Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Are file inclusion vulnerabilitiess equivalent to remote code execution? Are servers (both Linux and Windows) now the lower hanging fruit rather than desktop systems? In the February edition of the Virus Bulletin magazine, we (Kfir Damari, Noam Rathaus and Gadi Evron (me) of Beyond Security) wrote an article on cross platform web server malware and their massive use as botnets, spam bots and generally as attack platforms. Web security papers deal mostly with secure coding and application security. In this paper we describe how these are taken to the next level with live attacks and operational problems service providers deal with daily. more
As I've written before, the Uniform Rapid Suspension System (URS) - the domain name dispute policy applicable to the new generic top-level domains (gTLDs) - is just not catching on. Whether because of its limited suspension remedy, high burden of proof or other reasons, the URS remains unpopular among trademark owners. However, there's one interesting use to which the URS can be put. more
Have you ever thought of how reputation is created in cyberspace? Beth Noveck wrote an article, 'Trademark Law and the Social Construction of Trust: Creating the Legal Framework for On-Line Identity' in which she argues that, to determine what rules should govern on-line identity, we should look to trademark law, which has the best set of rules to deal with the way reputation is created in cyberspace. more
Earlier this week Verisign sponsored a two day conference on name collisions in the DNS. Despite the very short time frame in which it was organized, only a month from announcement to meeting, there were some very good presentations. I'll just hit some highlights here; all of the papers and slides are on their web site at namecollisions.net. Sunday morning started with a keynote by Bruce Schneier, who is not a DNS expert (and doesn't claim to be) but had some interesting observations on names in general. more
The essay describes six groups of gTLD performance indicators: (1) the presence of a secondary market; (2) uses of second-level domain names; (3) the identity of the owners of parked and not-in-use domain names; (4) domain name renewals; (5) the market size of the supporting complementary assets; and (6) the character of the person in charge of a given registry. A time-trend of these indicators would convey any price inefficiencies and bubbles, and the health of the industry. more
Do you recall when you were a kid and you experienced for the first time an unnatural event where some other kid "stole" your name and their parents were now calling their child by your name, causing much confusion for all on the playground? And how this all made things even more complicated - or at least unnecessarily complex when you and that kid shared a classroom and teacher, or street, or coach and team, and just perhaps that kid even had the same surname as you, amplifying the issue! What you were experiencing was a naming collision (in meatspace). more
Sixty years ago, Paul Baran and Sharla Boehm at The RAND Corporation released a seminal paper that would fundamentally reshape the cyber world forever more. Their paper, simply known as Memorandum RM -- 1303, described how specialized computers could be used to route digital communications among a distributed universe of other computers. It set the stage for a flood of endless developments that resulted in the interconnected world of everything, everywhere, all the time. more
I still run across articles that extol the supposed wonders of 5G. The most recent, published in Gizmodo asks "How 5G Could Replace Your Home Broadband Connection". I was surprised to see an article like this in a tech-oriented site because the article gets most of the facts wrong about 5G - facts that are not hard to verify. This article talks about 5G having "faster download speeds, faster upload speeds, more bandwidth, and lower latency" than landline broadband. more
The global internet, from the perspective of its billions of users, has often been envisioned as a cloud -- a shapeless structure that connects users to applications and to one another, with the internal details left up to the infrastructure operators inside. From the perspective of the infrastructure operators, however, the global internet is a network of networks. It's a complex set of connections among network operators, application platforms, content providers and other parties. more
ICANN is currently analyzing technical and policy implications regarding the introduction of Internationalized Top-Level Domains into the root. This is an important step in the continued evolution of the Internet by enabling language communities of the world that write non-Latin and extended Latin scripts to utilize their languages on the Internet... While the IDNC Working Group (IDNC) has made constructive progress on proposing a framework for the introduction of an initial set of IDN TLDs, the approach taken by the IDNC from a legal perspective is fundamentally flawed. more
The information in WHOIS database is very important to Law Enforcement Agencies, Intellectual Property Owners, and all Internet Users in general, who use this data to locate/contact domain name owners for various purposes including but not limited to enforcing laws or addressing grievances related to cybercrime and other cases of DNS abuse like Spam, Phishing, Malware etc. However, Privacy and Proxy Services are also available for many Top Level Domain Registries... more
This is a letter sent from the European Federation of Origin Wines (EFOW) to the courteous attention of Dr Steve Crocker, Chair of the ICANN Board , Mr Cherine Chalaby, Chair of the new gTLD Program Committee Board, Mr Fadi Chehadé, CEO of ICANN and Mr Akram Atallah, COO of ICANN. This letter, sent by its President Riccardo Ricci Curbastro, was sent today to ICANN and is entitled "ICANN initiatives for the attribution of new generic top-level Internet domains -- PDO and PGI wines' concerns". more
It is remarkable? - ?for all the wrong reasons? - ?that only two months remain before the National Telecommunications and Information Administration (NTIA) must make a fateful decision on how it will address its' long-standing Cooperative Agreement with Verisign? - ?the private-sector corporation that edits the authoritative address book of the Internet's Domain Name System (DNS), maintains two of the DNS root servers, and operates the .com and .net registries of the Internet, undoubtedly one of the most lucrative concessions ever granted. more
At its meeting in Durban, ICANN signed contracts with the applicants for four new top level domains. The new domains are ????, which means "web" in Arabic, ?????? and ????, which mean "online" and "site" in Russian, and ??, which means "game" in Chinese. They should give us an interesting hint about the future of the new TLDs, because all four are utterly, totally, generic. more
I've posted to SSRN my paper on why most telecom companies, even though they operate networks, don't appreciate the fundamental business dynamics of network structures. This will be a chapter in a book Wharton is publishing on network-based strategies and competencies. In the paper, I describe two views on telecom and Internet infrastructure... more
Sponsored byRadix
Sponsored byWhoisXML API
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byCSC
Sponsored byVerisign
A World-Renowned Source for Internet Developments. Serving Since 2002.