Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS rebinding attacks are real and can be carried out in the real world. They can penetrate through browsers, Java, Flash, Adobe and can have serious implications for Web 2.0-type applications that pack more code and action onto the client. Such an attack can convert browsers into open network proxies and get around firewalls to access internal documents and services. It requires less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers. Everyone is at risk and relying on network firewalls is simply not enough. In a paper released by Stanford Security Lab, "Protecting Browsers from DNS Rebinding Attacks," authors Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and Dan Boneh provide ample detail about the nature of this attack as well as strong defenses that can be put in place in order to help protect modern browsers.
Last week, my colleagues over at Sunbelt Software discovered a bogus Windows domain being registered earlier this month (where the "w" in "windows" is actually two "v"s). Today, I've been alerted to the fact that are several additional Windows domains which have registered where the "w"s have been also been replaced with "v"s...
This article discusses grassroots progress toward the development of a "Domain Registrant's Code of Rights and Responsibilities." This Code is an effort to create a balanced combination of the rights that domain name registrants should enjoy and the responsibilities that domain name registrants should fulfill. Discussion and survey results concerning this Code at domain-related forums show far greater grassroots consensus than one might think between what might be called the "domainer" and "intellectual property" communities. Informal surveys at some domain-related forums show very strong support in favor of this Code.
"First they ignore you, then they laugh at you, then they fight you, then you win!" quote by Gandhi pretty much summarizes the evolution of the domain name monetization and development business. I have watched this business come of age for more than half a decade... In the beginning nobody cared... then when people started talking about how great it was, 'smart people' and the "legitimate web" laughed. Then the trucks with money showed up... A significant double-digit percentage of global Internet traffic is now owned by domain holders with generic names. So the fight is on.
In one of the first (if not the first) UDRP cases for .cat, the auto giant BMW appears to have filed a WIPO case over the BMW.cat domain name. Other prospective new TLD operators have tried to suggest in ICANN meetings that these new TLDs do not cause problems with cybersquatting or defensive registrations... Obviously, given the above WIPO case, that statement is false.
Domainer litigation is heating up, and this lawsuit may be the most ambitious anti-domainer lawsuit to date. First, it is a putative class action lawsuit. Second, in addition to naming four leading domainer firms, the plaintiffs provocatively go after Google for providing ads to domainer sites. I believe this is the first lawsuit against Google for its domainer relationships. The complaint itself is a 121 page, 638 paragraph (with one paragraph enumerating 47 defined terms), 4.3MB behemoth alleging trademark infringement and dilution, ACPA violations, RICO and other claims.
Boy, this case got a lot of attention when it was first filed (which isn't surprising; YouTube lawsuits usually do). You may remember the story: the plaintiff is a dealer of used tube mills, used pipe mills and used pollforming machines. The plaintiff operated a website at utube.com. As you might expect, like most other industrial B2B vendors' websites, utube.com had a small but targeted audience. With the phenomenal and quick rise in popularity of YouTube, a lot of web users mistyped youtube.com and entered utube.com instead, causing utube.com to suddenly experience disproportionate popularity. Unfortunately for the plaintiff, few of these visitors were interested in pollforming machines... The plaintiff sued YouTube for trademark infringement...
While travelling home from Geneva, I was thinking quite a lot on the relationship between a ccTLD (registry) and a Country. This is because many countries are starting to talk louder and louder about the responsibilities Countries have on critical infrastructure, or (possibly more important) the management of the critical infrastructure. Will for example any (none?) of ccTLD operators (servers) sustain a denial of service attack of a scale similar to the attack on the root servers? What can ccTLD operators do to resist the malicious attacks? Should this be discussed?
Defendant iREIT filed its answer on May 25, 2007, to the recent complaint by Verizon alleging cybersquatting. As in the prior article, these are the public court documents and nothing has been proven by either side in a court of law.
This morning I was forwarded a link to the Business2.0 article on domainer Kevin Ham about a half-dozen times and one sent the reddit comment thread on it (titled "This guy is a piece of s**t") and I had to chuckle and replied "I see Techno-Pinkos are out in full force". Some of the comments are just classicly clueless: "He's just a parasite. Someone gaming the system for their own financial ends without providing a useful service to anyone, and making it worse for many." ...Newsflash: Speculation is any time you choose one path, good or service over another in the hopes that you will do better...
A World-Renowned Source for Internet Developments. Serving Since 2002.