name of the software this gang used to infect a half million or so computers. more
The explosion in mobile communications in the developing world has created social and economic changes that have exceeded all expectations and predictions -- even those made as recently as five years ago. There are still countries lagging behind, but now is the time to move on to the next stage -- and that means broadband. Already the developed world is showing an enormous appetite for mobile broadband, so the demand is most certainly there. The rapid development of low cost Smartphone, projected to approach $50 soon... more
No, that title is not a typo. The WHOIS service and the underlying protocol are a relic of another Internet age and need to be replaced. At the recent ICANN 43 conference in Costa Rica, WHOIS was on just about every meeting agenda because of two reasons. First, the Security and Stability Advisory Committee put out SAC 051 which called for a replacement WHOIS protocol and at ICANN 43, there was a panel discussion on such a replacement. The second reason was the draft report from the WHOIS Policy Review Team. more
Pinning down the number of infected computers is really, really hard. I'd go as far as saying it's practically impossible to calculate, let alone observe. Still, that's not going to stop people from attempting to guess or extrapolate from their own observations. Over the years I've heard "reliable" numbers ranging from 10% through to 60% -- and I don't trust any of them. There's a whole gaggle of reasons why the numbers being thrown out to the public are inaccurate and should ideally be interpreted with a lot of skepticism by any right-minded folks. more
Over the weekend and this morning, Microsoft, working in conjunction with others, issued civil lawsuits to sinkhole numerous domains associated with the Zeus botnet. When I say "botnet", I use the term loosely because Zeus is not a botnet in the sense that Rustock or Waledac is (or was). Rather, Zeus is a tool kit that online criminals can buy that lets them create phishing pages, perform fast fluxing, host drive-by downloads in addition to spamming. It's more like infrastructure than a botnet, although it does have a large botnet under its control. more
I strongly believe there is a serious "breach" in the Applicant Guidebook: I checked the scoring, I checked the possible objections, I am aware of the Governmental Advisory Committee (GAC) early warning but I really could not find how ICANN is going to avoid Community applications to be submitted as Standard ones. The role of ICANN is to offer a solution to launching new generic Top-Level Domains, it is no party in saying whether a new gTLD is a Community or not. more
People are increasingly becoming aware of the emerging 'internet monopoly'. Companies such as Google, Facebook, Twitter and many the other (local) social network and media sites are becoming so large and powerful that they can dictate the use of their services in such a way that people lose control over their own information and their participation in these networks. ... These digital media developments certainly did happen, but they are not founded on the 'permission-based' principles that we advocated during all those years. more
ICANN's policy on the special protection of the Red Cross and the International Olympic Committee (IOC) names has triggered a very lively discussion including contributions by Konstantinos Komatis, Milton Muller, Wolfgang Kleinwächter, and myself (with Avri Doria's reply). There is an agreement that the exceptions are dangerous for ICANN's gTLD policy process which is in a formative and delicate phase. more
ICANN 43 in Costa Rica was in the heart of IPv6 implementation with everybody touching on how much it was needed as part of the internet ecosystem to fully utilize the ICANN expansion of the new gTLD namespace from 21 to the maximum number that will manage to get delegated at the beginning of 2013. more
Sponsored byRadix
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byWhoisXML API
A World-Renowned Source for Internet Developments. Serving Since 2002.