/ Featured Blogs

Maybe the IETF Won’t Publish SPF and Sender-ID as Experimental RFCs After All

Aug 26, 2005

Yesterday, the IESG, the group that approves RFCs for publication received an appeal from Julian Mehnle to not to publish the Sender-ID spec as an experimental RFC due to technical defects. IESG members' responses were sympathetic to his concerns, so I'd say that a Sender-ID RFC has hit a roadblock. The problem is simple: Although Sender-ID defines a new record type, called SPF 2.0, it also says that in the absence of a 2.0 record, it uses the older SPF1 record. Since SPF and Sender-ID can use the same records, if you publish an SPF record, you can't tell whether people are using it for SPF or Sender-ID. Ned Freed commented... more

Jerry Falwell Critic Can Keep Domain Name, Appeals Court Says

Aug 25, 2005

I want to call your attention to a very important Internet free speech decision, perhaps the most significant of our domain name cases from the past several years. In Lamparello v. Falwell, the United States Court of Appeals for the Fourth Circuit held today that the use of the domain name www.fallwell.com for a web site devoted to denouncing the views of Rev. Jerry Falwell about homosexuality neither infringes Falwell's trademark in his name nor constitutes "cybersquatting." more

Criticism of Trademark Owner Deemed Legitimate Interest under ICANN UDRP

Aug 24, 2005

BioCryst Pharmaceuticals, Inc., of Birmingham, Alabama, challenged registration of domain name www.biocrystpharmaceuticals.com. Respondent used domain name to criticize the Complainant's business (BioCryst Pharmaceuticals, Inc. v. Kumar Patel, Case No. D2005-0674). Panelist Daniel Gervais denied relief, stating... more

So You Think You’re Safe from DNS Cache Poisoning?

Aug 18, 2005

Everyone is probably well aware of the Kashpureff-style DNS cache- poisoning exploit (I'll call this "classic cache poisoning"). For reference, see the original US-CERT advisory prompted by this exploit. Vendors patched their code to appropriately scrub (validate) responses so that caches could not be poisoned. For the next 7-8 years, we didn't hear much about cache poisoning. However, there was still a vulnerability lurking in the code, directly related to cache poisoning. ...On April 7, 2005, the SANS ISC (not to be confused with Internet Systems Consortium) posted an update detailing how Microsoft Windows DNS servers were still being poisoned, even though the "Secure cache against pollution" option was set. The SANS ISC found that Windows DNS servers using BIND4 and BIND8 servers as forwarders were being poisoned. But how could this be? more

.XXX Puzzle Pieces Start to Come Together: And the Picture is Ugly

Aug 17, 2005

Americans who worried about governments somehow "running" the Internet through the United Nations failed to see the Trojan Horses that were rolled into ICANN's structure in 1998: the Governmental "Advisory" Committee and the special US Government powers over ICANN. The attempt by the US Commerce Department to "recall" the delegation of .xxx to ICM Registry due to pressure from deluded right-wing groups in the US who think that it will add to pornography on the Internet is a major inflection point in the history of ICANN, and could represent the beginning of the end of its private sector/civil society based model of governance. more

Objections to .XXX, Attention in High Places

Aug 16, 2005

Dot XXX is in for some interesting times, I fear. First the ICANN GAC chair Sharil Tarmizi is suggesting that more time be given for government and public policy feedback on .XXX. Objections certainly have started to come in from rather high places, such as from the US Department of Commerce. Personally speaking I'm inclined to be in favor of .XXX because it at least gives people in the adult entertainment industry their own online space and a stronger voice (gTLD)... more

Monetizing the Internet

Aug 09, 2005

What would duopoly providers of internet access really like to have? They'd really like to be paid for providing non-commodity services. They'd really like to be rewarded for running the network, top to bottom. "But that's not possible," you say. No provider can tell one packet from another. Providers can only block the ports used by applications they don't like, and that's a clumsy, unwinnable arms race. The applications can always switch to common and useful ports, and no provider wants to alienate its subscriber base. But what if providers could inspect the contents of packets, without using too much computational power, and discriminate among applications? "Naah," you say. "They can't possibly do that."... more

Regime Change on the Internet: Conference Notes

Aug 08, 2005

"Regime Change on the Internet? Internet Governance after WGIG" was the first public event held in the United States on July 28, 2005 to review the UN Working Group on Internet Governance (WGIG) report. Here are my notes from the event: "Markus Kummer, Executive Coordinator, UN Working Group on Internet Governance, reminded the audience that the mandate of the WGIG was specifically articulated by the first part of the WSIS - "To investigate and make proposals for action as appropriate". It was not for sweeping regime change as the conference title would suggest." more

SPF Loses Mindshare

Aug 02, 2005

MAAWG is the Messaging Anti-Abuse Working group. It was started by Openwave, a vendor that sells e-mail hardware and software to large ISPs and originally consisted only of Openwave customers, but has evolved into an active forum in which large ISPs and software vendors exchange notes on anti-spam and other anti-abuse activities. Members now include nearly every large ISP including AOL, Earthlink, Yahoo, Comcast and Verizon is a member, along with ESPs like Doubleclick, Bigfoot, and Checkfree, and vendors like Ciscom, Ironport, Messagelabs, Kelkea/Trend, and Habeas. They've also been quietly active in codifying best practices and working on some small but useful standards like a common abuse reporting format. more

About Those Root Servers

Aug 01, 2005

There is an interesting note on the ITU Strategy and Policy Unit Newslog about Root Servers, Anycast, DNSSEC, WGIG and WSIS about a presentation to ICANN's GAC. (The GAC website appears to be offline or inaccessible today.) The interesting sentence is this: Lack of formal relationship with root server operators is a public policy issue relevant to Internet governance. It is stated that this is "wrong" and "not a way to solve the issues about who edits the [root] zone file." Let's look at that lack of a formal relationship... more

Industry Updates

Digging Deep to Examine the Roots of the Glupteba UEFI Bootkit

Hunting for TimbreStealer Malware Artifacts in the DNS

A Glimpse into the Global Domain Registration Trends Seen in Q1 2024

Uncovering Suspicious Download Pages Linked to App Installer Abuse

On the DNS Trail of the Rise of macOS Backdoors

Checking Out the DNS for More Signs of ResumeLooters

WhoisXML API Publishes a New Study of 7 APT Groups That Have Targeted North America

Searching for Potential Propaganda Vehicle Presence in the DNS

Navigating Change and Unlocking Value: The Strategic Journey of Jack Hazan and IPv4.Global

Following the VexTrio DNS Trail

DarkGate RAT Comes into the DNS Spotlight

Tracing Ivanti Zero-Day Exploitation IoCs in the DNS

DNS Investigation: Is xDedic Truly Done for After Its Takedown?

DNS Deep Diving into Pig Butchering Scams

IPv4 Addresses: Dormant Assets or Untapped Digital Gold?

View More