Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
The recent huge security breach at Sony caps a bad year for big companies, with breaches at Target, Apple, Home Depot, P.F.Changs, Neiman Marcus, and no doubt other companies who haven't admitted it yet. Is this the new normal? Is there any hope for our private data? I'm not sure, but here are three observations... This week Brian Krebs reported on several thousand Hypercom credit card terminals that all stopped working last Sunday. Had they all been hacked? more
I go back to the International Forum on the White Paper (IFWP). (Like Jeff, I was very young.) The Department of Commerce had just issued the White Paper, and there was a proposal that we pass control of the critical Internet identifiers to a new not-for-profit corporation with a bottom-up Multistakeholder way of making policy and an international board of directors. more
It makes me cringe when I hear operators or security practitioners say, "I don't care who the attacker is, I just want them to stop." I would like to believe that we have matured past this idea as a security community, but I still find this line of thinking prevalent across many organizations -- regardless of their cyber threat operation's maturity level. Attribution is important, and we as Cyber Threat Intelligence (CTI) professionals, need to do a better job explaining across all lines of business and security operations... more
Building on my last article about Network Assessments, let's take a closer look at vulnerability assessments. (Because entire books have been written on conducting vulnerability assessments, this article is only a high level overview.) What is a vulnerability assessment? more
The Messaging Anti-Abuse Working Group (MAAWG), of which Return Path (my employer) is a very active participant, met recently in Heidelberg, Germany. Among other exciting projects, they finished two new best practices documents which have been lauded in the press as a big step towards stopping botnet spam... more
One of the good things about participating in the meetings of the UN Broadband Commission for Digital Development is seeing the amazing impact our industry has on the daily lives of literally billions of people. While everybody - including us - is talking about healthcare, education and the great applications that are becoming available in these sectors, the real revolution is taking place at a much lower level. more
An article appeared in Computer World that alleges: in exchange for the Indian market presence" mobile device manufacturers, including RIM, Nokia, and Apple (collectively defined in the document as RINOA) have agreed to provide backdoor access on their devices. Could it be true that Nokia, RIM and Apple opened up to Government interception? more
With the strong possibility of a new Netmundial-style event being organized under the stewardship of CGI.br in 2024, the Internet governance community ought to reflect upon the benefits that this could bring to all stakeholders. In a scenario of uncertainty over the several processes affecting the future of the global network, there is value in taking another look at the original event's collaborative outcomes document, which summarized much of what was then understood to be core principles of Internet governance. more
On his blog Bruce Schneier recently published a post called "Power and the Internet". An article that most people in the western world will agree with. Internet freedom against Internet safety and security, the powerful have a lot of power to wield and the rest is at best ad hoc organised or fairly powerless lobby organisations. So who is likely to win? Vested interests, he warns. more
On February 26 of this year the Federal Communications Commission (FCC) of the United States will vote on a proposed new ruling on the issue of "Network Neutrality" in the United States, bringing into force a new round of measures that are intended to prevent certain access providers from deliberately differentiating service responses on the carriage services that they provide. more
Are you interested in being a representative of the "technical community" to the "Global Multistakeholder Meeting on the Future of Internet Governance" happening in April 2014 in Brazil? Or would you like to represent the technical community on the "1net Steering Committee" that is guiding the future of the 1net initiative? If so, THE DEADLINE IS TOMORROW, Friday, January 10, 2014, to submit your expression of interest in being considered for a role on those committees. more
Given that I've written here about the original call for papers for the W3C/IAB "Strengthening The Internet Against Pervasive Monitoring (STRINT)" Workshop and then subsequently that the STRINT submitted papers were publicly available, I feel compelled to close the loop and note that a report about the STRINT workshop has been publicly published as an Internet-draft. more
All round the world we are seeing massive social changes in the way people interact with their leaders and with their political elite. In many cases governments and politicians seem to be behaving as though they are immune to the changes that are following on from these new grassroots-based democratic processes. They often do mention reforms and recommend reforms, but there is an equal need for them to transform their own sector and their own way of conducting politics and government. This applies to both the political leaders in developed and the developing economies. more
In the debate over government "exceptional access" to encrypted communications, opponents with a technical bent (and that includes me) have said that it won't work: that such a scheme would inevitably lead to security problems. The response -- from the policy side, not from technical folk - has been to assert that perhaps more effort would suffice. FBI Director James Comey has said, "But my reaction to that is: I'm not sure they've really tried." Hillary Clinton wants a "Manhattan-like project, something that would bring the government and the tech communities together". More effort won't solve the problem - but the misunderstanding lies at the heart of why exceptional access is so hard. more
Having trademarks (registered or unregistered) is the prerequisite for maintaining a UDRP, but having one is not conclusive of either Respondent’s lack of rights or legitimate interests or that it registered and is using the domain name in bad faith. The cautionary tale in many of these cases, especially for the Complainant who has the burden of proof, is that it has to satisfy each of the elements in the three subsections... more
Sponsored byVerisign
Sponsored byDNIB.com
Sponsored byRadix
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byCSC
A World-Renowned Source for Internet Developments. Serving Since 2002.