Featured Blogs

Latest

DNSSEC Status Report: Signing Infrastructure Well Underway, User Experience Still Needs Work

The registries (gTLDS) are all moving towards signing in about a year. PIR and .org is going to be first with .edu, .biz, and others closely behind. The root is scheduled to be signed in the beginning of July (end of June looking at the holiday calendar) being the biggest milestone. Some of the roots already contain DNSSEC information. Other ccTLDs continue to turn DNSSEC on with countries on every continent signed. more

Spammer Convicted on Wire Fraud Charges - United States v. Diamreyan

Earlier this year Okpako Mike Diamreyan was found guilty of wire fraud. The district court recently denied his motion for judgment of acquittal. Diamreyan "was charged with devising a scheme to defraud known as an 'advance fee.'" As the court describes it, this is a "scam . . . where a person asks an individual to pay an advance fee in order to obtain a larger sum of money, which the individual [victim] never receives." ... Two things about the case struck me... more

ClamAV and the Case of the Missing Mail

Some email discussion lists were all atwitter yesterday, as Sourcefire's open-source anti-virus engine ClamAV version 0.94.x reached its end-of-life. Rather than simply phase this geriatric version out the development team put to halt instances of V0.94 in production yesterday, April 15, 2010. In other words, the ClamAV developers caused version .94 to stop working entirely, and, depending upon the implementation, that meant email to systems using ClamAV also stopped flowing. more

Military Asserts Rights to Return Cyber Attacks

The Washington Post had a good article up yesterday capturing comments issued by the United States military that it has the right to return fire when it comes to cyber attacks... This is an interesting point of view, and it extends from the United States's policy that if it is attacked using conventional weapons, it reserves the right to counter respond in kind. This has been a long accept precept governing US foreign military policy for generations. Yet cyber attacks are different for a couple of reasons... more

Operational Challenges When Implementing DNSSEC

As a reader of this article, you are probably familiar with the DNS cache poisoning techniques discovered a few years ago. And you have most likely heard that DNSSEC is the long term cure. But you might not know exactly what challenges are involved with DNSSEC and what experience the early adopters have gathered and documented. Perhaps you waited with our own rollout until you could gather more documentation over the operational experience when rolling out DNSSEC. This article summarizes authors' experiences and learnings from implementing the technology in production environments as well as discusses associated operational issues. more

DNS… Wait a SEC

Complete DNSSEC implementation requires that domains are authenticated at the root by the Registry, and that DNS zones and records are authenticated as well. Now before I go any further, let me begin by stating that I fully support the development and deployment of DNSSEC and that the vulnerabilities presented by Cache Poisoning are very real, especially for those websites collecting login credentials or other types of sensitive information. more

DNSSEC No Longer Pie-in-the-Sky: Time to Develop a Strategy

You may have seen media reports a few weeks ago describing how servers behind the so-called Great Firewall of China were found delivering incorrect DNS information to users in the rest of the world, thereby redirecting users to edited Web pages. Reports indicate that this apparently occurred due to a caching error by a single Internet Service Provider. While the problem was fairly limited in scope, it could have entirely been prevented in a world where DNSSEC was fully deployed. more

Another Spam Case Lost in Washington, or Gordon Strikes Again

Bennett Haselton, who runs the Peacefire anti-censorship site, is one of the more successful anti-spam litigants. He says he's filed about 140 suits, mostly in small claims court, and has won the majority of the suits that got far enough to be decided on the merits. But last month, in Federal court in Seattle, he lost a suit against Quicken Loans that he should have won, partly because of his own mistakes, but largely because of the pernicious effect of Gordon vs. Virtumundomore

Progress in US Telecoms Transformation

The impact of the changes set in motion by President Obama back in late 2008 in relation to the direction the telecommunications are slowly becoming apparent and are taking many Americans by surprise, even many of the experts and analysts in this industry. This has created a lot of noise and confusion, as people are trying to understand what is happening and how it will affect them. more

China Won’t Repeat Protectionist Past in Digital Realm

Google may have unnecessarily provoked a fight with China, but the Middle Kingdom better keep its wits, lest it repeat a sad protectionist history. Early last millennium China was the world's richest civilization and technology leader. It famously invented gunpowder, iron casting, paper, porcelain, printing, and gigantic nine-masted sailing vessels. Between 1405 and 1433, the great Muslim Chinese explorer Zheng He led seven expeditions in the South Pacific and Indian Oceans, reaching the coast of East Africa. China's naval fleet grew to 3,500 ships... more

DNSSEC Ready Set Go! But, Wait, Are You Ready?

The year 2010 is turning out to be the "year of DNSSEC" from Registry implementations, Registrar implementations, ISP support, to the Root being signed this summer. Because we are dealing with such critical infrastructure, it is important to not lose sight of careful implementations. more

Apple’s Naked Self Interest

Any vendor in the platform business knows that their primary product is programming interfaces -- the so-called APIs that developers depend upon in order to deliver applications. The API exposes features of the platform, and differentiate applications running on that platform from all others. Lose control of the API, and you will lose control of the developer. Developers are the leading indicator for platform success. Ergo, lose the developer, lose the platform. more

Cyber-Spin: How the Internet Gets Framed as Dangerous

At the beginning of this year, a set of powerhouse organizations in cybersecurity (CSO Magazine, Deloitte, Carnegie Mellon's CERT program, and the U.S. Secret Service) released the results of a survey of 523 business and government executives, professionals and consultants in the ICT management field. The reaction generated by this survey provides an unusually clear illustration of how cyber-security discourse has become willfully detached from facts. more

Comcast vs the FCC - A Reply to Susan Crawford’s Article

This is a reply to Susan Crawford's circleid article "Comcast v. FCC - "Ancillary Jurisdiction" Has to Be Ancillary to Something". I started writing a reply to her article, adding some comments I had and also reminding her that she'd predicted this herself, in an earlier circleid article, but it turned out long enough that I decided to submit it as a circleid post instead. On the whole, the facts agree with this CNET article. This court decision was correct, and expected... more

Comcast v. FCC - “Ancillary Jurisdiction” Has to Be Ancillary to Something

Big news today - Judge Tatel has written the D.C. Circuit's opinion in Comcast v. FCC, and Comcast wins. Bottom line: The FCC didn't have regulatory authority over Comcast's unreasonable network management practices because it failed to tie that authority to any express statutory delegation by Congress... more

Topics

Domain Names

Sponsored byVerisign

Cybersecurity

Sponsored byVerisign

Threat Intelligence

Sponsored byWhoisXML API

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

DNS

Sponsored byDNIB.com

Brand Protection

Sponsored byCSC

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days

Most Viewed – Last 30 Days