Searching for Truth in DKIM: Part 5 of 5

Throughout this series of articles we've been talking about DKIM, and what a valid DKIM signature actually means. .. What this means for senders (of any type) is that with DKIM, you’re protected. On the internet, your domain name is a statement of your brand identity – so by signing messages with DKIM, you can finally, irrevocably tie those messages to your brand. more

DNS Insecurity

The Internet as we know it and use it today -- is broken, badly broken. Yes broken so much so that we are really crazy to have any expectations of privacy or security. Yes, really. The Internet was conceived as somewhat of a utopian environment, one where we all keep our doors, windows and cars unlocked and we trust all the people and machines out there to "do the right thing...". more

Warning, Danger Lurks Here: Exploring DKIM/ADSP Edge Cases - Missing message-id

This article is the first in an occasional series on DKIM/ADSP edge cases that may not be generally recognized or understood. Many people advocate DKIM/ADSP adoption without fully recognizing potential implementation and operational issues. The fact is that the email messaging environment is fraught with opportunities for poor outcomes because of common practices that need to be considered or poorly understood implementations that are not considered... more

Will ENUM Deliver?

ENUM (E.164 NUmber Mapping) is a technology that has been around for a little while that has promised much and, so far, delivered little to the average user. As Nominet has recently been awarded the contract to administer the UK 4.4.e164.arpa delegation, I thought it was time that I put my thoughts on this subject down in writing. I'm going to cover the potential of ENUM in the telecoms industry and what it could mean to you, along with how it is currently being used and what potential security issues surround ENUM. more

Searching for Truth in DKIM: Part 4 of 5

Once you've determined that you can trust the signer of a message, as we discussed in part 3, it's easy to extrapolate that various portions of the message are equally trustworthy. For example, when there's a valid DKIM signature, we might assume that the From: header isn't spoofed. But in reality, DKIM only tells us two basic things... more

Designing Secure Networks with Cisco Technology, Part 4

In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies... In Part 3 of this series I began to discuss Cisco technologies as a standard for enterprise data security. In this article we take a look at how Cisco firewall and packet filtering technologies can be used at the network perimeter to enhance enterprise security. more

Exploring the Roots of Wireless Spectrum Controversy (eComm Panel)

Earlier this month, I had the opportunity to attend the The Emerging Communications (eComm) 2009 conference in San Francisco which was packed with 3 days of fascinating conversations about the future of communications. I absolutely enjoyed talking to various speakers and attendees giving me a deep level of appreciation and perspective on technical, commercial and political issues at hand -- and what is likely to come in the next few years. And speaking of politics, Lee Dryburgh, who founded eComm in early 2008, has generously allowed us to share with you a fascinating panel discussion which took place on day 3 of the conference called "Spectrum 2.0 - What's really happening?" more

IANA: A Tale of Two Fails

The IANA -- Internet Assigned Numbers Authority -- is, functionally, the boiler room of the Internet. Every protocol in use to shovel data from Tallahassee to Timbuktu? Listed there. IP addresses? They are the root from which all addresses flow. Domain names? They are the Source. The entire operation is chock-full of magic numbers, numbers that form and fuel the digital world we use daily. But there are other, lesser-known numbers... It is of PENs that I write today... more

Worming Our Way Out of Trouble

The Conficker worm will be active again on April 1st, according to an analysis of its most recent variant, Conficker.C, by the net security firm CA. This malicious piece of software, also known as Downup, Downadup and Kido, spreads among computers running most variants of the Windows operating system and turns them into nodes on a multi-million member ‘botnet’ of zombie computers that can be controlled remotely by the worm’s as yet unidentified authors. more

ICANN Asked to Remake the Internet in Joseph Smith’s Image?

If there's one thing that scares the bejabbers out of me, it's when organized religion -- either directly or via proxies -- attempts to nose its way into technology policy issues. It appears that such a scenario is unfolding currently, with a concerted new effort to fundamentally remake the Internet in a manner befitting the sensibilities of top-down religious hierarchies. An Internet Pope? The Spanish Inquisition? Not exactly -- that's the incorrect religion for this particular case. more