Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Today's Wall Street Journal discusses the fight over Whois privacy. The article on the front page of the Marketplace section starts by discussing how the American Red Cross and eBay use the Whois database to track down scammers: "Last fall, in the wake of Hurricane Katrina, the American Red Cross used an Internet database called "Whois" that lists names and numbers of Web-site owners to shut down dozens of unauthorized Web sites that were soliciting money under the Red Cross logo. Online marketplace eBay Inc. says its investigators use Whois hundreds of times a day..." more
The domain name system is in good health. But it's about to get even better. The Domain Name Association (DNA), the Internet domain industry's trade association, undertook an effort in 2016 it named the Healthy Domains Initiative (HDI). It's an ambitious, self-motivated effort to build on the DNS' already secure and stable platform and meet select challenges head-on, before they develop. more
One of the most prominent denial of service attacks in recent months was one that occurred in March 2013 between Cloudflare and Spamhaus... How did the attackers generate such massive volumes of attack traffic? The answer lies in the Domain Name System (DNS). The attackers asked about domain names, and the DNS system answered. Something we all do all of the time of the Internet. So how can a conventional activity of translating a domain name into an IP address be turned into a massive attack? more
DNS rebinding attacks are real and can be carried out in the real world. They can penetrate through browsers, Java, Flash, Adobe and can have serious implications for Web 2.0-type applications that pack more code and action onto the client. Such an attack can convert browsers into open network proxies and get around firewalls to access internal documents and services. It requires less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers. Everyone is at risk and relying on network firewalls is simply not enough. In a paper released by Stanford Security Lab, "Protecting Browsers from DNS Rebinding Attacks," authors Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and Dan Boneh provide ample detail about the nature of this attack as well as strong defenses that can be put in place in order to help protect modern browsers. more
"The Root Server is a Scarce Resource" is the focus of part one of a three-part series based on a study prepared by Karl M. Manheim, Professor of Law at Loyola Law School and Lawrence B. Solum, Professor of Law at University of San Diego. Special thanks and credit to Hastings Communications and Entertainment Law Journal, Vol. 25, p. 317, 2004. ...We begin our analysis of domain name policy with a brief excursion into economics. Economics cannot answer all of the questions raised by domain name policy. First, domain name policy must answer to the discipline of network engineering. A useful domain name system must work, and the functionality, scalability, reliability, and stability of the system are determined by the soundness of its engineering. Second, domain name policy must answer to public policy. The Internet is a global network of networks, and Internet policy is answerable to a variety of constituencies, including national governments, the operators of the ccTLDs, Internet Service Providers, information providers, end users of the Internet, and many others. more
Looking back at the year that just ended, here are the top ten most popular news, blogs, and industry news on CircleID in 2009 based on the overall readership of the posts. Congratulations to all the participants whose posts reached top readership in 2009 and best wishes to the entire community in 2010. more
The alarming rise of phishing attacks has been underscored by a recent study "Phishing Landscape 2023: An Annual Study of the Scope and Distribution of Phishing conducted" by the Interisle Consulting Group, revealing a tripling of such attacks since May 2020. Despite efforts by companies and policymakers to combat this cybercrime, the data suggests that the prevailing strategies are ineffective and worsening each year. more
Ever visit cartoonneetwork.com? Adaptac.com? Check the URLs carefully, for these aren't the "real" sites operated by the Cartoon Network cable channel or by Adaptec, manufacturer of PC storage devices. Instead, these domains -- and some 5,000+ others -- were registered by a Mr. John Zuccarini. Read on to learn what he is up to and how he has gotten away with it. more
Here are the top ten most popular news, blogs, and industry updates featured on CircleID during 2012 based on the overall readership of the posts for the past 12 months. Congratulations to all the participants whose posts reached top readership and best wishes to the entire community for 2013. more
Cyber attackers are very skilled at infiltration. They'd find ways into a house through cracks and holes that the homeowner doesn't know about. Analogically speaking, that's what the new cyber attack group dubbed "Hafnium" did when they identified several zero-day Microsoft Exchange vulnerabilities to get into target networks. With thousands of users for every Microsoft Exchange server, the attack has far-reaching implications. First, it establishes the presence of a new threat actor group in town. What else could they be up to? more
"GOD, at least in the West, is often represented as a man with a flowing beard and sandals. Users of the Internet might be forgiven for feeling that nature is imitating art — for if the Net does have a god he is probably Jon Postel" (The Economist, Feb. 1997) David W. Maher, Senior Vice President, Law and Policy of Public Interest Registry (PIR) offers his reminiscence of the early days of the Internet and attempts made to restructure the Domain Name System — an article he has entitled 'Reporting to God'. more
PIR, the registry operator for .org, has sent notices to registrars that it is implementing an anti-abuse policy that offers no due process for innocent domain registrants... While it's good intentioned, there is great potential for innocent domain registrants to suffer harm, given the lack of appropriate safeguards, the lack of precision and open-ended definition of "abuse", the sole discretion of the registry operator to delete domains, and the general lack of due process. more
Here we are with CircleID's annual roundup of top ten most popular posts featured during 2013 (based on overall readership). Congratulations to all the participants whose posts reached top readership and best wishes to the entire community for 2014. more
It is once again time for our annual review of posts that received the most attention on CircleID during the past year. Congratulations to all the 2018 participants for sharing their thoughts and making a difference in the industry. more
When it comes to domain name disputes, no domain name has captured more media attention than sex.com. Of course, disputes about sex often obtain a great deal of attention, and the sex.com domain name dispute can grab its share of headlines because the case involves sex, theft, declared bankruptcy, a once-thriving Internet porn business, and fraud, instead of the typical cybersquatting allegations. Indeed, this case is remarkable for its potential impact on the development of caselaw concerning whether there is a valid basis to assume that trademark interests should overwhelm all non-commercial interests in the use of domain names. The answer is no, but the caselaw to support that answer is in tension with cases that strongly imply a contrary conclusion. more
A World-Renowned Source for Internet Developments. Serving Since 2002.