The other day on Facebook, one of my friends mentioned that today (i.e., that day) was a good day to update his passwords. But he then lamented that some web sites don't allow you to create more than a 12-character password! He was incensed! Well, maybe not incensed but showed contempt for the fact these sites restricted password length. more
Two factor authentication that uses an uncopyable physical device (such as a cellphone or a security token) as a second factor mitigates most of these threats very effectively. Weaker two factor authentication using digital certificates is a little easier to misuse (as the user can share the certificate with others, or have it copied without them noticing) but still a lot better than a password. Security problems solved, then? more
I have been an active participant in the ICANN "grand experiment" from the beginning. An experiment in which a private sector led organization was entrusted by the Internet community and governments to be a trustee of a global public resource. However, at no time during my twelve years of participation in ICANN have I been more concerned about the long term viability of this organization than I do now heading into the Singapore meeting. Failure of the ICANN Board to do the right thing in Singapore will have a profound impact on the future of the private sector led model. more
ICANN has apparently hired Jeff Moss (aka Dark Tangent) as CSO. Moss is a well known figure in the internet security community and was founder of Black Hat and the Def Con conferences. However isn't Moss a bit conflicted? Isn't he on one of the review teams? more
It's been a very bad month for ESPs, companies that handle bulk mailings for their clients. Several of them have had internal security breaches, leaking client information, client mailing lists, or both. Many have also seen clients compromised, with the compromised credentials used to send spam. The sequence of events suggests all the ESPs whose clients were compromised were themselves compromised first. (That's how the crooks knew who to attack.) more
Yesterday morning (26-April-2011), in US Bankruptcy Court for the District of Delaware, Judge Kevin Gross signed an order authorizing Nortel's sale of IPv4 addresses to Microsoft. This is an important moment for the Internet community, as it represents the beginning of a new market-based mechanism for the distribution of scarce IPv4 address resources. As the various Regional Internet Registry (RIR) organizations exhaust their supply, traditional "needs-based" distribution will become impossible. more
To the dismay of many (and the chagrin of some), it appears as though the US House Subcommittee on Intellectual Property, Competition and the Internet will be conducting a hearing on New generic Top-Level Domains (gTLDs). Meanwhile, ICANN is careening towards the finish line of the new gTLD Program with a vote by the ICANN Board scheduled for June 20th. Just what this all means remains to be seen. more
Recently I was asked for my opinion on Google paying France Telecom (FT) to deliver traffic into FT's network, i.e. Google paying to peer with FT. I wasn't aware Google pays FT. I don't even know if it's true. But I do know this is a topic fraught with misunderstandings. Also, if there is a "problem" here, the problem is one of competition (or lack thereof) in portions of the French broadband access market. It is not a problem that can be or should be fixed by "network neutrality" regulations or legislation. more
Three sections of the redlined version of the Draft Evaluation Criteria for new Top-Level Domains (TLDs) caught my attention. It seems ICANN wants to ensure it has information to not only evaluate and score responses, but to conduct a post-launch analysis of the program's success in terms of expanded competition, consumer choice and trust. That additional information means more work by both the applicant and for ICANN. But it's a good move because pre-launch preparation and thought staves off mishaps and misfortunes later. more
There's been a lot of media attention to a report that iPhones track your movements. It's even reached the U.S. Senate. I'm underwhelmed. I think that the threat is overhyped. What is happening is that these devices create a hidden file with your location... more
I must confess, during the past couple of years I have highlighted the VPN-solution Direct Access (DA) from Microsoft as a killer application for IPv6. I still have hope for this solution, but as I now have had the chance to study the UAG/DA-solution more closely and in practical implementation, I must also highlight some issues for Microsoft to handle. My conclusion is that using DA today brings difficulties when it comes to an organization that already has, or wants to, deploy native IPv6 internally. more
The recent tempest in a teacup on ARINs PPML list over the transfer of IP address blocks from Nortel (a company in Chapter 11) to Microsoft has some interesting Internet Governance dimensions that are yet to be discussed. One aspect that has been overlooked amidst all the sound and fury, is the governmental perspective on IP address transfers. more
Okay, so spending my Monday morning printing out and reviewing 348 pages of the "New gTLD Discussion Draft" is not exactly what I had mind when I woke up today, but kudos to ICANN for keeping to the timeline that they had released last month. Since, most of you do not have the time or the patience (and probably have real work to do), I've taken it upon myself to highlight the most important changes in this version. more
Last Friday ICANN released an updated new generic Top-Level Domain (gTLD) Applicant Guidebook that appears to have taken a number of positive steps toward closing the divide between the ICANN Board and the Governmental Advisory Committee (GAC). One of the more important changes to the Applicant Guidebook was the following text... more
Exponential growth of networks combined with the complexity introduced by IT initiatives e.g. VoIP, Cloud computing, server virtualization, desktop virtualization, IPv6 and service automation has required network teams to look for tools to automate IP address management (IPAM). Automated IPAM tools allow administrators to allocate subnets, allocate/track/reclaim IP addresses and provide visibility into the networks. Here are some examples of what a typical IPAM tool can do... more
Sponsored byDNIB.com
Sponsored byWhoisXML API
Sponsored byIPv4.Global
Sponsored byRadix
Sponsored byVerisign
Sponsored byCSC
Sponsored byVerisign