The great problem with ignorance is that it leads to disaster when one acts in the belief that he (and not infrequently a corporate "it") is invulnerable to error. The Uniform Domain Name Dispute Resolution Policy (UDRP) is fundamentally a straightforward rights protection mechanism, but as in all clearly written laws, ignorance of its application and of its evidentiary demands can (and generally does) lead to disaster. more
As more people get online every day, Internet Freedom is facing a global decline for the 7th year in a row. Today, Freedom House released their 2017 Freedom on the Net report, one of the most comprehensive assessments of countries' performance regarding online freedoms. The Internet Society is one of the supporters of this report. We think it brings solid and needed evidence-based data in an area that fundamentally impacts user trust. more
The recent news that Mozilla and Cloudflare are deploying their own DNS recursive resolver has once again raised hopes that users will enjoy improved privacy, since they can send DNS traffic encrypted to Cloudflare, rather than to their ISP. In this post, we explain why this approach only moves your private data from the ISP to (yet another) third party. You might trust that third party more than your ISP, but you still have to trust them. In this post, we present an alternative design -- Oblivious DNS -- that prevents you from having to make that choice at all. more
Two weeks ago I blogged about ICANN's astonishingly lucrative domain auctions. At that time, they'd raised $26.7 million. Now, two auctions later, they're up to about $33 million. Yesterday's two auctions were for .MLS and .BABY. The former, for those who aren't deep into the real estate biz, stands for Multiple Listing Service, the system that lets you list a house with one broker, and all the other brokers can sell it. more
The judge in E360 vs. Comcast filed his order yesterday (read previous postings here and here), and to put it mildly, he agreed with Comcast. It starts: "Plaintiff e360Insight, LLC is a marketer. It refers to itself as an Internet marketing company. Some, perhaps even a majority of people in this country, would call it a spammer." ...and from E360's viewpoint, goes downhill from there. more
DNSSEC is a mechanism where clients can verify the authenticity of the answers they receive from servers. There are two sides here. The server must supply signed answers, and the client must verify the signatures on those answers. The validation/verification side is widely implemented, but there are very few signed zones... However, if no one signs their zones, those validating resolvers don't have many signatures to check. more
Yesterday will go down in history as a bellwether moment. Few among us will soon forget the excitement of Obama's election. But there was an equally historic vote yesterday that for geeks, policy analysts, and technologists represents an entirely new trajectory in telecommunications. In essence, the FCC has begun the transition from command-and-control, single-user spectrum licensure to a more distributed system that holds the potential to eliminate the artificial scarcity that prevented widespread access to the public airwaves since 1927. more
I'd like to continue on in my review of the book Spam Kings (read part 1) and make some more comments, particularly regarding the antispammers. One thing that I really liked about the book is learning the history of some of the spam tools. I was never a participant on NANAE (news.admin.net-abuse.email; a USENET newsgroup which discusses e-mail spamming), that was before my antispam time. But I was intrigued by its history. People would gather together and discuss spammers and tools for stopping them, and sometimes spammers would stop by and the flame wars would ensue. more
Because DNS is such an omnipresent part of modern networking, it's easy to assume that functional DNS infrastructure can be left running with minimal adjustments and only needs to be investigated in the event of a malfunction. Yet there are small telltale signs that precede DNS issues -- and knowing what they are can help to prevent disruption before it happens. more
Last fall, I wrote about ICANN's failed effort to achieve its goal of preserving the Whois domain name registration directory to the fullest extent possible. I predicted that if the policy effort failed, governments would take up the legislative pen in order to fulfill the long-ignored needs of those combating domain name system harms. That forecast has now come true through significant regulatory actions in the United States and the European Union in the form of a proposed directive from the European Commission (EC) and instruction from the US Congress to the National Telecommunications and Information Administration (NTIA). more
Rod Beckstrom took over as ICANN President/CEO on July 1, 2009, so October 9th marked his 100th day in office -- and a good opportunity to examine the progress made by ICANN during his short tenure. ...to borrow an analogy from American football: when you have the ball in the Red Zone, you need to score touchdowns, not field goals. So far, under Rod's leadership, ICANN has moved down the field on a number of issues. In particular, ICANN scored a "touchdown heard round the world" by bringing the MoU/JPA to a successful conclusion. more
The Australian Signals Directorate (ASD) has issued a new set of guidelines warning about the security risks posed by the use of 5G technology in so-called Smart Cities. The ASD's concerns align with those of the Five Eyes security alliance, which has warned that the interconnected nature of a fully connected city makes it vulnerable to cyberattacks. more
Domain name abuse is one of the most dangerous and under-regulated issues in digital business security today. An attack on a web domain can lead to the redirection of a company's website, domain spoofing, phishing attacks, network breaches, and business email compromise (BEC). Domains used as a company's online world are part of an organization's external attack surface and need to be continuously monitored for cybercrime attacks and fraud. more
ICANN controls the "root" of the naming hierarchy, designating the operators and managers of the top-level domains, like ".com" and ".net" and ".uk." Since its founding in 1998, ICANN has operated under a "Joint Partnership Agreement" (JPA) with the U.S. Department of Commerce. The current extension of this agreement is set to expire on September 30 of this year. Some advocates say it's now time for the U.S. government to cut its ties and let ICANN stand on its own. That's not a good idea. more
As spearhead of the Yes2DotAfrica Campaign, I recently wrote a letter on behalf of DCA, to the Chairman of the United States Senate Committee on Commerce, Science & Transportation, Senator Jay Rockefeller which was also copied to other U.S. leaders and officials to express support for the present status quo on Global Internet Goverenance and a Reaffirmation of the Mult-stakeholder model. The full text of the letter is published in this post. more
Sponsored byVerisign
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byCSC
Sponsored byWhoisXML API
Sponsored byIPv4.Global
A World-Renowned Source for Internet Developments. Serving Since 2002.