Oblivious DNS: Plugging the Internet’s Biggest Privacy Hole

The recent news that Mozilla and Cloudflare are deploying their own DNS recursive resolver has once again raised hopes that users will enjoy improved privacy, since they can send DNS traffic encrypted to Cloudflare, rather than to their ISP. In this post, we explain why this approach only moves your private data from the ISP to (yet another) third party. You might trust that third party more than your ISP, but you still have to trust them. In this post, we present an alternative design -- Oblivious DNS -- that prevents you from having to make that choice at all. more

ICANN Cannot Expect the DPAs to Re-Design WHOIS, but Asking for a Reprieve Makes Sense

We are on the brink of the most serious threat to the open and public Internet for decades. ICANN, under pressure from domain name registrars and EU data protection authorities, has proposed an "interim" plan that will hide critical information in WHOIS. Security, threat intelligence, and anti-abuse professionals rely on WHOIS to track down bad guys and keep the Internet as safe and secure as possible. more

Security, Standards, and IoT: Will Connected Devices Flourish Under Prescriptive Regimes?

Security for Internet-connected devices, the "Internet of Things" (IoT), is critically important. Now, more than ever, it is top of mind for device manufacturers, network operators, consumer advocates, lawmakers, and government regulators -- domestically and internationally. In the face of recent attacks, government authorities and consumer advocates have proposed legislation, frameworks, certifications, and labeling schemes. more

European Commission Killing Off Thousands of EU Domains Due to Brexit

After the Brexit vote, I wrote that there could be an impact on EU registrants based in the UK. Over the past year, the UK government has been engaged in negotiations with the EU to navigate the application of Article 50 and the UK's exit from the European Union. While there has been a lot of focus on issues like the customs union and the border between Ireland and Northern Ireland, the eventual departure of the UK from the EU will have a tangible impact on the European digital economy. more

Connectivity as a Vital Consumer Service

Having Comcast et al provide Internet connectivity is like having your barber do surgery because he knows how to use a knife. I was reminded of this when my Comcast connection failed. This is part of the larger topic of consumerization. In the past, we were happy to have products that worked at all. I grew up in the world of consumer products and got my start in software building online services meant for use by non-experts. more

Leveraging Trademark Data to Drive Domain Name Strategy

For years, corporate domain name portfolio managers have struggled with determining whether or not their portfolios were the "right" size. Managers of mature domain name portfolios have often felt that their portfolios were bloated, containing domains that were no longer needed. Conversely, domain managers of newer portfolios have sometimes known that gaps existed. Regardless, the question remains -- just how many domains should a corporate portfolio contain? more

Just One Bit

I'm never surprised by the ability of an IETF Working Group to obsess over what to any outside observer would appear to be a completely trivial matter. Even so, I was impressed to see a large-scale discussion emerge over a single bit in a transport protocol being standardized by the IETF. Is this an example of a severe overload of obsessive-compulsive behaviour? Or does this single bit represent a major point of design principle... more

Crypto War III: Assurance

For decades, academics and technologists have sparred with the government over access to crypographic technology. In the 1970s, when crypto started to become an academic discipline, the NSA was worried, fearing that they'd lose the ability to read other countries' traffic. And they acted. For example, they exerted pressure to weaken DES... The Second Crypto War, in the 1990s, is better known today, with the battles over the Clipper Chip, export rules, etc. more

Cuba’s Mobile-Internet Strategy?

This post is speculative, but I think Cuba may use satellite for 3G backhaul and, when the technologies are ready, leapfrog over 4G to 5G mobile connectivity and next-generation satellite. ETECSA began rolling out 3G connectivity for Cubans about a year ago and a few things have led me to believe they will continue... But, could they provide widespread 3G mobile? Doing so would require more base stations and more backhaul from those base stations to the Intenet. more

The Recent and Rapid Evolution of DDoS Attacks

In October of 2016 the Mirai botnet came thundering onto the internet landscape. A digital Godzilla, a DDoS King Kong, this Internet of Things-powered behemoth began smashing DDoS attack records, online powerhouses like Reddit, Etsy, Spotify, CNN and the New York Times crumbling under its fists. When the dust had settled, and services had been restored, one thing seemed certain: a new era of DDoS attacks was upon us. Mirai was terrifying as a botnet but even worse as a harbinger. more