New TLD Applicants: Read This Before Selecting a Registry Provider

As each day passes, I spend more time immersing myself with prospective clients who are weighing up our offering over those of alternative providers. The more I become entrenched in this competitive process, the more it becomes increasingly clear that many of the competing RSPs pitching their wares to hopeful applicants are misleading them by hiding critically important information in fine print disclaimers or feeding them rubbish in order to whittle down the competition. Competition is a great thing; it just needs to be on the same playing field. Make sure you are comparing apples with apples. more

SEC Asks Companies to Disclose Cyberattacks

I came across an interesting article on Reuters today: "U.S. securities regulators formally asked public companies for the first time to disclose cyber attacks against them, following a rash of high-profile Internet crimes..." This is a pretty big step for the SEC. Requiring companies to disclose when they have been hacked shifts the action on corporations from something voluntary to something that they have to do. The question is do we want to hear about everything? more

The Mainsleaze Blog

Mainsleaze is nerdy slang for spam sent by large, well-known, otherwise reputable organizations. Although the volume of mainsleaze is dwarfed by the volume of spam for fake drugs, account phishes, and Nigerian 419 fraud, it causes work for mail managers far out of proportion to its volume... The problem with mainsleaze is that it is generally mixed in with mail that the recipients asked for, and there's no way to tell the difference mechanically. more

Innovating with New gTLDs

One of the primary purposes of the ICANN New generic Top-Level Domain (gTLD) program is to foster innovation in the DNS industry and the wider Internet. While having a desirable TLD string that users can relate to is a good starting point, gTLD applicants may want to bolster their value propositions by offering innovative services and differentiate their TLDs from others. Defining the services to be offered is so central to a gTLD that it should be part of the initial strategy of any prospective applicant. more

DDoS Attacks: What’s in Store for 2012?

According to Kaspersky Lab, 2011 has seen "numerous DDoS attacks with a variety of motives," many of which will "go down in the annals of cybercrime." As we look ahead to 2012, it's worth examining some of those motives to see what they portend. more

Why Brands Need Their Own TLD - The Mulberry-Sale Site that Scammed Me

As a seasoned internet user, even an old 'Domainer', I was there when ICANN launched the first round of New TLDs. I remember the criticism we received from the media back then. We were invited to countless roundtable discussions, press conferences, and local internet events at which we were expected to answer the key media question: "Why are new TLDs necessary?" Dot BIZ, .INFO, and four more were the test bed new TLDs -- I represented .BIZ in EMEA. more

Of Canaries and Coal Mines: Verisign’s Proposal and Sudden Withdrawal of Domain Anti-Abuse Policy

Too many techies still don't understand the concept of due process, and opportunistic law enforcement agencies, who tend to view due process constraints as an inconvenience, are very happy to take advantage of that. That's the lesson to draw from Verisign's proposal and sudden withdrawal of a new "domain name anti-abuse policy" yesterday. The proposal, which seems to have been intended as a new service to registrars, would have allowed Verisign to perform malware scans on all .com, .net, and .name domain names quarterly when registrars agreed to let them do it. more

Federal Cybersecurity Best Practices: FISMA Continuous Monitoring

Studies have found only limited, insufficient agency adherence with FISMA's (Federal Information Security Management Act) continuous monitoring mandates. One survey found almost half of federal IT professionals were unaware of continuous monitoring requirements. A recent GAO report found that two-thirds of agencies "did not adequately monitor networks" to protect them "from intentional or unintentional harm." more

Protecting Intellectual Property is Good; Mandatory DNS Filtering is Bad

It has been about six months since I got together with four of my friends from the DNS world and we co-authored a white paper which explains the technical problems with mandated DNS filtering. The legislation we were responding to was S. 968, also called the PROTECT-IP act, which was introduced this year in the U. S. Senate. By all accounts we can expect a similar U. S. House of Representatives bill soon, so we've written a letter to both the House and Senate, renewing and updating our concerns. more

Facebook and Apps vs. Domains

This debate never got heated during the NewDomains.org conference in Munich last month. One might speculate that it was largely because most in the audience and on the panel, support and believe in the existence of both. There is no need to make a direct either/or comparison. What sets Facebook and Apps apart from existing popular Top-Level Domains (TLDs) is the concept of a closed environment in which users can interact with the technology and each other in a dedicated space. more