DNSSEC Adds Value?

The recent news that .uk, .arpa and .org may sign their zones sometime this year is indeed good news. Each domain is highly significant... As the DNSSEC registry infrastructure moves inexorably forward -- primarily driven by top level pressure and considerations of National Interest -- it now behoves us to clearly articulate the benefits of DNSSEC to domain owners and registrars. In particular I want to focus on the vast majority of us to whom cold, hard cash is important and parting with it requires as a minimum tangible benefits or, in extreme cases, surgical intervention.

Is Mobile Internet Really Such a Good Thing?

Just about everyone I talk to is very excited about mobile Internet. In 2006, the Japanese government proudly announced that more people used the Internet through their mobile phones than through their computers. Online services are all talking about their "mobile strategy" and VCs are flocking to fund the latest "mobile startup". I don't think there is anything wrong with mobile or with some of the great new mobile applications and devices, but we have to be careful to remember that most mobile networks that actually work are built on infrastructure that is operated by a small number of mobile operators who use a lot of regulated and closed technology...

Uprooting of the DNS Root

The folks at Renesys pointed out earlier this week some interesting activity surrounding the L-root name server, highlighting some activity that should give us all yet another reason to be concerned about the security and integrity of the Internet DNS... considering that a great deal of malware today tends to corrupt the DNS resolution path in order to further exploit compromised end-systems, and that corruption, or any other actual end-system compromise, might well be unnecessary if the root were compromised -- well, think of the possibilities!

Google Surpasses Supercomputer Community, Unnoticed?

This week's issue of EE Times carries a story Pflops here; now what? about IBM's new 1 petaFLOPS supercomputer, the Roadrunner, and how its designers are scrambling to run benchmarks in advance of the annual International Supercomputing Conference (ISC) being held June 17th-20th. It's an article (dare I say, a puff piece?) about IBM, but it does mention competing supercomputers by Japanese vendors. However, it makes no mention of distributed computing projects like SETI@Home or, more importantly, of the Google computing cluster.

An Account of the Estonian Internet War

About a year ago after coming back from Estonia, I promised I'd send in an account of the Estonian "war". A few months ago I wrote an article for the Georgetown Journal of International Affairs, covering the story of what happened there. This is the "war" that made politicians aware of cyber security and entire countries scared, NATO to "respond" and the US to send in "help". It deserved a better understanding for that alone, whatever actually happened there.

Identity Theft of Root Name Servers, Reason Unknown

There have been a number of attacks on the root name servers over the years, and much written on the topic. (A few references are here, here and here.) Even if you don't know exactly what these servers do, you can't help but figure they're important when the US government says it is prepared to launch a military counterattack in response to cyber-attacks on them.

A Case of Mistaken Identity

As far as facebook is concerned, your email is your identification. This is true for other social networks like linkedin, and is slowly catching on to many other Web 2.0 services. It actually makes a lot of sense that your unique identifier (your "ID") would be your email -- it's unique by definition, it's easy to remember and most services need the email information anyway... So if email is destined to become the equivalent of your social security number or identification number (depending on which country you live in) how do we proof check that the email address we typed does not contain any typos?

CAN SPAM and Affiliate Mailer Opt-Out

Many online businesses use affiliates to drum up business. The affiliate finds a lead somewhere, passes it to the business, and gets a commission if the lead turns into a sale. Web based affiliates are relatively uncontroversial, but affiliates who advertise by e-mail are a chronic problem due to their propensity to send spam, both spam as normally defined and as defined by CAN SPAM. Is it possible to do legitimate e-mail affiliate marketing? Maybe...

Wow, Sanford Wallace Owes a Lot of Money

Last September MySpace sued ur-spammers Sanford "Spamford" Wallace and Walt "Pickle Jar" Rines were for egregious violations of CAN SPAM. Neither responded, so as was widely reported, earlier this week the court granted a default judgement. Since they sent a lot of spam, the statutory damages came to an enormous $235 million. Even for Spamford, that's a lot of money.

White Space for Internet Use Interfering with Wireless Patient Devices?

There is a germ of truth (perhaps a prion-sized germ or maybe just an amino acid) in the idea that transmitters in "white spaces" in the TV band *might* disrupt patient monitoring equipment if designed by a lunatic who believes in sending massive pulses of energy in a whitespace in the TV band (perhaps amplified by a large parabolic dish antenna the size of a trashcan lid or larger, aimed at the patient monitor system. But that risk is completely shared with zillions of other potential radiators of energy in the entire electromagnetic spectrum... GE, of course, owns NBC. There is a MAJOR conflict of interest at the corporate level of GE...