Phishing researcher Gary Warner's always interesting blog offers some fresh perspective on clicking links on emails, as the crux of the phishing problem. Gary writes: "There is a saying 'if you give a man a fish, he'll eat for a day, but if you teach a man to fish, he can feed himself for a lifetime.' In the case of the Epsilon email breach the saying might be 'if you teach a man to be phished, he'll be a victim for a lifetime.' In order to illustrate my point, let's look at a few of the security flaws in the business model of email-based marketing, using Epsilon Interactive and their communications as some examples." more
At ThousandEyes, we've always been curious about the performance of various public DNS resolvers -- especially since Google threw their hat in the ring back in 2009. We satisfied our curiosity this week, so we thought we'd share the results. Here's how we did it. more
Over at Word to the Wise, Laura Atkins has a post up where she talks about the real problem with ESPs and their lack of internal security procedures which resulted in the breach of many thousands of email addresses (especially Epsilon). However, Atkins isn't only criticizing ESP's lack of security but also the industry's response wherein they have suggested countermeasures that are irrelevant to the problem. more
The following is a proposal for an "Early Warning" system to resolve one of the remaining impasses between the ICANN Board and the ICANN Governmental Advisory Committee (GAC) as identified in the GAC Scorecard. Based upon phased array radar technology, this proposal is designed to incorporate multiple discrete evaluation phases into the new generic Top-Level Domain (gTLD) program to provide an integrated and comprehensive early warning system for the GAC in providing advice to the ICANN Board, potential applicants, and the broader Internet community. more
One of the essential features of the social compact that makes ICANN viable in its stewardship of the Domain Name system is that the operations of the Contracted Parties, i.e. Registrars and Registries, are governed by the cooperation of the contracted parties and the non-contracted parties, i.e. the stakeholders, in the creation of policy. In ICANN, contracts and other agreements are the method by which this policy is instantiated. more
Applying for a new Top-Level Domain (TLD) is an expensive and lengthy process, costing an estimated $500K for application and various legal and professional services. Central to the application is the business case. Even though ICANN requires an albeit simple version, most applicants must have a credible business case, especially if they need to secure internal approval, or more importantly attract and secure outside investment. Given the truth to the maxim "if you fail to plan, you plan to fail," some closer scrutiny of your business plan will pay dividends in the long-term... more
A few days ago, CAUCE published a blog post entitled "Epsilon Interactive breach the Fukushima of the Email Industry" on our site, and the always-excellent CircleID. A small coterie of commenters was upset by the hyperbolic nature of the headline. Fair enough, an analogy usually has a high degree of probability that it will fail, and clearly, no one has died as a result of the release of what appears to be tens of millions of people's names and email addresses. But, the two situations are analogous in many other ways, and here's why. more
Market research firm Infonetics Research this week released VoIP and UC Services and Subscribers, a market share and forecast report that includes two Business VoIP Service Provider Scorecards that will be published later this year, and an IP Centrex Provider Tracker highlighting deployments by provider, region, service, and platform. more
After wading through the various IANA Notice of Inquiry (NOI) submissions I thought I would take a break and do a secondary review of the recently concluded ICANN regional meeting in San Francisco. In doing this review there were three things that kind of jumped out at me as still missing in action. more
A series of attacks on the Email Service Provider (ESP) community began in late 2009. The criminals spear-phish their way into these companies that provide out-sourced mailing infrastructure to their clients, who are companies of all types and sizes. ... On March 30, the Epsilon Interactive division of Alliance Data Marketing (ADS on NASDAQ) suffered a massive breach that upped the ante, substantially. Email lists of at least eight financial institutions were stolen. more
In comments to the U.S. Government, ICANN sought to convince the National Telecommunications and Information Administration (NTIA) to relinquish its oversight of the Internet Address and Number Authority ("IANA") functions. At its heart, ICANN's presentation is a plea for NTIA to declare the privatization of DNS management finished. For several reasons, ICANN's plea should be refused. more
About two years ago I wrote with concern about Bit.ly's use of Libya's country code. I noted that It's always important to keep in mind that a company can't "own" a domain the way it owns real estate. Now it appears that companies that have built brand names on Libya's country code are facing difficult times. more
The broadband sector, like the wireless sector, is one of the strongest growth areas of telecommunications. Unlike most OECD countries, where DSL tends to dominate, the majority of subscribers in the US fixed broadband market are cable subscribers. During 2010 the gap continued to widen as the cable companies accounted for 70% of new broadband subscribers compared to the telcos' 30%. Although new broadband networks such as FttH and WiMAX are being widely deployed, broadband competition in each region is still generally limited to one DSL and one cable operator. more
A couple of weeks ago, I attended part of the ICANN meeting in San Francisco. I've been watching ICANN and been peripherally aware of their issues since the organization began, but this was my first chance to attend a meeting. What I learned is that ICANN is a crazy behemoth of a bureaucracy, steeped in impenetrable acronyms and processes that make it nearly impossible for someone new to get up to speed. The best example of this is the recent approval of the .XXX top-level domain. more
npt its recent meeting in San Francisco, ICANN approved a new draft timeline for the launch of its new generic top-level domains (gTLDs) program that will let its Board of Directors approve the final Applicant Guidebook in June 2011, enabling companies to apply for gTLDs before the end of the year. more
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byIPv4.Global
Sponsored byRadix
Sponsored byCSC
Sponsored byVerisign
Sponsored byWhoisXML API
A World-Renowned Source for Internet Developments. Serving Since 2002.