As the implementation of DNSSEC continues to gather momentum and with a number of ccTLDs, and the '.org' gTLD having deployed it into their production systems, I think it is worth pausing to take a look at the entire DNSSEC situation. Whilst it is absolutely clear that DNSSEC is a significant step forward in terms of securing the DNS, it is but one link in the security chain and is therefore not, in itself, a comprehensive solution to fully securing the DNS system. more
I just finished reading Richard Clarke and Robert Knake's book Cyberwar. Though the book has flaws, some of them serious, the authors make some important points. They deserve to be taken seriously. I should note that I disagree with some of my friends about whether or not "cyberwar" is a real concept. Earlier, I speculated that perhaps it might be a useful way to conduct disinformation operations, but it need not be so limited. more
Canada's CRTC isn't as dumb as U.S. regulators who are considering ruling that the law doesn't apply where the telcos oppose it. (Title II deregulation) Canada just decided wireless needs to follow the rules. In turn, the CRTC intends to make sure the rules are reasonable. Rather than saying "never any rules," they instead try to write sensible ones. more
The White House has recently released a draft of the National Strategy for Trusted Identities in Cyberspace. Some of its ideas are good and some are bad. However, I fear it will be a large effort that will do little, and will pose a threat to our privacy. As I've written elsewhere, I may be willing to sacrifice some privacy to help the government protect the nation; I'm not willing to do so to help private companies track me when it's quite useless as a defense. more
A friend of mine wrote to ask: "The Supreme Court overturned the Jaynes conviction on First Amendment grounds, yes? I'm wondering what that could mean from the spam filtering perspective." Spam filters, and in particular DNS blacklists are intended to prevent e-mail from being delivered. Doesn't the First Amendment make it illegal to block speech? The short answer is no, but of course it's slightly more complicated than that in practice. more
For a brief moment earlier this week, I thought my days spent dreaming of hover-boards, flying cars and Biff's elusive Sports Almanac were finally over. From reports circulating online, we had finally reached "Back to the Future Day". Those movie buffs out there will know exactly what I'm referring to... But it got me thinking. What would the Domain Name world look like if that crazy cat Doc Brown swung past in his DeLorean, with a fully-charged flux capacitor and a return ticket to October 21st 2015? more
Last week ICANN took another very significant step forward in the expansion of the internet by approving the delegation of a number of Chinese script IDN ccTLDs. Although we have all heard statements that portray the introduction of IDN ccTLDs as being perhaps the single most important factor in the achievement of ICANN's "One World, One Internet" vision, we should take a moment to appreciate the true significance of this latest round of IDN ccTLD approvals. more
China's broadband subscriber base continues to rise. Massive FttX deployments are underway, spurred on by competition between the three full-service operators all aiming to increase 'stickiness' for subscribers. While fixed line subscribers are expected to decline into 2011, broadband subscribers are still rising, driven by cheaper rates and the higher bandwidth on offer compared to mobile Internet. more
Tuesday June 29th at the Cisco Live Conference Las Vegas, John Chambers announced their newest product, the Cius tablet aimed at the enterprise market and positioned as a mobility product. That very same day a two hour IPv6 deployment panel, moderated by Cisco's Alain Fiocco, featured Google, Microsoft, Comcast and Tata Communications in front of a room filled to near capacity. The nature of the audience was interesting. Compared to previous years, when asked about their affiliation, the number of hands raised for the category 'enterprise' was significantly higher. more
The Denver edition of Security BSides took place a few weeks ago in a garage turned art gallery on the far end of Denver's emerging Santa Fe Arts District, right on the border between historic working-class neighborhoods and a rambling wasteland of building supply warehouses. ... The presentation I enjoyed most was "Top 10 Ways IT is Enabling Cybercrime," presented by Daniel J. Molina from Kaspersky Labs. He described how quickly threats are evolving, how many new threats are appearing every day, and explained that the targets aren't always who you'd expect. more
We seem to hear quite a bit from ICM about their .xxx TLD proposal. People who might be interested in the view from the porn community might be interested in Violet Blue's article on the proposal. As you might expect, she is against and sees no real support from the porn world. She does not consider 153K defensive domain registrations as proof of demand. more
Europe's governments are increasingly acting on the popular belief that the Internet should be a basic right, and that citizens not disposed to using IP-based services should nevertheless have access to its infrastructure. As such, governments either have already introduced legislation to this effect or are in the process of doing so. First off the block was Switzerland: from January 2008 Swisscom's 10-year renewed USO (universal service obligation) has included the provision of broadband at a regulated price. more
Recently Bitcurrent conducted a cloud performance test commissioned by my client Webmetrics, a business unit of Neustar. Bitcurrent describes itself as part blog, part analyst firm and part resource site for the web community. The research project was led by Alistair Croll, a well-known name in the space and program chair for the Cloud Connect conference. more
Capacity and scalability are necessary in managing DNSSEC and D/DoS. Capacity, necessary for maintaining operations during D/DoS attacks, is also necessary for increased traffic due to DNSSEC deployment. Scalability is highly important, as DNSSEC is deployed not only will greater traffic levels will be encountered, greater demand will be placed on the DNS platform. In the interest of understanding both capacity and scalability CommunityDNS conducted tests to assess the readiness of the two main DNS server platforms, BIND and NSD... more
ICANN's Generic Names Supporting Organisation (GNSO) has formed a working group to consider changes to the domain transfer process to enhance security and reduce hijacking. The working group consists of registrars, aftermarket players, domainers and other members of the ICANN Community. The group published its preliminary recommendations at the ICANN meeting in Brussels two weeks ago and the 20-day comment period has just begun. more
Sponsored byVerisign
Sponsored byCSC
Sponsored byWhoisXML API
Sponsored byIPv4.Global
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byVerisign