The Denver edition of Security BSides took place a few weeks ago in a garage turned art gallery on the far end of Denver's emerging Santa Fe Arts District, right on the border between historic working-class neighborhoods and a rambling wasteland of building supply warehouses. ... The presentation I enjoyed most was "Top 10 Ways IT is Enabling Cybercrime," presented by Daniel J. Molina from Kaspersky Labs. He described how quickly threats are evolving, how many new threats are appearing every day, and explained that the targets aren't always who you'd expect. more
We seem to hear quite a bit from ICM about their .xxx TLD proposal. People who might be interested in the view from the porn community might be interested in Violet Blue's article on the proposal. As you might expect, she is against and sees no real support from the porn world. She does not consider 153K defensive domain registrations as proof of demand. more
Europe's governments are increasingly acting on the popular belief that the Internet should be a basic right, and that citizens not disposed to using IP-based services should nevertheless have access to its infrastructure. As such, governments either have already introduced legislation to this effect or are in the process of doing so. First off the block was Switzerland: from January 2008 Swisscom's 10-year renewed USO (universal service obligation) has included the provision of broadband at a regulated price. more
Recently Bitcurrent conducted a cloud performance test commissioned by my client Webmetrics, a business unit of Neustar. Bitcurrent describes itself as part blog, part analyst firm and part resource site for the web community. The research project was led by Alistair Croll, a well-known name in the space and program chair for the Cloud Connect conference. more
Capacity and scalability are necessary in managing DNSSEC and D/DoS. Capacity, necessary for maintaining operations during D/DoS attacks, is also necessary for increased traffic due to DNSSEC deployment. Scalability is highly important, as DNSSEC is deployed not only will greater traffic levels will be encountered, greater demand will be placed on the DNS platform. In the interest of understanding both capacity and scalability CommunityDNS conducted tests to assess the readiness of the two main DNS server platforms, BIND and NSD... more
ICANN's Generic Names Supporting Organisation (GNSO) has formed a working group to consider changes to the domain transfer process to enhance security and reduce hijacking. The working group consists of registrars, aftermarket players, domainers and other members of the ICANN Community. The group published its preliminary recommendations at the ICANN meeting in Brussels two weeks ago and the 20-day comment period has just begun. more
If you believe Cable Operators are not thinking about Mobile Networks and what kind of synergies could bring them increased cash-flow in the future, then you've probably missed the obvious signs laid out since 2008. ... Starting with their investment in Clearwire in 2008, companies like Comcast, Time Warner Cable and Bright House have upped their anti in wireless and mobile strategies. more
There is a classic scene in the movie, "Jaws," when Roy Scheider gets a look at the size of the shark circling his fishing vessel and says, "We're going to need a bigger boat." The same case can be made for CIOs dealing today with application security. Hackers from all over the world are circling business and government like great whites looking for vulnerabilities in Internet-facing applications. The growth of applications is great for doing business but they have become chum in the water for predators. more
ICANN's 38th get-together, in Brussels, may become known as the meeting where the dust finally began to settle. Long-standing issues were settled, compromises were reached, no-one complained too much about the latest version of the Applicant Guidebook, and the Board stood by its project plan dates, even scheduling a Board retreat to solve remaining issues. Finally, there were no surprise "gotcha!" delays that generic Top-Level Domain (gTLD) applicants have been used to seeing at ICANN meeting. With one possible exception... more
Beijing News is reporting (in Chinese) that one of their reporters noticed on Monday that the Google.cn landing page has added an ICP license number dated 2010. The license number had not been there before. ... The report did not clarify whether the addition of the ICP license means that the Chinese authorities have renewed Google.cn's ICP license... more
The key to fixing any part of the Internet infrastructure is to understand the business cases for the parties whose behavior you want to influence and design the technology accordingly. People who follow this approach (Sir Tim Berners-Lee and the World Wide Web) have a chance of succeeding. People who ignore it (DNSSEC, IPv6) will fail. The root problem here is that the ICANN DNS does not differentiate between the parts of the Internet that are accountable and those that are not. more
ICANN is the only institution with responsibility for the functioning of DNS. And so it is natural that when there is a DNS problem for people to expect ICANN to come up with the solution. But having the responsibility to act is not the same as having the ability. Like the IETF, ICANN appears to have been designed with the objective of achieving institutional paralysis. And this is not surprising since the first law of the Internet is 'You are so not in charge (for all values of you). more
In his latest blog post, Google's Chief Legal Officer David Drummond reports that Chinese authorities aren't happy with the automatic redirection of Google.cn to Hong Kong. They are threatening not to renew Google's Internet Content Provider license, which is required to legally operate any kind of Internet business in China. more
It's no secret that Comcast has been leading the charge of DNSSEC deployment among ISPs. For the past couple years, Comcast has been testing and pushing for the widespread adoption of DNSSEC. In the spirit of increasing adoption, I thought I would interview the DNS gurus at Comcast to see what they've learned and what advice they would give other ISPs considering DNSSEC deployment. more
We have just returned from the Brussels, Belgium ICANN meeting where we released our Registrar audit, the Internet "Doomsday Book." There are many topics covered in the report, but we wanted to follow up specifically on the issue of WHOIS access and add data to our previous column Who Is Blocking WHOIS? which covered Registrar denial of their contracted obligation to support Port 43 WHOIS access. more
Sponsored byCSC
Sponsored byVerisign
Sponsored byRadix
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byIPv4.Global