When reading some of the nonsense constituting this initiative occurring in Washington, one wonders what planet the proponents live on. It is like peering through some perverse wormhole back to a 1990s Washington view of the world that saw “the internet” as some salvation for all the problems of humankind. For a world now focused on rolling out 5G virtualization infrastructure and content-based services and meshed devices, the challenges of cybersecurity and network-based harm to society, the initiative makes the U.S. Administration seem utterly out of touch with reality. Simply goofy. more
It is not surprising that the phase 1 review of domain name rights protection mechanisms is delayed, but it is a bit of a surprise that in responding to a question posed in 2020, business executives and their lawyers replied with answers first offered and rejected five years earlier. In that time before COVID-19, the launch of the Vox Populi Registry and its dotSucks domain names drew quite a lot of attention. more
The new year has only just begun, but the work of ICANN's Expedited Policy Development Process for gTLD Registration Data (EPDP for short) is already in full swing. The team just wrapped up several days of meetings in Toronto and I thought it would be a good time for an update on where we are in the process. Before I go any further, I would be remiss if I didn't again take the opportunity to thank the ICANN team supporting our efforts. more
A discussion is presently underway about the Uniform Rapid Suspension System (URS) (and in Phase 2 next year of the Uniform Domain Name Resolution Policy (UDRP)), whether it is performing as intended. The URS is less than five years old, and there are not an overwhelming number of decisions. Since 2013, rights holders have filed less than one thousand complaints (with three providers, the Forum being the most active), which translates into less than 170 decisions annually... more
The new TLD program was a long time coming and now we have over 600 options for domain name endings, with more on the way. It made sense to a lot of people that options other than the already crowded .com space were needed but did we really envisage the plethora of ultimately "similar" TLDs that would rise from the ICANN process? more
I received a spam message the other day that went to my Junk Mail Folder. I decided to take a look at it and dissect it piece by piece. It really is amazing to see how spam crosses so many international borders and exploits so many different machines. Spammers have their own globally redundant infrastructure and it highlights the difficulties people have in combating the problem of it. more
Last month, for the 20th anniversary of Y2K, I was asked about my experiences. (Short answer: there really was a serious potential problem, but disaster was averted by a lot of hard work by a lot of unsung programmers.) I joked that, per this T-shirt I got from a friend, the real problem would be on January 19, 2038, and 03:14:08 GMT. Why might that date be such a problem? On Unix-derived systems, including Linux and MacOS, time is stored internally as the number of seconds since... more
One of the longstanding goals of network security design is to be able to prove that a system -- any system -- is secure. Designers would like to be able to show that a system, properly implemented and operated, meets its objectives for confidentiality, integrity, availability and other attributes against the variety of threats the system may encounter. A half century into the computing revolution, this goal remains elusive. more
If you are a cloud provider, whether you are pure play or an internal IT department, it is very interesting to know who is buying cloud services, and why. In a recent survey by PB7 sponsored by EuroCloud Netherlands and others, a group of Dutch companies was interviewed about their motivations and hesitations around cloud computing. The survey's results were quite a bit more interesting than the usual lot. In this article I have cherry picked a few observations from the larger survey. more
A number of security predictions have been doing the rounds over the last few weeks, so I decided to put pen to paper and write a list of my own. However, I have a quite a few predictions so I have listed them over several blog posts. After all, I didn't want to bombard you with too much information in one go! Part three examines the threats associated with data breaches. more
People are growing increasingly alarmed by recent examples of bad actors abusing proxy services offered by registrars. While proxy services are designed to protect the privacy of legitimate domain name users - they do the opposite when abused by cybercriminals. Responsible Proxy providers play a key role in mitigating abuse. When they don't act responsibly - it's clear they contribute to the problem. more
The two major providers of arbitration services for adjudicating cybersquatting complaints under the Uniform Domain Name Dispute Resolution Policy (UDRP), the World Intellectual Property Organization (WIPO) and Forum, issue daily lists of decisions. In approximately 90% of those disputes, the registrations cannot be described as anything less than mischievous in acquiring second level domains incorporating well-known or famous marks. more
In January 2007 we highlighted that the IPv4 allocation rate had increased significantly since early 2004. By 2006 it was clear that continued growth would see IPv4 exhaustion occur sometime between 2010 and 2015. In October 2010 we revisited the subject in the CircleID articled 'Graph Shows Decline of IPv4 Almost Linear'. ... Now, in January 2011, we are very close to the exhaustion of the IANA pool of IPv4 address space. more
The cloud computing scandal of the week is looking like being the catastrophic loss of millions of Sidekick users' data. This is an unfortunate and completely avoidable event that Microsoft's Danger subsidiary and T-Mobile (along with the rest of the cloud computing community) will surely very soon come to regret. There's plenty of theories as to what went wrong -- the most credible being that a SAN upgrade was botched, possibly by a large outsourcing contractor, and that no backups were taken... more
ASOP (Alliance for Safe Online Pharmacies) is often seen as taking a rather confrontational stance towards domain name registrars, registries and hosting providers. However both ASOP and others, including LegitScript, often cite the assistance they've received from internet industry players in their work. This year ASOP has decided to take this a step further... more
Sponsored byRadix
Sponsored byWhoisXML API
Sponsored byCSC
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byDNIB.com
A World-Renowned Source for Internet Developments. Serving Since 2002.