OMB Focuses On Cybersecurity

Ensuring federal cybersecurity is essential to protecting national security. According to some media reports, recommendations have been made to the Bush Administration to "create a distinct administrative cybersecurity position within the Homeland Security Department to oversee progress in the federal government and act as a liaison with private industry." However, before new bureaucracy is created, it is important to recognize the practical cybersecurity policies and projects that are already being undertaken by the Administration. more

A Year of CAN SPAM

The CAN SPAM Act of 2003 went into effect a year ago on Jan 1, 2004. As of that date, spam suddenly stopped, e-mail was once again easy and pleasant to use, and Internet users had one less problem to worry about. Oh, that didn't happen? What went wrong? more

Reforming Whois

Now that we're into the New Year and deadline for public comment on the proposed new .CA whois policy nears and now that my term as a CIRA Director enters its home stretch, I wanted to take some time to elaborate further on my Unsanctioned Whois Concepts post from long ago and revise it somewhat. more

Person to Person Security and Privacy Infringement

IT security strategies invariably focus on maintaining impenetrable fortresses around computers and network systems. Firewalls, virtual private networks and anti-virus programs are the tools IT engineers use to create their digital security. Sophisticated defense systems can be very effective at keeping the obvious attackers at bay, yet they often create a false sense of security because the real attacks, the kind that inflict irreparable damage on a system or network, avoid the obvious routes into the secure fortress. more

Tracking Internet Piracy: Harder Than You Think

Wired Magazine recently published an article called "The Shadow Internet", where it says: "Anathema is a so-called topsite, one of 30 or so underground, highly secretive servers where nearly all of the unlicensed music, movies, and videogames available on the Internet originate. Outside of a pirate elite and the Feds who track them, few know that topsites exist. Even fewer can log in." But what are the difficulties in tracking and identifying these so-called topsites? Joel Snyder, a senior network consultant responds. more

2004: The Year That Promised Email Authentication

As the year comes to a close, it is important to reflect on what has been one of the major actions in the anti-spam arena this year: the quest for email authentication. With email often called the "killer app" of the Internet, it is important to reflect on any major changes proposed, or implemented that can affect that basic tool that many of us have become to rely on in our daily lives. And, while many of the debates involved myriads of specialized mailing lists, standards organizations, conferences and even some government agencies, it is important for the free and open source software (FOSS) community as well as the Internet community at large, to analyze and learn lessons from the events surrounding email authentication in 2004. more

Internet to ITU: Stay Away from My Network

An ITU document entitled "Beyond Internet Governance" crossed my desk earlier this week. Given that I had absolutely nothing better to do, I decided to give it a read. The audacity of the ITU Secretariat is nothing less than shocking. It has been a long while since I read such a self-serving, narrow-minded and inaccurate document. The backbone of the ITU's contention rests on the premise that something called the Next Generation Network and the contention that this network will act as one big bug fix for all the problems created by current inter-networking technology. more

Chinese IDN in the News

News.com published a well-research article on the Chinese Domain Names by Winston Chai: "This approach works fine in the English-savvy world. However, for non-English speakers, they could be faced with the unenviable task of rote-learning numerical IP addresses, which is highly improbable, or the English spellings of dozens of Web sites they want to access." Just a few points of interest... more

A Political Analysis of SPF and Sender-ID

In my spare time when I'm not dealing with the world of e-mail, I'm a politician so now and then I put on my cynical political hat. At the FTC Authentication Summit one of the more striking disagreements was about the merits and flaws of SPF and Microsoft's Sender-ID. Some people thought they are wonderful and the sooner we all use them the better. Others thought they are deeply flawed and pose a serious risk of long-term damage to the reliability of e-mail. Why this disagreement over what one might naively think would be a technical question? more

Engineers on TLDs: Do You Want Me With Fries?

During ICANN's public forum in Cape Town, an interesting conflict accidentally came up, even if somewhat concealed by the usual exchange of well-known views on whether ICANN should finally allow the world to get more new Top Level Domains (TLDs) on a regular basis. I know I am oversimplifying thoughts and positions, but basically the discussion was between a couple of 30-year-old engineers from the floor asking to be given the opportunity to try new things, and a couple of 60-year-old engineers from the podium putting up any kind of unproven excuses... more