Featured Blogs

Latest

Another Try at Proof-of-Work e-Postage Email

Another paper from the Fifth Workshop on the Economics of Information Security, (WEIS 2006) is Proof of Work can Work by Debin Liu and L, Jean Camp of Indiana University. Proof of work (p-o-w) systems are a variation on e-postage that uses computation rather than money. A mail sender solves a lengthy computational problem and presents the result with the message. The problem takes long enough that the sender can only do a modest number per time period, and so cannot send a lot of messages, thereby preventing spamming. But on a net full of zombies, proof of work doesn't work. more

The Blurr-Cade Proposal on Root Zone Oversight

Becky Burr (former NTIA official) and lobbyist Marilyn Cade has made a proposal to create a multilateral working group to oversee the root zone file updates. I would characterize the Burr-Cade proposal as a "small step for mankind and a giant step for the US" to paraphrase Neil Armstrong. The main merit of the proposal is that it looks like something the USG might want to follow. Sevaral people suggested there should be no governmental oversight at all but that does not look realistic, in the sense that there can be huge economic and political interests behind ICANN decisions. more

VeriSign Director Charged with Securities Fraud

Bloomberg is reporting that Gregory Reyes is facing criminal and civil charges in relation to securities fraud. Reuters and the Mercury News also have coverage. "Former Brocade Communications Systems Inc. Chief Executive Officer Gregory Reyes became the first CEO charged in the U.S. probe of the backdating of stock option grants to create lucrative employee pay packages." more

The Burr Proposal: Beginning of the End of Unilateral Control of the DNS Root?

The results of the recent NTIA consultation made it clear that there is no real public or industry support for unilateral control of the DNS root by the U.S. government. The latest and most interesting sign of collapsing support for US unilateral control of the DNS root, which the Internet Governance Project learned of today, is a proposal being circulated by G. Beckwith Burr... more

Taking Aim at 8 Myths about ENUM

ENUM has a critical role to play in telephony services convergence. Although many carriers are adopting ENUM there are myths swirling around the confuse newcomers. In data networks, the domain name system (DNS) is responsible for converting Uniform Resource Locators (URL's) to IP addresses in order to route data traffic. The ENUM protocol performs a similar essential function of linking E.164 telephone numbers to Universal Resource Identifiers (URIs) -- enabling communication services to use traditional phone numbers to set up calls over IP networks. Unfortunately, there's a good deal of hype and confusion around ENUM, which might lead carriers to delay ENUM implementations. That delay would be a mistake... more

Why I’m Standing for the ICANN Board and Why I’ve made My Statement Public

The number of applications this year for the seven positions within ICANN has been so low that the NomCom has gone to the trouble of printing up pamphlets, holding a public meeting at Marrakech and extending the deadline by a fortnight. At the two public Board sessions in Marrakech the grand hall that was provided was virtually empty, sparking some debate as to why. Susan Crawford ventured that it was because ICANN was failing to connect with people; Vint Cerf suggested that ICANN was so successful at doing its job that people didn't feel the need to attend. Mouhamet Diop pointed out that we were in a French-speaking Arabic country and no one was going to sit through four hours of discussion if they didn't understand a word of it... more

OpenDNS: It’s Not SiteFinder for Obvious Reasons

The first salvo on NANOG this morning in response to the launch of OpenDNS was a predictable lambasting along the lines of "here comes SiteFinder II". Fortunately the follow-ups were quick to point out that OpenDNS was a far cry from SiteFinder for the obvious reason that people have the choice to use it, nobody had a choice with SiteFinder. ...the real magic here can come from it's use in phishing mitigation. more

Why Senator Stevens is Right on Net Neutrality

Several people emailed me about the actual things the senator said and why he is off-base. I decided to listen to his speech again, and write down the points I believe are critical. Senator Stevens who everyone is dissing on for his speech on Net Neutrality in my book spoke nothing less than brilliant. I will also tell you, in my opinion, exactly why... He nailed down the subject into the point that matters: Business. It's about profit. more

