On Saturday, November 29, 2003 a post on the GNSO mailing list indicated that the .name registry website had been hacked. As reported by George Kirikos, "The .name registry's main website www.nic.name has been hacked, as of Saturday evening in North America. According to Netcraft, they're running Linux. They must not have kept up to date with all security updates, or someone cracked a password. Hopefully offsite backups were made, to ensure data integrity." Although, due to this emergency, the .name web servers have been pulled down as of this writing, just a short few hours ago, visitors to the .name registry home page would find a mysterious black screen upon visiting the site, including the following text...
This is the first part of a two-part series interview by Geert Lovink with Milton Mueller discussing ICANN, World Summit on the Information Society, and the escalating debates over Internet Governance. Read the second part of this Interview here. Geert Lovink: "Would it make sense to analyse ICANN (and its predecessors) as a test model for some sort of secretive 'world government' that is run by self appointed experts? Could you explain why governments are seen as incapable of running the Internet? This all comes close to a conspiracy theory. I am not at all a fan of such reductionist easy-to-understand explanations. However, the discontent with 'global governance' discourse is widespread and it seems that the International Relations experts have little understanding how the Internet is actually run. Where do you think theorization of Internet governance should start?"
Numerous competitive registrars offer diverse domain registration services to individuals, companies, and organizations. This study attempts to index and analyze their service offerings, facilitating analysis by other researchers and in preparation for additional analysis by the author.
In the past, most measurements of registrar market share have tracked overall registrar shares -- number of domains registered by a registrar divided by number of domains registered by all registrars. In this article, I propose some alternatives -- particular subsets of domains in which to measure registrar market shares, providing a basis for comparison with overall market shares. Results vary dramatically across these subsets, with implications on the future customer retention rates of the corresponding registrars.
Attacks on ICANN are coming from several different directions, and the list of concerns includes "cybercrime and protection of intellectual property rights."... First, it's not apparent to me that any government can "control" the internet -- and it's even less likely that that control can happen through the DNS. The most that governments will do will be to build walls between nations, requiring their ISPs to point only to approved sites. (China is well on its way to doing this already.) That's not controlling the Internet, that's creating different, national Internets.
Andrew McLaughlin, in his excellent dismemberment of the BBC's report on the "IPv4 address crisis", is observing not a random piece of sloppy research, but the success of settled policy. That policy, pursued by public relations companies serving information technology and telecommunications (IT&T) companies, is simple to sum up: "identify, support and encourage technically ignorant journalism". It centres around the most valuable word in the lexicon of the public relations firm: "placement"...A key characteristic of the "placement" story is its conformance to a template...With one search, I found a CNET story published in July with quite startling parallels to the BBC story...
In a strongly worded ruling, a U.S. Federal Court Judge has ruled in ICANN's favor and denied plaintiffs' motion for preliminary injunction. Dotster and two other ICANN accredited registrars had asked the court for an order prohibiting ICANN from finalizing approval of VeriSign's proposed new "Wait Listing Service" (WLS). Plaintiffs alleged that WLS is "anti-competitive" and that ICANN breached its obligations under the registrar accreditation agreement (RAA) when ICANN gave preliminary approval to WLS last year. The court disagreed, ruling [PDF] as follows:
On November 4, 2003, VeriSign announced a new "trust enhancing" seal which they built using Macromedia's Flash technology...While there are problems inherent to VeriSign's approach that call into question their understanding of "The Value of Trust," there are ways they could have made this particular implementation less trivially spoofable. The flaws I demonstrate on this page are flaws in the concept and the execution rather than anything inherently flawed in Flash. Overall this kind of graphical "trustmark" is extremely easy to forge just by recreating the artwork. But in this case, you don't even have to do that. The seal can still be called directly off the VeriSign servers, yet it is easily modified, without recreating artwork, and without doing anything untoward with VeriSign's servers!
If you analyze the relay of spam- and malware-containing email circulating on the Internet purely through your mail server logs (running the Unix command "tail"), a large proportion seem to come from Asia Pacific hosts, especially those from mainland China. Therefore, many less-experienced systems administrators have simply blocked the access from subnets of Chinese or Asian origin, effectively destroying the fabric of the Internet -- messaging. If administrators took pains to analyze these supposedly Asian spam messages by analyzing the full Internet headers, they would have realized that the Asian servers were merely used by the real spammers as open relays, or perhaps as zombie hosts previously infected with the mass mailing worms through the exploitation of operating system vulnerabilities.
While people may debate the death of email, there is no question that many email servers are already overloaded with spam. Current spam solutions are beginning to address the problem, but so far they all suffer from the arms race issue - as fast as we come up with new ways to fight spam, spammers are finding new ways to deliver it to us. While the functionality of email will certainly continue, the current system must change. When the change comes, it will deliver the future of email to Microsoft.