Kim Zetter has a new story out describing a very serious attack. In fact, the implications are about as bad as possible. The attack has been dubbed ShadowHammer by Kaspersky Lab, which discovered it. Briefly, some crew of attackers -- I suspect an intelligence agency; more on that below -- has managed to abuse ASUS' update channel and private signing key to distribute bogus patches. more
In the year 2000, Mike wanted "d.com" for his company website. After all, if you sneaked around these so called "reserved domains" long enough, you might be puzzled to see...say this at "x.com" or this at "z.com" or perhaps this at "q.com". As mysterious as this is, you can imagine Mike's disappointment after receiving the following email... more
On the 6th June 2012 we held the World IPv6 Launch Day. Unlike the IPv6 event of the previous year, World IPv6 Day, where the aim was to switch on IPv6 on as many major online services as possible, the 2012 program was somewhat different. This time the effort was intended to encourage service providers to switch on IPv6 and leave it on. What has happened since then? Have we switched it on and left it on? What has changed in the world of IPv6 over the past 12 months? Who's been doing all the work? more
I have been thinking a lot about stewardship lately in my role as CEO of Tucows and how that relates to employees, a board of directors and investors. Where I've got to, which is not necessarily relevant for this post, is that stewardship needs to exist at EVERY level of a company and a life. With the recent dustup created by Verisign's new Sitefinder service it has crystallized for me what has always bothered me about the .com/.net registry and the way Verisign has approached it.
more
I spend most of my time teaching engineers in different countries how to plan and deploy IPv6 networks. Over the last two years, I have been speaking more and more to non-engineers. These are either technology executives who sense that they need to do something about this "IPv6" thing, or government IT leaders who want to understand what the problem is and more importantly, what they could do. The most impactful part of these these exchanges is when I get these managers to understand the implications of IPv4 address exhaustion to their organisations. more
The ICANN Board has approved the community recommendation that "the provision of Thick Whois services should become a requirement for all gTLD registries, both existing and future." We have long supported the migration from 'thin' to 'thick' Whois, which will improve both quality and ease of access to Whois data, thereby further facilitating intellectual property enforcement online. The ICANN community has debated the merits of migration from 'thin' to 'thick' Whois for years, as part of the larger Whois Review process. more
As we work on this final CircleID essay addressing the last four Articles in the UDHR, we explore how the UDHR provides the principles on which to build the rights and responsibilities of digital citizenship and bring integrity and trust to cyberspace and the Internet ecosystem. We reflect on what we have learned. For us, the authors of this series, we are reminded that trust in the processes of government, business entities, and society is central to the wellbeing of society, our communities, our families, and ourselves. more
It is just another phishing case. Why should I care? I happened to receive my own copy of the phishing email message. Most Internet users will just smile bitterly before deleting it. I checked it to see why it had gone through the spam filters. It had no URL in the text but a reply-to address. So it needed a valid domain name, and had one: postfinances.com. PostFinance (without trailing "s") is the payment system of the Swiss Post. It has millions of users. more
A good domain name can be difficult to find... in particular when the domain name extension is highly demanded. It is what is happening with the .CLUB new gTLD. Should your Registrar tell you that the desired domain name is not available, it is not necessarily true. Anybody involved in launching a website has to go through a search for a domain name, and most of the time, it begins with the following question: "is the .com available?". Most of the time the answer is: "no it is not". more
Like it or not, new gTLDs are here and they're here to stay. If it is still common to read that the ICANN new gTLD program was a failure and few users are using new domain names, numbers show the opposite. I recently read very rude critics addressed to new gTLD applicants but surprisingly, critics often come from ".com" investors and my understanding of this is that new domain names lower their margins ...since the domain name offer is now larger. more
We Internet users, who either own domain names or have an interest in the domain name system, wish to object to the VeriSign's Site Finder system. We believe that the system: 1) Breaks technical standards, by rewriting the expected error codes to instead point to VeriSign's pay-per-click web directory, and threatens the security and stability of the Internet; 2) Breaks technical standards affecting email services, and other Internet systems... more
Today's ever-evolving, digital world has fundamentally changed, enhanced and challenged the way in which businesses all over the world must operate. For organizations and professions that have existed for centuries, this has created the opportunity and the test of adapting to change to remain successful and relevant. The National Association of Boards of Pharmacy (NABP) was founded in 1904, at a time when there was little uniformity in the practice of, or standards for pharmacy. more
359,000 computers infected, dozens of nations affected world-wide! A worm exploiting a Windows OS vulnerability that looks to the network for more computers to infect! This is the most pernicious, evil, dangerous attack, ever... Queue the gnashing of teeth and hand-wringing! Wait, what? WannaCry isn't unprecedented! Why would any professional in the field think so? I'm talking about Code Red, and it happened in July, 2001. more
Cindy's piece on the EFF website seems to be a bit of a pastiche, with elements taken out of various articles (some outright wrong, some merely misinformed) that have been doing the rounds of the media for quite a while now about Goodmail. She started off comparing AOL and Goodmail with the old email hoax about congress taxing email. That same line was used in a CircleID post by Matt Blumberg, CEO & Chairman of Returnpath... Various other quotes from different places - Richard Cox from Spamhaus on CNN for example. However a lot of the quotes in those articles are being based on wrong or out of context assumptions, starting with one that goes "AOL is going to remove all its existing whitelists and force people to use Goodmail". more
Network Address Translation has often been described as an unfortunate aberration in the evolution of the Internet, and one that will be expunged with the completion of the transition of IPv6. I think that this view, which appears to form part of today's conventional wisdom about the Internet unnecessarily vilifies NATs. In my opinion, NATs are far from being an aberration, and instead, I see them as an informative step in the evolution of the Internet, particularly as they relate to possibilities in the evolution of name-based networking. Here's why. more
Sponsored byWhoisXML API
Sponsored byRadix
Sponsored byDNIB.com
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byCSC
Sponsored byVerisign