When it comes to building a robust globe-spanning network of crimeware and making the victims dance to a tune of the cyber-criminals' choosing, you're guaranteed to find domain name abuse at the heart of the operation. DNS provides the critical flexibility and underlying scalability of modern command-and-control (C&C) infrastructure. Cyber-criminals that master DNS (and manage to maintain the stream of new domain registrations that keep it fed) tend to find themselves in command of the largest and most profitable crimeware networks. more
I once wrote about about the legal right objections on Guillon.info and with all these new generic Top-Level Domain (gTLD) announcements, I find it interesting to check if an application could be blocked by paragraph 3.2.2.2 of the latest Draft Applicant Guidebook. more
The most notable thing about the EC Papers on ICANN, which were leaked by Kieren McCarthy last week, is that they are designed to completely subordinate ICANN as an institution. We have not seen such a comprehensive attack by a government on ICANN since the World Summit on the Information Society. One can infer that this is payback for the Board's decision to not treat the EC's views, expressed in its Governmental Advisory Committee (GAC), as binding instructions rather than as nonbinding advice. more
In previous installments we've been looking at aspects of the design of the DNS. Today we look at the relationship of similar names in the DNS. A poorly appreciated aspect of the DNS is that there is no inherent relationship between similar looking names. more
The leaked release of the European Commission's working papers on the future of Top Level Domains highlights the impending collision between adherents of the present "multistakeholder" ICANN governance model, and an ever longer list of national governments who challenge that model. At the core of the controversy is the question of how ICANN can claim legitimacy in the DNS world when none of its Directors or Officers are elected. Even worse, its only answer, when challenged legally, is that it is responsive to its contract with an agency of the U.S. Government... more
In the five previous exciting installments, we've been looking at aspects of the design of the DNS. Today we look at records types, and how you can tell what a DNS record means. All the records in the DNS are strongly typed. Each record includes an RRTYPE, a small number, which defines both the format of the record and what the record means. It is possible and common to have different record types with the same format, but different meanings. more
In an age where the world has gone global in many forms and guises, the political attention is more and more focussed on national, populist issues, that arise from fear for the unknown. I can't deny it: the future undoubtedly contains many uncertainties. This usually comes with a general public that's afraid and in fear of things they cannot oversee. Thus it is easily aroused by a populist leader who feeds on this fear and throws flammable material on the already smouldering fire. In a time where leadership is called for, it seems lacking. The Internet governance discussion demands visionary leadership on a cross border level and it needs it soon. more
Interesting developments in the USA, Australia and New Zealand are giving some insight into the future direction of the mobile industry. In May BuddeComm reported proposed merger between AT&T and T-Mobile as a major threat to competition in the USA. This was viewed as a very obvious issue, and that under normal circumstances such a deal would be rejected by the FCC. But circumstances are no longer normal... more
The lawsuit between e360 and Spamhaus was a long-running, tortured affair, and it looks like it finally came to a close. With e360 being awarded a whopping $3 in damages against Spamhaus. ... e360 sued Spamhaus, a UK entity, for damages allegedly resulting from being identified as a "known spammer." It sued Spamhaus for tortious interference and defamation. Spamhaus removed to federal court and asserted lack of personal jurisdiction. more
Deciding how and when to launch a new generic Top-Level Domain (gTLD) or brand Top-Level Domain (TLD) is not unlike deciding to conduct a worldwide tour to key destinations to help boost your marketing efforts. You want to decide what results you expect, who you'll target and what messages you want to send them, as well as study your options and understand them clearly. Only after you've done that do you book your travel plans. more
In the previous four installments, we've been looking at aspects of the design of the DNS. Today we look at the amount of data one can ask the DNS to store and to serve to clients. Most DNS queries are made via UDP, a single packet for query and a single packet for the response, with the packet size traditionally limited to 512 bytes. This limits the payload of the returned records in a response packet to about 400 bytes... more
According to the 10/10 rule, it takes about a decade to take a product from initial idea to having a standard developed, and then another decade to reach mass market adoption. How can that second decade be reduced in the case of Internationalized Domain Names and their adoption by Internet users? The most effective way to speed up IDN mainstream adoption is learning from history. more
The majority of network breaches begin and end with the installation of malware upon a vulnerable device. For the rest, once that initial malware beachhead has been achieved, the story is only just beginning. The breach disclosures that make the news are often confusing as they're frequently compiled from third-hand reports, opinions and technical assumptions. More often than not, they include a discussion about the malware - how advanced it was, etc. - and whether any 0-day vulnerabilities were likely used by the mysterious attacker. more
The international press is alight with reports of various countries considering privacy and anti-spam legislation. It appears that many countries have arrived at the logical conclusion that after years of supposed 'self regulation'; some marketers must be brought to heel by way of regulation and law, to stop abusive practices. more
The Domain Name System Security Extensions (DNSSEC) is a suite of IETF-developed specifications designed to validate information provided by the Domain Name System (DNS). ... When the root zone was signed in June 2010, this acted as a catalyst for TLD operators to deploy DNSSEC on their side. We have seen a gradual but significant increase in signed TLDs since then. The map in this post shows the level of DNSSEC deployment in Europe. more
Sponsored byWhoisXML API
Sponsored byCSC
Sponsored byRadix
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byVerisign
Sponsored byDNIB.com