After looking at the state of DNSSEC in some detail a little over a year ago in 2006, I've been intending to come back to DNSSEC to see if anything has changed, for better or worse, in the intervening period... To recap, DNSSEC is an approach to adding some "security" into the DNS. The underlying motivation here is that the DNS represents a rather obvious gaping hole in the overall security picture of the Internet, although it is by no means the only rather significant vulnerability in the entire system. One of the more effective methods of a convert attack in this space is to attack at the level of the DNS by inserting fake responses in place of the actual DNS response. more
May 6th 2007: ARIN board of trustees passes a resolution advising the Internet community that migration to a new version of the internet protocol, IPv6, will be necessary to allow continued growth of the internet. June 29th 2007, Puerto Rico: ICANN Board resolution states that: The Board further resolves to work with the Regional Internet Registries and other stakeholders to promote education and outreach, with the goal of supporting the future growth of the Internet by encouraging the timely deployment of IPv6. Oct 26th 2007 at the RIPE 55 meeting in Amsterdam... Nov 15th 2007: IGF meeting, Rio de Janeiro... This is but a small sample of the fast growing visibility IPv6 acquired this year, 2007. more
Dell filed a suit in Florida in early October against a nest of domain tasters in Miami, widely reported in the press last week... The primary defendant is a Miami resident named Juan Vasquez, doing business as several registrars called BelgiumDomains, CapitolDomains, and DomainDoorman, as well as a whole bunch of tiny companies of unknown authenticity... Those registrars have an egregious history of domain churning. I gave a talk on domain tasting at MAAWG in October in which I picked out the registrars who churned the most domains from the May registrar reports, and those three were the worst, each having registered about 500,000 domains, refunded over 10 million... more
Reported in the Washington Post no less: "Dell Takes Cybersquatters to Court". As reported a few weeks ago, this is a very thorough action targeting certain practices and practitioners... I'm surprised a suit this thorough didn't name Google as a co-defendant. Then again, maybe it's not that surprising because Google offers a well liked product, has a lot more money; and a search partnership with Dell that allows Dell to share in the profit when its users engage in "right of the dot" typosquatting on Dell keyboards. It's funny, because one day, Dell could find itself on the defendant's side of the courtroom... more
An assignment in a Media and Democracy course I teach at Penn State invites students to select a telecommunications advocacy web site for analysis. I want my students to decode the message and attempt to identify whether a bias exists and who financially supports the site. The exercise typically fails miserably... Most students cannot infer that a site that advertises books by Ann Coulter trends to the right and one that talks about social justice trends to the left. more
Very surprising and welcome announcement from Verizon Wireless yesterday announcing that "it will provide customers the option to use, on its nationwide wireless network, wireless devices, software and applications not offered by the company. Verizon Wireless plans to have this new choice available to customers throughout the country by the end of 2008..." And Verizon Wireless is right to open up. There's plenty of room to be cynical about this; after all, Verizon Wireless is trying to STOP the FCC from putting an openness requirement on the 700Mhz spectrum to be auctioned... more
Comcast's furtive and undisclosed traffic manipulation reminds me of a curious, red herring asserted by some incumbent carriers and their sponsored researchers: that without complete freedom to vertically and horizontally integrate the carriers would lose synergies, efficiencies and be relegated to operating "dumb pipes."... Constructing and operating the pipes instead of creating the stuff that traverses them gets a bad rap. It may not be sexy, but it probably has less risk. But of course with less risk comes less reward, and suddenly no one in the telecommunications business is content with that. So incumbent carriers assert that convergence and competitive necessity requires them to add "value" to the pipes. more
In a counter-intuitive move for a Republican free marketeer, FCC Chairman Kevin Martin has sought to impose substantial additional regulations on cable television. Chairman Martin ostensibly can retain his credentials by claiming that a 1984 law requires the FCC to act when cable television systems serve 70% or more of the U.S. population and 70% who can subscribe do so. more
Nominet has published a very detailed and comprehensive position paper on "front running". Although the paper is a mere 5 pages long it covers all the areas that the topic encompasses very well and is well worth a read. The topic of "front running" has received some publicity in the last few months. If you're not familiar with the concept Nominet's definition is helpful... more
Running a DNS server that serves the root gives an interesting view into the world of the DNS. With the ongoing improvements to the ICANN operated L-ROOT, we've been fortunate enough to be able to make use of the "DNS Statistics Collector" (DSC) tool. "DSC" allows us to generate different views of the DNS queries we have been seeing at the L-ROOT systems. more
I'd like to continue on in my review of the book Spam Kings (read part 1) and make some more comments, particularly regarding the antispammers. One thing that I really liked about the book is learning the history of some of the spam tools. I was never a participant on NANAE (news.admin.net-abuse.email; a USENET newsgroup which discusses e-mail spamming), that was before my antispam time. But I was intrigued by its history. People would gather together and discuss spammers and tools for stopping them, and sometimes spammers would stop by and the flame wars would ensue. more
A few months ago, I purchased the book Spam Kings, but only recently managed to get around to reading and finishing it. In case you've never read it, it chronicles the stories of some spammers and the anti-spammers who fought them. These anti-spammers are not people like myself in industry; rather, they are users who have received spam who hunt down the source of the spam and work to bring them down. more
A reasonably well informed article in Thursday's USA Today reminds us that in 2004 Bill Gates said the spam problem would be solved in early 2006, but here at the end of 2007 there's more spam than ever. They go through a laundry list of problems of spambots, new kinds of PDF and MP3 spam, and phishing, and a list of of partial or non-solutions including filters, walled gardens, and an odd system called Boxbe, a hybrid of whitelists, challenge/response, and pay for delivery. Oh, and Bill says he never said spam would be solved... more
The Internet Governance Forum (IGF) is an annual UN conference on Internet governance which was held this year in Rio de Janeiro, Brazil. The topics discussed range from human rights online to providing Internet access in developing countries. A somewhat secondary topic of conversation is Internet security and cyber-crime mostly limited to policy and legislative efforts. Techies and Internet security industry don't have much to do there, but I have a few updates for us from the conference. more
Nemertes Research has released a report on the future of the Internet infrastructure. The key finding from the report is that bandwidth demands are exceeding infrastructure investment, especially at the access layer. We noted in the project that users may begin to see the impact of degraded application performance as early as 2010. We also noted that the planned investments in Internet infrastructure are insufficient to meet growing demand. more
Sponsored byWhoisXML API
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byCSC
Sponsored byRadix