Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
In my last article, I described efforts underway to standardize new cryptographic algorithms that are designed to be less vulnerable to potential future advances in quantum computing. I also reviewed operational challenges to be considered when adding new algorithms to the DNS Security Extensions (DNSSEC). In this post, I'll look at hash-based signatures, a family of post-quantum algorithms that could be a good match for DNSSEC from the perspective of infrastructure stability. more
Two weeks ago, the Federal Trade Commission held a summit on e-mail authentication in Washington, DC; the community of people who handle bulk mail came together and agreed on standards and processes that should help reduce the proliferation of spoofed mail and fraudulent offers. This was a big, collective step in the right direction. But e-mail sender authentication alone won't solve the Net's fraud and phishing problems - nor will any single thing. It requires a web of accountability among a broad range of players. Yet this week there's another meeting, in Cape Town, South Africa, that could make even more of a difference...but it probably won't. more
A recent statement released by the U.S. Federal Trade Commission emphasized that the Whois databases should be kept "open, transparent, and accessible," allowing agencies like the FTC to protect consumers and consumers to protect themselves: "In short, if ICANN restricts the use of Whois data to technical purposes only, it will greatly impair the FTC's ability to identify Internet malefactors quickly -- and ultimately stop perpetrators of fraud, spam, and spyware from infecting consumers' computers," the statement states." more
A lot of the people are planning to attend the .nxt conference next month ask me to point out the benefits of new Top-Level Domains (TLDs), and today gave me a fantastic opportunity... If you are thinking of applying for a new TLD and haven't been paying attention to the latest happening with .JOBS, maybe you should be. Though .JOBS has been a bit of a quiet TLD, they've been a favorite of mine because of the specific focus of the extension. more
The Internet Commerce Association (ICA) has posted a position paper and analysis of S. 2661, introduced on 2/25/08 in the US Senate. While we are firmly opposed to phishing and other criminal activities that may utilize domain names we are very concerned about the provisions of the proposal that appear to provide trademark owners with a means to avoid both UDRP and ACPA actions and alternatively bring private claims against domain names with a lower burden of proof and the potential for far higher monetary damages, without even requiring an allegation that the DN was in any way being utilized in a phishing scheme... more
The threat landscape has rapidly expanded over the past few years, and shows no signs of contracting. With major establishments in both the public and private sectors falling victim to cyber-attacks, it is critical for organizations to identify the motivations, modus operandi (MO) and objectives of adversaries in order to adequately and effectively defend their networks. Understanding the taxonomy of cyber-attacks is the first step in preparing an organization against exposure to them. more
Great article by the BBC about email vs. mobile apps in China -- and why email is losing out to the most popular apps. It's important for Westerners such as myself to remember that most of the world did not first interact with the Internet via desktop computer. In most emerging markets, people leapfrogged computers altogether on their way to using mobile apps. more
Reported in the Washington Post no less: "Dell Takes Cybersquatters to Court". As reported a few weeks ago, this is a very thorough action targeting certain practices and practitioners... I'm surprised a suit this thorough didn't name Google as a co-defendant. Then again, maybe it's not that surprising because Google offers a well liked product, has a lot more money; and a search partnership with Dell that allows Dell to share in the profit when its users engage in "right of the dot" typosquatting on Dell keyboards. It's funny, because one day, Dell could find itself on the defendant's side of the courtroom... more
This week two major transoceanic cables experienced outages that may last several days. The outages provide a reminder that several Internet bottlenecks exist where these cables make landfall. When one thinks of bottlenecks in telecommunications the first and last mile come to mind. Yet equally vulnerable are the last few 1000 feet of submarine cable links. more
Isn't security as important to discuss as .XSS? The DNS has become an abuse infrastructure, it is no longer just a functional infrastructure. It is not being used by malware, phishing and other Bad Things [TM], it facilitates them. Operational needs require the policy and governance folks to start taking notice. It's high time security got where it needs to be on the agenda, not just because it is important to consider security, but rather because lack of security controls made it a necessity. more
Back in January, bulk mailer E360 filed a suit against giant cable ISP Comcast. This week Comcast responded with a withering response... Their memorandum of law wastes no time getting down to business: "Plaintiff is a spammer who refers to itself as a "internet marketing company," and is in the business of sending email solicitations and advertisements to millions of Internet users, including many of Comcast's subscribers." Comcast's analysis is similar to but even stronger than the one I made in January... more
Speculation in one form of another has an ancient and honorable history. It not only creates entrepreneurial activity but fuels markets for selling wares and offering services, but also generates competition for consumers and wars over loyalty. The commercialization of the Internet in the 1990s, which extended market activity into virtual (cyber) space, has many of the virtues of the actual but also its vices: cheating and fraud, and other skullduggery. more
The paragraph 4(c)(iii) safe harbors of the Uniform Domain Name Dispute Resolution Policy are construed from a five word phrase, "legitimate noncommercial or fair use." "Noncommercial" like "identical" in paragraph 4(a)(i) has a defined meaning; it does not include domain names inactively held (for any alleged purpose), although non-use is not necessarily fatal to rights or legitimate interests. "Fair use" has a larger canvass; it includes nominative (commercial) use that is fair and Constitutionally protected speech. more
Last December, State-owned China Aerospace Science and Industry Corporation (CASIC) launched the first experimental Hongyun (rainbow cloud) Project satellite, and they began testing it in March. The 247 kg test satellite is in orbit at an altitude of around 1,100 km, and they plan to launch four more test satellites this year and begin operating with a 156-satellite constellation in 2022. more
An industry professional at Abusix is the backbone behind a proposal to improve and create better mitigation of abuse across different global internet networks. Basically, this introduces a mandatory "abuse contact" field for objects in global Whois databases. This provides a more efficient way for abuse reports to reach the correct network contact. Personally - as a Postmaster for a leading, white-label ISP, I applaud this with great happiness for multiple reasons. I also feel people who handle abuse desks, anti-abuse roles, etc. should closely follow this. more
Sponsored byIPv4.Global
Sponsored byRadix
Sponsored byVerisign
Sponsored byCSC
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byDNIB.com
A World-Renowned Source for Internet Developments. Serving Since 2002.