Net Neutrality Is As Silly As So-Called Internet Governance

From the perspective of Internet security operations, here is what Net Neutrality means to me. I am not saying these issues aren't important, I am saying they are basically arguing over the colour of bits and self-marginalizing themselves. For a while now I tried not to comment on the Net Neutrality non-issue, much like I didn't comment much on the whole "owning the Internet by owning the Domain Name System" thingie. Here it goes anyway. Two years ago I strongly advocated that consumer ISP's should block some ports, either as incident response measures or as permanent security measures... more

New WHOIS Definition Survives Marrakech ICANN Meeting

For now, it appears that the new, more technically focused and privacy-friendly definition of the purpose of Whois survived the Marrakech meeting. The U.S. Government and the copyright and law enforcement interests mounted a major onslaught against the Generic Names Supporting Organization (GNSO) action, using the Governmental Advisory Committee (GAC) as their pressure point.  more

Verisign Receives Subpoena Relating to Stock Option Backdating

VeriSign has reported that they are cooperating with a grand jury subpoena and a SEC inquiry into their historical stock option grants. More can be found here. Backdating of options is essentially a fraud against existing shareholders, as noted in the press or simply searching Google for "backdating fraud". Under the existing 2001 .com Registry Agreement, section 16.C would allow for termination of the agreement by ICANN in the event that VeriSign "is convicted by a court of competent jurisdiction of a felony or other serious offense related to financial activities... more

Microsoft Choking Domain Parking Business Practices?

In a follow up to Microsoft's Strider URL Tracer tool released a few months ago, SecurityFocus is running an article which takes a closer look at how Microsoft's free Strider URL Tracer with Typo-Patrol is aimed at fighting typo-squatters and domain parking abuse. From the article: "In most cases, the typo domain is not even selling a product or service itself. The typo domain makes its money from syndicated advertising such as Google's AdSense program. The typo-squatter simply parks the domain and the only content on the site ends up being the ads served from a syndicated advertising program..." more

FTC Issues Statement on Whois Databases

A recent statement released by the U.S. Federal Trade Commission emphasized that the Whois databases should be kept "open, transparent, and accessible," allowing agencies like the FTC to protect consumers and consumers to protect themselves: "In short, if ICANN restricts the use of Whois data to technical purposes only, it will greatly impair the FTC's ability to identify Internet malefactors quickly -- and ultimately stop perpetrators of fraud, spam, and spyware from infecting consumers' computers," the statement states." more

Phishing Moving to the Web Channel

Today we received one of the first phish attempts to be made as a web spam (comment spam/blog spam) attempt. I wasn't convinced, and thought that perhaps it was a way to gather and verify RELEVANT online identities. Someone put me straight. It's phishing. I've often in the past had run-ins with the good folks in the anti virus realm back between 1996 and 2005 who thought Trojan horses and then spyware were not part of their business. Years later the AV business people ruled it is part of their business and ran to catch up. Same with botnets. more

Conflict of Opinion

If a UDRP panelist believes domainers are the same thing as cybersquatters, is he fit to arbitrate? I came across an editorial on CNET today by Doug Isenberg, an attorney in Atlanta and founder of GigaLaw.com, and a domain name panelist for the World Intellectual Property Organization. The guest editorial focuses on Whois privacy and why it's imperative to maintain open access to registrant data for intellectual property and legal purposes. That's a common opinion I've read a million times. Nothing groundbreaking there. But then I was shocked to read that Isenberg generalizes domainers as cybersquatters: "Today, cybersquatters have rebranded themselves as 'domainers.' Popular blogs and news sites track their activities..." more

Topics

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API

Cybersecurity

Sponsored byVerisign

DNS

Sponsored byDNIB.com

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byRadix

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days

Most Viewed – Last 30 Days