Taking Aim at 8 Myths about ENUM

ENUM has a critical role to play in telephony services convergence. Although many carriers are adopting ENUM there are myths swirling around the confuse newcomers. In data networks, the domain name system (DNS) is responsible for converting Uniform Resource Locators (URL's) to IP addresses in order to route data traffic. The ENUM protocol performs a similar essential function of linking E.164 telephone numbers to Universal Resource Identifiers (URIs) -- enabling communication services to use traditional phone numbers to set up calls over IP networks. Unfortunately, there's a good deal of hype and confusion around ENUM, which might lead carriers to delay ENUM implementations. That delay would be a mistake... more

Why I’m Standing for the ICANN Board and Why I’ve made My Statement Public

The number of applications this year for the seven positions within ICANN has been so low that the NomCom has gone to the trouble of printing up pamphlets, holding a public meeting at Marrakech and extending the deadline by a fortnight. At the two public Board sessions in Marrakech the grand hall that was provided was virtually empty, sparking some debate as to why. Susan Crawford ventured that it was because ICANN was failing to connect with people; Vint Cerf suggested that ICANN was so successful at doing its job that people didn't feel the need to attend. Mouhamet Diop pointed out that we were in a French-speaking Arabic country and no one was going to sit through four hours of discussion if they didn't understand a word of it... more

OpenDNS: It’s Not SiteFinder for Obvious Reasons

The first salvo on NANOG this morning in response to the launch of OpenDNS was a predictable lambasting along the lines of "here comes SiteFinder II". Fortunately the follow-ups were quick to point out that OpenDNS was a far cry from SiteFinder for the obvious reason that people have the choice to use it, nobody had a choice with SiteFinder. ...the real magic here can come from it's use in phishing mitigation. more

Why Senator Stevens is Right on Net Neutrality

Several people emailed me about the actual things the senator said and why he is off-base. I decided to listen to his speech again, and write down the points I believe are critical. Senator Stevens who everyone is dissing on for his speech on Net Neutrality in my book spoke nothing less than brilliant. I will also tell you, in my opinion, exactly why... He nailed down the subject into the point that matters: Business. It's about profit. more

Net Neutrality Is As Silly As So-Called Internet Governance

From the perspective of Internet security operations, here is what Net Neutrality means to me. I am not saying these issues aren't important, I am saying they are basically arguing over the colour of bits and self-marginalizing themselves. For a while now I tried not to comment on the Net Neutrality non-issue, much like I didn't comment much on the whole "owning the Internet by owning the Domain Name System" thingie. Here it goes anyway. Two years ago I strongly advocated that consumer ISP's should block some ports, either as incident response measures or as permanent security measures... more

New WHOIS Definition Survives Marrakech ICANN Meeting

For now, it appears that the new, more technically focused and privacy-friendly definition of the purpose of Whois survived the Marrakech meeting. The U.S. Government and the copyright and law enforcement interests mounted a major onslaught against the Generic Names Supporting Organization (GNSO) action, using the Governmental Advisory Committee (GAC) as their pressure point.  more

Verisign Receives Subpoena Relating to Stock Option Backdating

VeriSign has reported that they are cooperating with a grand jury subpoena and a SEC inquiry into their historical stock option grants. More can be found here. Backdating of options is essentially a fraud against existing shareholders, as noted in the press or simply searching Google for "backdating fraud". Under the existing 2001 .com Registry Agreement, section 16.C would allow for termination of the agreement by ICANN in the event that VeriSign "is convicted by a court of competent jurisdiction of a felony or other serious offense related to financial activities... more

Microsoft Choking Domain Parking Business Practices?

In a follow up to Microsoft's Strider URL Tracer tool released a few months ago, SecurityFocus is running an article which takes a closer look at how Microsoft's free Strider URL Tracer with Typo-Patrol is aimed at fighting typo-squatters and domain parking abuse. From the article: "In most cases, the typo domain is not even selling a product or service itself. The typo domain makes its money from syndicated advertising such as Google's AdSense program. The typo-squatter simply parks the domain and the only content on the site ends up being the ads served from a syndicated advertising program..." more

FTC Issues Statement on Whois Databases

A recent statement released by the U.S. Federal Trade Commission emphasized that the Whois databases should be kept "open, transparent, and accessible," allowing agencies like the FTC to protect consumers and consumers to protect themselves: "In short, if ICANN restricts the use of Whois data to technical purposes only, it will greatly impair the FTC's ability to identify Internet malefactors quickly -- and ultimately stop perpetrators of fraud, spam, and spyware from infecting consumers' computers," the statement states." more

Phishing Moving to the Web Channel

Today we received one of the first phish attempts to be made as a web spam (comment spam/blog spam) attempt. I wasn't convinced, and thought that perhaps it was a way to gather and verify RELEVANT online identities. Someone put me straight. It's phishing. I've often in the past had run-ins with the good folks in the anti virus realm back between 1996 and 2005 who thought Trojan horses and then spyware were not part of their business. Years later the AV business people ruled it is part of their business and ran to catch up. Same with botnets. more