The DNS system is, unfortunately, rife with holes like Swiss Cheese; man-in-the-middle attacks can easily negate the operation of TLS and website security. To resolve these problems, the IETF and the DNS community standardized a set of cryptographic extensions to cryptographically sign all DNS records... Now that these standards are in place, how heavily is DNSSEC being used in the wild? How much safer are we from man-in-the-middle attacks against TLS and other transport encryption mechanisms? more
The Washington Post had a good article up yesterday capturing comments issued by the United States military that it has the right to return fire when it comes to cyber attacks... This is an interesting point of view, and it extends from the United States's policy that if it is attacked using conventional weapons, it reserves the right to counter respond in kind. This has been a long accept precept governing US foreign military policy for generations. Yet cyber attacks are different for a couple of reasons... more
Domain name owners have traditionally complained that ICANN does not listen to us, and there is indeed plenty of evidence demonstrating the group’s obliviousness to community input. Nevertheless, as domain owners, we need to begin giving ourselves a share of blame too. It’s time to reflect on our failures so we can come up with an actionable solution... more
The media is filled with hyperbolic claims that "Our network is the fastest!" And there are many so-called "Speed Test" tools available on the Internet. Most are easily run in a web browser. Should you trust those tools? Not really. The popular speed testing tools provide a very narrow and limited measure of network "speed." It is quite possible that a network that is rated as "fast" could actually deliver poor results to many applications. Why is this so? more
ICANN's second level domain (SLD) blocking proposal includes a provision that a party may demonstrate that an SLD not in the initial sample set could cause "severe harm," and that SLD can potentially be blocked for a certain period of time. The extent to which that provision would need to be exercised remains to be determined. However, given the concerns outlined in Part 2 and Part 3 of this series, it seems likely that there could be many additions (and deletions!) from the blocked list given the lack of correlation between the DITL data and actual at-risk queries. more
Last year, around the same time, the release on the same day of two flagship reports on 'the Internet' had prompted me to write an article on CircleID entitled 'Connecting the Next 46 Percent: Time to Pick the Good From the Bad and the Ugly'. I was then prudently asking whether 'the more we connect the world, the less free it becomes?'. Who would have known that a pandemic would erupt a few months later, unveiling different perspectives in assessing that very same question? more
The Uniform Domain Name Dispute Resolution Policy now has seventeen years of history. A high percentage of disputes are indefensible and generally undefended. As the history lengthens, early registrants of dictionary word-, common phrase-, and arbitrary letter-domain names have been increasing challenged in two circumstances, namely by businesses who claim to have used the unregistered terms before respondents registered them and later by emerging businesses with no history prior to the registrations of the domain names. more
Unsubscribing from mailing lists is hard. How many times have you seen a message "please remove me from this list," followed by two or three more pointing out that the instructions are in the footer of every message, followed by three or four more asking people to not send their replies to the whole list (all sent to the whole list, of course,) perhaps with a final message by the list manager saying she's dealt with it? more
It's a wild election season here in the US. In the past few presidential elections, email has played a bigger and bigger role in messaging and fundraising. President Obama's campaign used email effectively, but sent huge volumes. In fact, the volume was so heavy, it led to a joke on the Daily Show... This year there is a stark difference in how the candidates are using email. more
Over the last few years, there has been an increased effort to modernize the U.S. electric grid. Building a "Smart Grid" has been central in the effort to help utilities better manage their resources, minimize power outages and reduce energy consumption. However, adding more electronic devices and sensors to the grid's network has made it a prime target of cyberattacks, like Distributed Denial of Service (DDoS) attacks, which if successful, could cause wide-spread disruption of services affecting many other sectors. more
Viviane Redding, the Information Society and Media Commissioner for the EC posted a video blog this week noting that the JPA between ICANN and the US Department of Commerce ends this September. In it she proposes that ICANN be overseen by a "G-12 for Internet Governance" with 12 geographically balanced government representatives from around the world. That's such a non-starter that I'm baffled that she would even propose it... more
If we were to apply themes to Internet governance world, the narrative for 2014-15 is definitely 'change'. The governance ecosystem is knee deep in the IANA transition, with a few meetings and teleconferences of the IANA Transition Coordinating Group behind us, and a ramping up of activity around ICANN accountability and governance. While the IANA transition and ICANN accountability processes are being conducted in parallel and independently, it's important to note that not only are they related, they are dependent on one another. more
Section 706 of the Telecommunications Act of 1996 orders the FCC to "encourage the deployment on a reasonable and timely basis of advanced telecommunications capability to all Americans." On October 25, The FCC issued a notice of inquiry (NOI) into how well we are doing and invited comments. The NOI points out that COVID and the concomitant increase in the use of interactive applications has "made it clear that broadband is no longer a luxury... more
Whenever I examine the technical elements of the various Internet security certifications and standards that organisations are clamouring to achieve compliance against, I can't help but feel that in too many cases those businesses are prioritising the wrong things and wasting valuable resources. They may as well be following a WWI field guide on how to keep cavalry horses nourished and bayonets polished in a world of stealth aircraft and dirty bombs. more
We now know what direction the FCC will take in reorganising the American telecoms market. For many years I have mentioned the rather bizarre situation in that country wherein broadband is not seen as a telecoms service but rather as an internet service, which is itself classified as providing content. Thanks to extensive lobbying from among the telcos (who also refer to themselves as ISPs) in the early days of the internet, back in the 1990s, the FCC accepted their unbelievable proposals. As a result, over the last 20 years or so the USA's telecom market has changed from being one of the most competitive among developed economies to what it is now: a market with hardly any fixed telecoms competition at all. more
Sponsored byCSC
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byWhoisXML API
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byRadix
A World-Renowned Source for Internet Developments. Serving Since 2002.