One of the longstanding goals of network security design is to be able to prove that a system -- any system -- is secure. Designers would like to be able to show that a system, properly implemented and operated, meets its objectives for confidentiality, integrity, availability and other attributes against the variety of threats the system may encounter. A half century into the computing revolution, this goal remains elusive. more
As promised, 2016 is off to a busy start at ICANN, with important discussions about Whois/Registration Directory Services, subsequent rounds of the New gTLD Program and internet governance already underway, and more to come. Brand owner concerns will be front and center in the coming months, as community stakeholders set priorities and begin discussions of key challenges and desired results. more
It's been 15 long years since the standard for DNSSEC was developed and sadly adoption has been painfully low until recently, thanks to Dan Kaminsky, the infamous Internet Researcher who indentified that gaping hole in the DNS. The discovery of the fundamental flaw in DNS sparked industry wide attention! Every day, we move a little closer to widespread DNSSEC adoption, so I thought I'd take a moment and highlight some of the most notable milestones... more
ICANN's response to the European Union's Network and Information Security Directive (NIS2) is a litmus test on whether its policy processes can address the needs of all stakeholders, instead of only satisfying the needs of the domain industry. Early indications from the ICANN Hamburg meeting point to another disappointment for law enforcement, cybersecurity professionals, and the many businesses seeking to reinstate WHOIS as required by NIS2. more
In January 2007 we highlighted that the IPv4 allocation rate had increased significantly since early 2004. By 2006 it was clear that continued growth would see IPv4 exhaustion occur sometime between 2010 and 2015. In October 2010 we revisited the subject in the CircleID articled 'Graph Shows Decline of IPv4 Almost Linear'. ... Now, in January 2011, we are very close to the exhaustion of the IANA pool of IPv4 address space. more
When reading some of the nonsense constituting this initiative occurring in Washington, one wonders what planet the proponents live on. It is like peering through some perverse wormhole back to a 1990s Washington view of the world that saw “the internet” as some salvation for all the problems of humankind. For a world now focused on rolling out 5G virtualization infrastructure and content-based services and meshed devices, the challenges of cybersecurity and network-based harm to society, the initiative makes the U.S. Administration seem utterly out of touch with reality. Simply goofy. more
In most of Europe, mobile network operators (MNOs) have largely completed their 3G network roll outs. During the last year or two their focus has been on upgrading these networks with new technologies, including femtocell and, importantly, HSPA. Following trials expected to be held during 2010, LTE will soon be sufficiently advanced for commercial launches. This will provide significant opportunities for Europe's market for convergent services, adding a new platform for delivering a range of media... more
Every year M3AAWG gives an award for lifetime work in fighting abuse and making the Internet a better place. Yesterday at its Dublin meeting they awarded it to Rodney Joffe, who has been quietly working for over 20 years. I can't imagine anyone who deserves it more. more
A discussion is presently underway about the Uniform Rapid Suspension System (URS) (and in Phase 2 next year of the Uniform Domain Name Resolution Policy (UDRP)), whether it is performing as intended. The URS is less than five years old, and there are not an overwhelming number of decisions. Since 2013, rights holders have filed less than one thousand complaints (with three providers, the Forum being the most active), which translates into less than 170 decisions annually... more
How much phishing is there? Where is it occurring, and why? How can it be reduced? I and my colleagues at Interisle Consulting have just published a new study called Phishing Landscape 2020, designed to answer those questions. We assembled a deep set of data from four different, respected threat intelligence providers and enriched it with additional DNS data and investigation. The result is a look at phishing attacks that occurred in May through July 2020. more
Last week the European Network and Information Security Agency (ENISA), which assists the European Commission and its member states with network and information security issues, published its third Anti-Spam Measures Survey. The survey provides insight into how network operators in Europe are responding to the continued onslaught of email spam. more
Recently, the DNS has come under an extensive attack. The so-called "DNSpionage" campaigns have brought to light the myriad methods used to infiltrate networks. These attacks employed phishing, system hopping via key exfiltration, and software zero day exploits, illustrating that many secure networks may not be fully protected. more
The IGF has a tendency of slowly shifting from a place of a discussion about the way the world accesses information resources, into a place where only topics that make the headlines are being highlighted, with many of the same players being among the loudest speakers. We believe that due to cross-cultural reasons, these people are mainly coming from North America and Western Europe. We urge the IGF to allocate equal time for people from regions outside of those two. more
How do we help develop the next generation of champions for an open Internet? As many of us who were involved in the early years of the Internet are getting older, how do we help inspire a new wave of advocates for an open Internet available to everyone? As we face so many threats to "the Internet way" from many different forces - governments, corporations, criminals, and other organizations - how do we help build the corp of people who understand Internet technology and policy issues and can help shape the future of this Internet we have all come to rely on? more
The importance of engaging with all the necessary stakeholders in your .brand TLD and ensuring you have company-wide buy-in cannot be understated. But once you have all these players in a room together, what's next? Every brand launching its own TLD will move through the process differently. Unfortunately for those managing this project, there is no single, 'off-the-rack' strategy that will suit every .brand TLD's individual requirements. more
Sponsored byDNIB.com
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byCSC
Sponsored byRadix