/ Featured Blogs

Could IP Addressing Benefit from the Introduction of Competitive Suppliers?

Apr 19, 2005

An article written by Paul Wilson, Director General of Asia Pacific Network Information Centre (APNIC), and Geoff Huston, Senior Internet Research Scientist at APNIC. "In recent months proposals have been made for the introduction of competition into the system of allocation of IP addresses. In particular, calls have been made for new IP address registries to be established which would compete with the existing Regional Internet address Registries (RIRs). Specific proposals have been made by Houlin Zhao of the ITU-T and by Milton Mueller of the Internet Governance Project, both of which propose that the ITU itself could establish such a registry group, operating as a collection of national registries." ...It would appear that part of the rationale for these proposals lies in the expectation that the introduction of competition would naturally lead to outcomes of "better" or "more efficient" services the address distribution function. This article is a commentary on this expectation, looking at the relationship between a competitive supply framework and the role of address distribution, and offering some perspective on the potential outcomes that may be associated with such a scenario for IP addresses, or indeed for network addresses in general. more

Phish-Proofing URLs in Email?

Apr 18, 2005

For those who've been living in an e-mail free cave for the past year, phishing has become a huge problem for banks. Every day I get dozens of urgent messages from a wide variety of banks telling me that I'd better confirm my account info pronto. ...Several people have been floating proposals to extend authentication schemes to the URLs in a mail message. A sender might declare that all of links in it are to its own domain, e.g., if the sender is bigbank.com, all of the links have to be to bigbank.com or maybe www.bigbank.com. Current path authentication schemes don't handle this, but it wouldn't be too hard to retrofit into SPF. ...So the question is, is it worth the effort to make all of the senders and URLs match up? more

Study Finds Spammers Use P2P Harvesting to Spam Millions

Apr 18, 2005

A recent study conducted by Blue Security reports how Internet users can unknowingly expose their contacts' emails addresses to Spammers while sharing files, music, games and DVDs over Peer-to-Peer (P2P) networks. The study has uncovered hundreds of incidents where files containing email addresses were made accessible in P2P networks. more

Port 25 Blocking, or Fix SMTP and Leave Port 25 Alone for the Sake of Spam?

Apr 17, 2005

Larry Seltzer wrote an interesting article for eWeek, on port 25 blocking, the reasons why it was being advocated, and how it would stop spam. This quoted an excellent paper by Joe St.Sauver, that raised several technically valid and true corollaries that have to be kept in mind when blocking port 25 -- "cough syrup for lung cancer" would be a key phrase... Now, George Ou has just posted an article on ZDNET that disagrees with Larry's article, makes several points that are commonly cited when criticizing port 25 blocking, but then puts forward the astonishing, and completely wrong, suggestion, that worldwide SPF records are going to be a cure all for this problem. Here is my reply to him... more

More on Story Behind .ASIA

Apr 15, 2005

James Seng, my good colleague in APEET, said: "...Chiao called .ASIA 'more or less like a joint venture among APxx organizations'. I say nonsense!" When I say more or less, I mean more or less... On this .ASIA entry, I've intended to use the language carefully at this moment 'cos I know someone will be watching... more

  • By Chiao
  • Comments: 4
  • Views: 14,683

Fitting .JOBS Into the Marketplace

Apr 13, 2005

There have been several posts over the last 48 hours in response to the new dot jobs domain on both sides of the argument. John Sumser from The Electronic Recruiting News provides a balanced view of the new domain and in the end determines that then new domain will not help job seekers. Gerry Crispin has a slightly different view on The CareerXroads, which is not surprising as Gerry was a advocate of the new domain from the beginning. Joel Cheesman provides a fantastic top 10 thoughts on the new domain as well... more

Story Behind .ASIA

Apr 12, 2005

After releasing .travel and .jobs (hey, steve.jobs up for bidding!), ICANN said they will look at .xxx and .asia next. (via Chiao) "Vint Cerf: ...of those, we have had fairly extensive discussion about .asia and .xxx. We continue to evaluate those. The others will be attended to as we can get to them. But i want to say for the record that we will attempt within the next 30 days to come to a conclusion one way or the other about .asia and .xxx so these will be on a board call sometime within that period." Chiao called .ASIA "more or less like a joint venture among APxx organizations". I say nonsense! Don't let appearance fool you. more

In Pursuit of IDN Perfection?

Apr 11, 2005

Many of the problems of IDNs come from trying to do multiple languages at the same time or languages one can't read. The biggest difficulty is implementing them in gTLDs like .com or .org. I think that if we focus on helping the country level TLDs (ccTLDs) get going with IDNs in their own native languages, we would be solving the problem for 80% or so of the people. My concern is holding up the ability for these people to use IDNs because we can find the perfect solution for the edge cases. more

  • By Joi Ito
  • Comments: 11
  • Views: 22,024

Creating a National Cybersecurity Framework: Need For New Regulation?

Apr 11, 2005

The Congressional Research Service (CRS) recently released a major new study examining cybersecurity. The report, "Creating a National Framework for Cybersecurity: An Analysis of Issues and Options" discusses a variety of significant public and private cybersecurity concerns. The CRS analysis lists several broad options for addressing cybersecurity weaknesses ranging from adopting standards and certification to promulgating best practices and guidelines and use of audits among other measures. more

The Ultimate Solution to Internet Governance: Let ITU and ICANN compete

Apr 06, 2005

Controversies over ICANN led to the creation of the Working Group on Internet Governance, but so far there have been few specific proposals for change. The Internet Governance Project has entered that breach with a new policy paper: "What to Do About ICANN: A Proposal for Structural Reform." The proposal, by Hans Klein and myself, proposes three clean, clear but probably controversial solutions to the criticisms that have been made of ICANN. more

Industry Updates

Global DNS and Domain Activity Trends in Q2 2024

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

NIS2 and Its Implications for Global Brands

  • By CSC
  • Jul 05, 2024

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

IPv4.Global Commits to Keep Ukraine Connected

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Managing Expanding Attack Surfaces for Growing Businesses

Subdomain Hijacking in the News Again - What is It?

  • By CSC
  • May 20, 2024

Looking for More Signs of Nitrogen in the DNS

Thoughts on RDRS for Brand Owners

  • By CSC
  • May 13, 2024
View More