In follow-up to recent announcement on the release of the latest edition of the very popular DNS and BIND book -- often referred to as the bible of DNS -- CircleID has caught up with Cricket Liu, co-author and a world renowned authority on the Domain Name System. In this interview, Cricket Liu talks about emerging issues around DNS such as security and IPv6 support, and important new features such as internationalized domain names, ENUM (electronic numbering), and SPF (the Sender Policy Framework). "Cricket Liu: We're now seeing more frequent attacks against DNS infrastructure. ...Turns out that name servers are terrific amplifiers -- you can get an amplification factor of nearly 100x. These attacks have raised awareness of the vulnerability of Internet name servers, which is possibly the only positive result..." more
I have discovered that VeriSign's SiteFinder service breaks Microsoft's Outlook and Microsoft's Outlook Express email readers as well as many of the standard Windows Networking Utilities by providing misleading error messages, temporary lockups, and incorrect status information. more
In early 2012, in order to promote Choice, Competition and Innovation, ICANN opened its doors to allow organizations to apply for new Top Level Domains. In spite of a complex and costly application process, ICANN received a very large number of applications: In total, 1,930 applications were received, of which 675 were brands applying for a closed new gTLD, a dot brand. more
Last week Sen. Snowe filed bill S.2661, the Anti-Phishing Consumer Protection Act of 2008, or APCPA. While its goals are laudable, I have my doubts about some of the details. The first substantive section of the bill, Section 3, makes various phishy activities more illegal than they are now in its first two subsections. It makes it specifically illegal to solicit identifying information from a computer under false pretenses, and to use a domain name that is deceptively similar to someone else's brand or name on the web in e-mail or IM to mislead people... more
Mobile WiMAX, with the release of 2×2 MIMO chips in 2008, gives WiMAX a lead of two or so years on its major competitor -- the 3GPP's LTE. However, 3G cellphones using 3GPP UMTS technologies, extended to higher speeds with HSPA, is widely used in handsets in many countries. In North America, 3GPP2 CDMA2000 and EV-DO are widely used, but these are likely to be replaced over time by LTE and to some extent WiMAX. more
It's no surprise that Google has been sued again for trademark infringement, but the basis of this lawsuit is surprising. Rather than another lawsuit over the sale of trademarked keywords to deliver ads (along the lines of the GEICO, American Blinds, Rescuecom and JTH Tax cases, or the dozens of international lawsuits), this lawsuit is based on a Blogspot blog URL. Because of its comparative novelty, this lawsuit raises some complex and unsettled legal issues. more
A lot of spam uses fake return addresses. So back around 2000 it occurred to someone that if there were a way to validate the return addresses in mail, they could reject the stuff with bad return addresses. A straightforward way to do that is a callout, doing a partial mail transaction to see if the putative sender's mail server accepts mail to that address. This approach was popular for a few years, but due to its combination of ineffectiveness and abusiveness, it's now used only by small mail systems whose managers don't know any better. What's wrong with it? more
More than 200 leaders from government, business and civil society attended the Global Forum on Internet Governance, held on 25 and 26 March 2004 and organized by the United Nations Information and Communication Technologies (ICT) Task Force. The forum, held at United Nations Headquarters in New York, was intended, according to a UN press release, "to contribute to worldwide consultations to prepare the ground to a future Working Group on Internet Governance to be established by Secretary-General Kofi Annan, which is to report to the second phase of the World Summit on the Information Society (Tunis, 2005)". more
Last week ETECSA began offering 3G mobile access to Cuba's national intranet and the global Internet and President Diaz-Canal tweeted the news. His tweet has received 216 comments so far and reading through them, many are effusively positive... Others were critical, noting that the prices are high relative to Cuban incomes (one said "absurd") and the technology is obsolete -- "Congratulations, but they're 20 years late." more
The first salvo on NANOG this morning in response to the launch of OpenDNS was a predictable lambasting along the lines of "here comes SiteFinder II". Fortunately the follow-ups were quick to point out that OpenDNS was a far cry from SiteFinder for the obvious reason that people have the choice to use it, nobody had a choice with SiteFinder. ...the real magic here can come from it's use in phishing mitigation. more
For the last couple years the domain aftermarket has been hot again, we're seeing valuations not seen since bubble1.0, which saw valuations like 7 million dollars for business.com and 4 million for drugs.com. The TechWreck was induced by the NASDAQ crash of 2000 and the fun was over for awhile. What differentiates this bubble in the domain aftermarket from Bubble 1.0 is domain parking and monetization... The interesting thing is since then, the multiples on domain names have outstripped the multiples on developed websites. To me, this is the equivalent of the "inverted yield curve" that portends economic recessions. more
As an alternative to the creation of the .XXX TLD, ICANN/IANA can assign special port numbers that can be used to label adult content. IANA assigns port numbers as part of its duties. For example, port 80 is reserved for the HTTP protocol (i.e. the World Wide Web). Port 443 is reserved for the HTTPS protocol (SSL-secure version of HTTP). Port 23 is for Telnet, port 25 is for SMTP, and so on. One can see the full list at here... In a real sense, the IANA port assignments are just suggestions to the world as to what to expect on certain ports, whether it be a mail server, WHOIS, FTP, POP email or any other service/protocol. more
There's a lot of argument as to which "anti-spam" techniques are legitimately so called. In this article, I'd like to consider what constitutes an anti-spam technique in an ideal sense, then consider the various practiced approaches to spam mitigation in that light, drawing conclusions as to how we should frame the "anti-spam" discussion. ...For the purposes of this discussion, let "spam" refer to "unsolicited bulk email". Not everyone agrees on this definition, but it's by far the most widely accepted, and without a working definition we won't be able to define "anti-spam"... more
As security breaches increasingly make headlines, thousands of Internet security companies are chasing tens of billions of dollars in potential revenue. While we, the authors, are employees of Internet security companies and are happy for the opportunity to sell more products and services, we are alarmed at the kind of subversive untruths that vendor "spin doctors" are using to draw well-intentioned customers to their doors. Constructive criticism is sometimes necessarily harsh, and some might find the following just that, harsh. But we think it's important that organizations take a "buyers beware" approach to securing their business. more
Registration of .Pro domains has descended into shambles as the Registry responsible for their administration has allowed a flood of domain registrations which appear to be in breach of the strict rules restricting who can register a .pro domain and the certified credentials required before any such domain can work. more
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byVerisign
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byWhoisXML API
Sponsored byRadix