/ Featured Blogs

Brand Protection Beyond the “Whack-a-Mole” Approach

I recently shared at a conference how a seasoned brand and fraud expert from one of the world's largest global financial institutions lamented a major attack where multiple fraudulent websites would pop up every single day. All attacks were launched from the same registrar and web hosting company, and no matter how much they reached out to these providers, they received the same reply: "we will pass on your request to the registrant or site owner," and then nothing happened.

More Warning Shots for ICANN, or the End of the Road?

Last fall, I wrote about ICANN's failed effort to achieve its goal of preserving the Whois domain name registration directory to the fullest extent possible. I predicted that if the policy effort failed, governments would take up the legislative pen in order to fulfill the long-ignored needs of those combating domain name system harms. That forecast has now come true through significant regulatory actions in the United States and the European Union in the form of a proposed directive from the European Commission (EC) and instruction from the US Congress to the National Telecommunications and Information Administration (NTIA).

Cryptographic Tools for Non-Existence in the Domain Name System: NSEC and NSEC3

In my previous post, I described the first broad scale deployment of cryptography in the DNS, known as the Domain Name System Security Extensions (DNSSEC). I described how a name server can enable a requester to validate the correctness of a "positive" response to a query -- when a queried domain name exists -- by adding a digital signature to the DNS response returned.

Can We Control the Digital Platforms?

The digital market has matured over the last 20 years, and it is no longer an excuse for governments to do nothing with the aim to let new markets and innovations emerge without immediate regulatory oversight. It has become clear this period is now well and truly over. The European Commission has already launched several lawsuits against the digital giants. Regulation, in general, is known as "ex-post" (after the deed has been done). This is set to change, as I will explain later.

Digital in 2021 – Five Predictions for Brand Protection

While smartphones were an integral part of our lives before 2020, now, as a result of the changes associated with COVID, our mobile devices are virtually "super-glued" to our hands. The worldwide pandemic has heavily influenced our lives. Based on our past experiences with digital brand protection and the trends we're currently seeing, we've made five predictions regarding the future of internet usage in 2021.

Trump’s Parting NTIA 5G Debacle

As Trump's horrific Administration of non-stop debacles and self-serving gambits headed toward the exit over the past few weeks, one last regulatory grab after another has been pushed out the door while the toddler-in-chief rants. Sure enough, the last of the 5G debacles just appeared in the Federal Register courtesy of the President's policy instrument, the National Telecommunication and Information Administration (NTIA). It was titled the 5G Challenge Notice of Inquiry.

Are Big Tech CFOs (Inadvertently) Stealing From Shareholders?

When valuing a stock, analysts and shareholders evaluate always revenue and profit. Big tech COFs are sitting on assets worth tens of millions of dollars of annual profit (not just revenue, but true profit) in the form of unallocated IPv4 addresses. By not selling or leasing these out, they are incurring expenses to hold them and missing out on tremendous profits. At a 20X multiple (for context, Cisco is trading at nearly 18X earnings, Google at just over 33X earnings, Shopify at well over 700X earnings), big tech CFOs are actively preventing over $250 billion in market capitalization for their shareholders.

The Domain Name System: A Cryptographer’s Perspective

As one of the earliest protocols in the internet, the DNS emerged in an era in which today's global network was still an experiment. Security was not a primary consideration then, and the design of the DNS, like other parts of the internet of the day, did not have cryptography built in. Today, cryptography is part of almost every protocol, including the DNS. And from a cryptographer's perspective, as I described in my talk at last year's International Cryptographic Module Conference (ICMC20), there's so much more to the story than just encryption.

Exploring the Meanings of “Right” and “Legitimate Interest” (UDRP Proceedings)

For complainant, the second leg in determining cybersquatting under the Uniform Domain Name Dispute Resolution Policy (UDRP) is evidence respondent lacks both rights and legitimate interests in the challenged domain name (Paragraph 4(a)(ii)). I underscore "both" because proving one but not the other is not good enough. This seems obvious, so why suggest there is something to explore about "rights" and "legitimate interests" if their meanings hardly need explication?

SpaceX Starlink Beta and Beyond

SpaceX began public beta testing of the Starlink Internet service in the northern US late last October. Since then, they have made many software updates based on the beta experience and have expanded the uninterrupted-coverage area by launching new satellites. By the end of the year, they had begun beta service in southern Canada and sent beta test invitations to a few UK users. The beta-eligibility area is expected to expand from the current 45-53 degree latitude this month or next.