Featured Blogs

Latest

The Case Against DNSSEC

I was talking to my good friend Verner Entwhistle the other day when he suddenly turned to me and said "I don't think we need DNSSEC". Sharp intake of breath. Transpired after a long and involved discussion his case boiled down to four points: 1. SSL provides known and trusted security, DNSSEC is superfluous, 2. DNSSEC is complex and potentially prone to errors, 3. DNSSEC makes DoS attacks worse, 4. DNSSEC does not solve the last mile problem. Let's take them one at a time... more

ICANN Investigating Domain Tasting

ICANN has announced that it is seeking input and feedback on the topic of domain tasting. (See their announcement for full details) Interestingly enough Michael Gilmour published an article a couple of days ago covering the same topic - "Why domain tasting is great!", which will probably raise a few hackles! One point that in particular caught my eye... more

Defending Networks Against DNS Rebinding Attacks

DNS rebinding attacks are real and can be carried out in the real world. They can penetrate through browsers, Java, Flash, Adobe and can have serious implications for Web 2.0-type applications that pack more code and action onto the client. Such an attack can convert browsers into open network proxies and get around firewalls to access internal documents and services. It requires less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers. Everyone is at risk and relying on network firewalls is simply not enough. In a paper released by Stanford Security Lab, "Protecting Browsers from DNS Rebinding Attacks," authors Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and Dan Boneh provide ample detail about the nature of this attack as well as strong defenses that can be put in place in order to help protect modern browsers. more

Phishers Now Targeting Domain Registrars

This is an issue of some concern and should be watched carefully: phishers are now trying to get passwords of domain registrants (domain owners). Currently, correspondents inform me that GoDaddy is the target, but there's no reason to think the phishers won't expand to other registrars. Normally, phishers go after bank accounts or other financial information, or sometimes the online accounts of users so that they may send spam. It's not known precisely why phishers are after domain registration information, but the possibilities are chilling... more

Prediction: Google WILL Bid for 700MHz Spectrum and WILL Win

There is an excellent business case for Google bidding megabucks in the upcoming 700MHz auction and investing even more to get a network up and running. I think Google is well aware of the value to them if they win and the harm they'd suffer if the duopoly wins instead. Google can make big bucks with a nationwide third network AND make things better for all Internet users AND improve the United States' pathetic competitive position in the contest for broadband access. Hope this post doesn't end up post-tagged "wishful thinking"... more

Greater Transparency in Domain Name Pricing

Tucows issued a press release today wherein they announced lower domain name pricing and enhanced services. The bigger change, which might set a trend for other registrars, is the greater transparency of the registry and ICANN fees relative to the fees charged by Tucows... If all registrars were to quote domain name prices in this manner (I had called it "Asterisk Prices" when I had suggested the idea to various registrars last December, for lack of a better term), it would shift the blame to ICANN and the monopoly registry operators (e.g. VeriSign) every time they raised their fees. more

CAN-SPAM Defendant Awarded $111k in Fees/Costs: Gordon v. Virtumundo

I believe this ruling represents the first time that a CAN-SPAM plaintiff has been ordered to pay attorneys' fees and costs to a defendant. As a result, it's a leading example that courts can and do grow tired of bogus anti-marketing lawsuits, and perhaps it will serve as an expensive warning to CAN-SPAM plaintiffs to ensure the merits of their lawsuit. Gordon is an uber anti-spam plaintiff, leading countless CAN-SPAM lawsuits. As the court describes, Gordon runs a "spam business"--basically, a for-profit plaintiff litigation shop to go after spammers (the court also calls it a "litigation factory")... more

Bringing a New Top-Level Domain to Life

One of the key elements in any domain space is usage. It doesn't matter how potentially "cool" or "interesting" a Top-Level Domain (TLD) is if nobody is actually using it to provide content. It may be overused and totally abused, but "content is king"! The guys in dotMobi posted yesterday about some of the more interesting domains that they had come across recently. What did that lead to? Well I actually got out my phone and browsed the sites to see what all the fuss was about and I was truly impressed. more

Social Operating System: Connecting Domains and Social Media

Wired Magazine (Aug 2007 print issue, page 50) defines "social operating system" as a platform for online living; a social network such as MySpace that seamlessly integrates activities including entertainment and shopping. But Jon Udell points out that MySpace is not Your Space. He envisions a future in which each child would receive his or her own chunk of managed storage at birth.. Of course, we'd want the ability for Bob's Space to connect with Jane's Space - suppose they are siblings starring in the same family vacation video, or co-authors of a research report? more

ARIN Statement on the Future of Addressing Policy

ARIN has just released a statement on the future of addressing policy. Specifically addressing the future of IPv4 addressing. What ARIN does is to emphasize the current policies and say they will be enforced even stronger than today if needed. I.e. there is no announcement of a change in policy. more

Transition to IPv6 Address

Last month's column looked at the exhaustion of the IPv4 unallocated address pool and the state of preparedness in the Internet to grapple with this issue... There has been a considerable volume of discussion in various IPv6 and address policy forums across the world about how we should respond to this situation in terms of development of address distribution policies. Is it possible to devise address management policies that might both lessen some of the more harmful potential impacts of this forthcoming hiatus in IPv4 address supply, and also provide some impetus to industry to move in the originally intended direction to transition into an IPv6 network? more

Two Things Happened at the FCC Today

Paul Kaputska has the best wrap-up of the 700 MHz press releases and statements online, with comments from major players. Rick Whitt is polite and welcoming, noting the progress that's been made (who would have thought any move towards unlocking devices from networks was possible?) while saying it would have been better to have included wholesale requirements. But while even mainstream media was (finally) focusing on the moderate, incremental, and possibly hopelessly unenforceable (and ultimately meaningless) steps taken by the FCC today in announcing its auction rules, something else happened. more

First Impression: FCC Rules for the 700MHz Auction

The FCC has issued rules which will govern the auction of valuable radio spectrum which could make a huge difference in the price and quality of communications in America. The glass is definitely half something: I'd say closer to empty than full but there are some things to like and some hope for competition. The decision is a compromise. Republican Chairman Martin was joined by Democrat Commissioners Adelstein and Copps in setting some open access conditions for 22MHz out of the 62MHz which will be auctioned. Republican Commissioner Tate reluctantly went along with these conditions and Republican McDowell voted against them. more

Neustar Losing .us Could Be Good for .com Registrants

Neustar is facing a potential loss of the Dot-US franchise as competitors bid against them. Why might this be of interest to .com registrants? ...The issue of antitrust with regards to the .com agreement has never really been properly settled, as a well-funded complainant hasn't brought forward a case to full fruition in the courts. ICANN sold out the public by agreeing to a settlement that would see its own coffers swell, at the expense of registrants, so they do not count. more

Spam: You’ve Come a Long Way, Baby

According to the majority of the testimony at this month's "Spam Summit," held by the U.S. Federal Trade Commission (FTC), the state of the fight against spam is pretty much the same as it has been for the last several years. The two days of presentations can largely be boiled down to the following bullets: Spam volumes continue to increase, being driven by the growth of "botnets"... Oh, and the spam wars are a lot less exciting than they used to be. Case in point: unlike last time, there were no fist-fights at this year's shindig. more

Topics

IPv4 Markets

Sponsored byIPv4.Global

Brand Protection

Sponsored byCSC

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

Threat Intelligence

Sponsored byWhoisXML API

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days

Most Viewed – Last 30 Days