Featured Blogs

Latest

ICANN Releases Paper on Domain Name Security

Today ICANN releases a paper with the title "DNSSEC @ ICANN - Signing the root zone: A way forward toward operational readiness". The paper explains in more detail than earlier documents what ICANN view on signing of the root zone is. I think the key points mentioned in this paper are true, and in general, I think this document is a good read. It is not long, and summarizes what I would call the current view is. more

Shouting ‘Bug’ on a Crowded Internet…

In the last few weeks we've seen two very different approaches to the full disclosure of security flaws in large-scale computer systems. Problems in the domain name system have been kept quiet long enough for vendors to find and fix their software, while details of how to hack Transport for London's Oyster card will soon be available to anyone with a laptop computer and a desire to break the law. These two cases highlight a major problem facing the computing industry, one that goes back many years and is still far from being unresolved. Given that there are inevitably bugs, flaws and unexpected interactions in complex systems, how much information about them should be made public by researchers when the details could be helpful to criminals or malicious hackers? more

Shim6 Host-Based IPv6 Multihoming: Ready for Testing

During the last decade, the Internet Engineering Task Force (IETF) has been designing IPv6 as a replacement for IPv4. Most of the initial benefits of IPv6 (security, QoS, autoconfiguration,...) have been ported to IPv4 and IPv6 deployment has been limited. However, thanks to the huge IPv6 addressing space, it is possible to design protocols and mechanisms that are more scalable and more powerful than with IPv4. A typical example is the multihoming problem. This problem occurs when a site is attached to several Internet Service providers... more

Note to John McCain: Technology Matters

One would think that, in 2008, the significance of the Internet and information technology would be universally acknowledged. That makes the recent news from the Presidential campaign a bit shocking. After ignoring technology issues for the past year, John McCain is poised to announce his great insight: tech policy isn't worthy of attention from the President of the United States. This is what I draw from the announcement that former FCC Chairman Michael Powell is drafting a technology plan for McCain, to be released shortly... What concerns me most is what the McCain plan apparently leaves out... more

The Cost of Walled-Garden Designs

The Swedish morning daily Svenska Dagbladet on their editorial page yesterday writes about the EU threat to intervene at mobile roaming costs for voice, SMS and data. The editorial is pushing the point that it's wrong for the EU to try and price regulate the market, but instead the free market will prevail. They even seem to be indicating that the current pricing is fair and that an EU price regulation would hamper investments. In very general terms I would agree with the editorial... more

BT and Ofcom

About 16 months ago, I heard Ed Richards of Ofcom speak at a CITI conference at Columbia, and blogged about it here. I remember thinking that Richards didn't seem to think that highspeed access to the internet was all that important. The market had to demand it, and the market wasn't being demanding. Also, he wasn't interested in government intervention to support highspeed access... more

Good News from Three Spam Cases in the U.S.

They say (whoever "they" are) that good things come in threes, and that certainly seems true for law enforcement against spammers this week. In New York, Adam Vitale was sentenced to 30 months in prison and ordered to pay $183,000 in restitution for a week of spamming AOL back in 2005... In Illinois, an FTC settlement requires Spear Systems and company executives Bruce Parker and Lisa Kimsey to give up $29,000, stop making "false or unsubstantiated claims about health benefits" of their products, and bars them from violating CAN-SPAM ever again... And finally, in Seattle, the Robert Soloway case continues... more

Not a Guessing Game

On Tuesday July 8, CERT/CC published advisory #800113 referring to a DNS cache poisoning vulnerability discovered by Dan Kaminsky that will be fully disclosed on August 7 at the Black Hat conference. While the long term fix for this attack and all attacks like it is Secure DNS, we know we can't get the root zone signed, or the .COM zone signed, or the registrar / registry system to carry zone keys, soon enough. So, as a temporary workaround, the affected vendors are recommending that Dan Bernstein's UDP port randomization technique be universally deployed. Reactions have been mixed, but overall, negative. As the coordinator of the combined vendor response, I've heard plenty of complaints, and I've watched as Dan Kaminsky has been called an idiot for how he managed the disclosure. Let me try to respond a little here, without verging into taking any of this personally... more

