If It Doesn’t Exist, It Can’t Be Abused

A number of outlets have reported that the U.S. Post Service was hacked, apparently by the Chinese government. The big question, of course, is why. It probably isn't for ordinary criminal reasons: The intrusion was carried out by "a sophisticated actor that appears not to be interested in identity theft or credit card fraud," USPS spokesman David Partenheimer said. ... But no customer credit card information from post offices or online purchases at usps.com was breached, they said. more

GTLDs Valuation Components That You Must Not Overlook

This post outlines the valuation pitfalls that need to be avoided when competing for the acquisition of a new generic Top-Level Domain (gTLD). The most widely used financial tools to determine the economic viability of a capital investment project, such as bidding for a new gTLD, are the Internal Rate of Return (IRR) and the Net Present Value (NPV), which measures the expected additional value a project would create if undertaken. more

Accountability Group Charter Sets the Bar Too Low

In mid-August ICANN staff attempted to impose their own proposal for the process that will determine what overall new ICANN accountability measures should accompany the proposed IANA functions transition -- and thereby replace the restraining and corrective oversight role that the U.S. has played through periodic reevaluation of ICANN performance in conjunction with re-awarding of the IANA contract. In united reaction against that attempt, the ICANN community sent an unprecedented joint letter to CEO Fadi Chehade and the ICANN Board... more

Secure Unowned Hierarchical Anycast Root Name Service - And an Apologia

In Internet Draft draft-lee-dnsop-scalingroot-00.txt, I described with my coauthors a method of distributing the task of providing DNS Root Name Service both globally and universally. In this article I will explain the sense of the proposal in a voice meant to be understood by a policy-making audience who may in many cases be less technically adept than the IETF DNSOP Working Group for whom the scalingroot-00 draft was crafted. I will also apologize for a controversial observation concerning the addition of new root name servers... more

Customer Confusion over New(ish) gTLDs Targeting Financial Services

For the last decade and a bit, banking customers have been relentlessly targeted by professional phishers with a never-ending barrage of deceitful emails, malicious websites and unstoppable crimeware -- each campaign seeking to relieve the victim of their online banking credentials and funds. In the battle for the high-ground, many client-side and server-side security technologies have been invented and consequently circumvented over the years. Now we're about to enter a new era of mitigation attempts... more

New MANRS Initiative Aims to Improve Security of Internet Routing

How can we work together to improve the security and resilience of the global routing system? That is the question posed by the "Routing Resilience Manifesto" site with the suggested answer launched today of the "Mutually Agreed Norms for Routing Security (MANRS) document, to which a number of network operators have already signed on as participants, including: Comcast, Level 3, NTT, RUNNet, ClaraNet, SURFnet, SpaceNet, KPN and CERNET. more

Scaremongering from Spy Agents

In an article for the Financial Times, Mr Hannigan -- the chief of the British spy agency GCHQ said: "I understand why they [US technology companies] have an uneasy relationship with governments. They aspire to be neutral conduits of data and to sit outside or above politics." "But increasingly their services not only host the material of violent extremism or child exploitation, but are the routes for the facilitation of crime and terrorism."... more

ICANN 51: Los Angeles - Getting Ready for a Big 2015

Earlier this month, the Internet Corporation for Assigned Names and Numbers (ICANN) held its 51st public meeting in Los Angeles. Once again, MarkMonitor joined stakeholders from across the globe to discuss issues ranging from government control over the Internet, to key lessons learned thus far from the new gTLD rollout. This coming year promises to be a big one for ICANN, and for the business and brand community as a result. more

How to Improve WHOIS Data Accuracy

A major concern about the present WHOIS is the level of data inaccuracy. The Expert Working Group (EWG) on Registration Directory Service (RDS), of which I had the pleasure of being a member, spent considerable time figuring out how to improve WHOIS data accuracy. The EWG in its final report proposed a new system, the RDS, which we believe will significantly address the flaws in the current WHOIS, including the data inaccuracy challenge. more

Internet Governance After Busan: Playing the Long Game

As you might imagine, I've been following the ITU's Plenipotentiary Conference very closely. It was built up to be the great showdown of our time -- the pro-'free and open' Internet in one corner (comprised for the most part of developed and democratic nations), in the other corner a contingent of totalitarian regimes bent on a fractured, censored Internet -- a near battle royale for control of one of the greatest communications tool the world has ever seen. more