Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
At the Internet Governance Forum in Baku, I made an intervention on behalf of NL IGF, reporting on the recommendations given by the participants of Workshop 87... I concluded that more regulatory and law enforcement bodies need to become part of the IGF discussions, as they are an integral part of governing the Internet from a safety and security perspective. Mr. Cerf responded with a one-liner: "I can't help observing, if we keep the regulatories confused, maybe they will leave us alone". more
In this newly released paper Randal Vaughn and Gadi Evron discuss the threat of Distributed Denial of Service (DDoS) attacks using recursive DNS name servers open to the world. The study is based on case studies of several attacked ISPs reported to have on a volume of 2.8Gbps. One reported event indicated attacks reaching as high as 10Gbps and used as many as 140,000 exploited name servers. more
A third lawsuit has been filed late Friday in a federal district court in California against VeriSign, Inc. over its controversial DNS wildcard redirection service known as SiteFinder. It was filed by the longtime Internet litigator Ira Rothken. In addition, while two other lawsuits have been filed by Go Daddy Software, Inc. and Popular Enterprises, LLC. in Arizona and Florida, this is the first lawsuit to seek class-action status. Here is an excerpt from the "Introduction" section of this class-action lawsuit... more
In many respects the internet is going to hell in a hand basket. Spam, phishing, DNS poisoning, DDoS attacks, viruses, worms, and the like make the net a sick place. It is bad enough that bad folks are doing this. But it is worse that just about every user computer on the net offers a nice fertile place for such ill behavior to be secretly planted and operated as a zombie under the control of a distant and unknown zombie farmer. ...Some of us are coming to the converse point of view that the net is being endangered by the masses of ill-protected machines operated by users. more
In his book "The Darkening Web: The War for Cyberspace" (Penguin Books, New York 2017), Alexander Klimburg, an Austrian-American academic, gives "Internet Dreamers" a "Wake Up Call". He tells us the background-story why people start to be "anxious about the future of the Internet", as the recent ISOC Global Internet Report "Paths to Our Digital Future" has recognized. Klimburg refers to Alphabets CEO Erich Schmidt, who once said that "the Internet is the first thing that humanity has built that humanity does not understand". more
There are many news reports of a ransomware worm. Much of the National Health Service in the UK has been hit; so has FedEx. The patch for the flaw exploited by this malware has been out for a while, but many companies haven't installed it. Naturally, this has prompted a lot of victim-blaming: they should have patched their systems. Yes, they should have, but many didn't. Why not? Because patching is very hard and very risk, and the more complex your systems are, the harder and riskier it is. more
I previously provided a brief overview of how Verisign iDefense characterizes threat actors and their motivations through adversarial analysis. Not only do security professionals need to be aware of the kinds of actors they are up against, but they should also be aware of the tactical data fundamentals associated with cyber-attacks most commonly referred to as indicators of compromise (IOCs). Understanding the different types of tactical IOCs can allow for quick detection of a breach... more
Companies sometimes find that opportunistic purchasers of domain names (often referred to as "domainers"), will purchase a domain name quite similar to that of the company, and establish a site at the URL loaded with revenue-generating sponsored ads. To accomplish these purposes, domainers seem to prefer the services of companies like HitFarm and Domain Sponsor. A web user types in the confusingly similar URL and is bombarded with pop-up ads and sponsored links to goods and services, often competitive to the company whose name or trademark is being appropriated in the URL... more
Investools, Inc. recently filed an in rem domain name proceeding against a Canadian entity that registered the domain names investtools.com and investtool.com. In rem domain name proceedings are provided for under the Anticybersquatting Consumer Protection Act ("ACPA"), 15 U.S.C. 1125(d), and are a handy way for a trademark owner to acquire a domain name from a cybersquatter when the cybersquatter can't be found e.g., is located outside the U.S. ...The ACPA requires that a plaintiff demonstrate four things to establish in rem jurisdiction over a domain name... more
Perhaps Morgan Freeman never learned about the high profile domain name disputes involving celebrity names (e.g., Madonna, Bruce Springsteen and Julia Roberts), because he didn't register morganfreeman.com before it was snatched up by Mighty LLC in April 2003. After learning about Mighty LLC's (no stranger to domain name disputes) cybersquatting, Freeman filed a complaint before a WIPO arbitration panel under the Uniform Domain Name Dispute Resolution Policy... more
Once in a while, one comes across a new take on history that challenges everything you thought you knew. If you're the type who engages in bar bets with geeks, then this one is a certain gem. In 2001, Equifax submitted to the USPTO a sworn application to register a curious trademark, which eventually issued in 2004 with this data... Aside from the fact that Equifax has never actually held registration of the domain name efx.com, the truly outstanding fact here is that Equifax and/or its attorney has actually sworn to the United States Government that it was using "EFX.COM" as a mark for the provision of providing educational seminars via the internet since February 1975... Until now, I had imagined that Jon Postel added .com to the root in 1985. more
A domain name consists of two main elements: the second-level domain name to the left of the dot - often consisting of a brand name or relevant keywords - and the domain extension or top-level domain (TLD) to the right of the dot. Domain names form the key elements of the readable web addresses allowing users to access pages on the internet and also allowing the construction of email addresses. more
Businesses in the financial services sector are among the most frequent targets of cybersquatters. In this free webinar, I will be joining Craig Schwartz of fTLD Registry Services to provide important information about how domain name fraud is affecting the financial services industries, including banking and insurance, and what businesses and consumers can do to protect themselves online. more
In two weeks, final negotiations will begin on the UN's proposed Cybercrime Convention, a document which has elicited widespread concern from civil society, industry groups, and some states due to the serious risks it poses to human rights, including privacy and freedom of expression. Since 2022, GPD and other groups, including EFF, Human Rights Watch and Privacy International, have sought to alert stakeholders within the process to the need for substantial revisions... more
At the ENISA presentation on her botnet report at eco in Cologne, 9 and 10 March, one of the slots was dedicated to threats to the mobile environment. The message I was supposed to come home with was: we can still count the numbers of mobile viruses manually, <600; the problem will never be the same as on a fixed network as traffic is monitored and metered: We detect it straight away. We are studying the problem seriously. Are mobile operators really prepared for what is coming? more
A World-Renowned Source for Internet Developments. Serving Since 2002.