FCC and Comcast: Reasonably Vague

So, the FCC will recommend that Comcast be "punished" or receive "sanctions" for its peer-to-peer throttling practice. And the network neutrality debate goes on, as does its ambiguities and vagueness. Even if you hate Comcast and agree with the net neutrality argument and the FCC's decision, one thing Comcast is correct in saying is that "reasonable network management" specified by the FCC in network neutrality policy set in 2005 is vague. Actually, the term "network management" by itself is broad before you even try to interpret what is meant by "reasonable", and it is not exactly correct in its application here... more

Anti-Phishing and Hong Kong

Planning for a short trip to Hong Kong tomorrow reminded me of Jonathan Shea, something I wanted to blog about but was waiting for the hype around the new generic Top-Level Domains (TLDs) to cool down. Jonathan Shea is an old friend who is in-charge of ".hk". I had the pleasure to catch up with him in Paris ICANN meeting. Before Jonathan, let me talk about something related that happened in Paris. At the Cross Constituency Meeting, there was a presentation by the Anti-Phishing Working Group (APWG). In summary, they were proposing working with registries to take down domain names that are suspected to be involved in phishing. more

Is It Time to Create a Market for IPv4 Addresses?

It's fascinating to watch the Internet technical community grapple with policy economics as they face the problems creating by the growing scarcity of IPv4 addresses. The Internet Governance Project (IGP) is analyzing the innovative policies that ARIN, RIPE and APNIC are considering as a response to the depletion of IPv4 addresses. more

No Fines for Comcast

Note: this is an update on my earlier story, which incorrectly said that the AP reported that Chairman Martin was seeking to impose "fines" on Comcast. In fact, the story used the word "punish" rather than "fine," and a headline writer at the New York Times added "penalty" to it "F.C.C. Chairman Favors Penalty on Comcast" (I won't quote the story because I'm a blogger and the AP is the AP, so click through.) Much of the initial reaction to the story was obviously colored by the headline. more

Gartner on New Generic Top Level Domains

Gartner, the well known IT consulting company, has published a report on the new top level domains that will appear some time next year. The report totally misses the mark. In a pure US centric vision, it focuses on ".com" as the must-have TLD, totally overlooking the fact that a ".com" is mostly worthless e.g. in Germany, where ".de" is the TLD one must have to succeed locally... more

In Which We Explore the Federal Laws that Apply to Cyberstalking

Tragedies frequently result in flurries of legal activity. Last years witnessed the Myspace tragedy in which a 13 year old girl committing suicide. Unfortunately stalking laws have been clumsy tools that are difficult if not impossible for law enforcement officials to wield. Where existing laws respond poorly to tragedies, the option behind Door Number One is to enact a new law, and the option behind Door Number Two is to argue for a reinterpretation of current law that would somehow miraculously shoehorn the tragedy into the law. Unlike game shows, legal contestants can pick both doors -- which is what happened in this case. more

An Astonishing Collaboration

Wow. It's out. It's finally, finally out... So there's a bug in DNS, the name-to-address mapping system at the core of most Internet services. DNS goes bad, every website goes bad, and every email goes...somewhere. Not where it was supposed to... I'm pretty proud of what we accomplished here. We got Windows. We got Cisco IOS. We got Nominum. We got BIND 9, and when we couldn't get BIND 8, we got Yahoo, the biggest BIND 8 deployment we knew of, to publicly commit to abandoning it entirely. It was a good day... more

Topics

DNS

Sponsored byDNIB.com

IPv4 Markets

Sponsored byIPv4.Global

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

Cybersecurity

Sponsored byVerisign

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days

Most Viewed – Last 30 Days