Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
I was a witness at the two prior hearing, one in 2001 and another in 2002 - it's quite an experience.
My submission to this year's hearing is online at http://www.cavebear.com/rw/senate-july-31-2003.htm
What's going to be said by the witnesses? I don't know. But I have some guesses...
Later today, Senator Conrad Burns, who chairs the U.S. Senate subcommittee responsible for supervising ICANN, will be holding a hearing on a number of issues.
At the beginning of the year, a press release called "Burns Unveils NexGenTen Agenda For Communications Reform and Security in the 21st Century", had reported:
"U.S. Sen. Conrad Burns (R-Mont.) announced his top priorities for his chairmanship of the Senate Communications Subcommittee during the 108th legislative session. The ten items, called the Burns NexGenTen Tech Agenda, aim to strengthen security and usher reform for 21st Century Communication...
Some individual appears to have hijacked more than a 1,000 home computers starting in late June or early July and has been installing a new Trojan Horse program on them. The Trojan allows this person to run a number of small websites on the hijacked home computers. These websites consists of only a few web pages and apparently produce income by directing sign-ups to for-pay porn websites through affiliate programs. Spam emails messages get visitors to come to the small websites.
To make it more difficult for these websites to be shut down, a single home computer is used for only 10 minutes to host a site. After 10 minutes, the IP address of the website is changed to a different home computer...
IPv6 advocacy has been tainted by FUD and half-truth. CommsWorld recently interviewed Juniper's Jeff Doyle, who is a strong supporter of IPv6 -- but who also has little patience for IPv6 mythology. Forget security, half-true address crises and QoS: the best reason for the world to run with IPv6 is what's driven the Internet all along -- innovation.
It seems like spam is in the news every day lately, and frankly, some of the proposed solutions seem either completely hare-brained or worse than the problem itself. I'd like to reiterate a relatively modest proposal I first made over a year ago: Require legitimate DNS MX records for all outbound email servers.
MX records are one component of a domain's Domain Name System (DNS) information. They identify IP addresses that accept inbound email for a particular domain name. To get mail to, say, linux.com, a mail server picks an MX record from linux.com's DNS information and attempts to deliver the mail to that IP address. If the delivery fails because a server is out of action, the delivering server may work through the domain's MX records until it finds a server that can accept the mail. Without at least one MX record, mail cannot be delivered to a domain.
Please pardon me if I start this story by telling about an incident that happened to me at the Madrid airport while flying to the ICANN meetings in Rio.
It was about midnight when, after flying in from Turin, my hometown, I had to go through the passport control to reach my gate for the flight to Rio. The war between the US/UK and Iraq had started two days before, and even if the Spanish government was among its supporters, security checks were apparently proceeding as usual. Passport controls inside the EU for EU citizens usually take a few seconds, and the line ahead of me was proceeding quickly.
Brownian motion is the ceaseless random movement of particles suspended in a warm fluid. The particles move because they are buffeted by random collisions with molecules and atoms speeding this way and that under the impetus of heat. The greater the heat, the greater the motion. But no matter how much motion and how much heat, Brownian motion brings no progress.
Today I learned from Bret Fausett's ICANN Blog that ICANN has just published its Sixth Status Report Under ICANN/US Government Memorandum of Understanding, dated March 31, 2003. This report is subtitled "Report by ICANN to United States Department of Commerce Re: Progress Toward Objectives of Memorandum of Understanding" (emphasis added.)
John Banks is a loan officer in New York. John's supervisor recently warned John about the potential number of bad loans he may be carrying as part of his portfolio. To dump some of the bad loans he might be carrying, John came up with a scheme. He pointed his web browser to www.whois.org and entered terms denoting disease or poor health such as 'cancer' and 'illness'. This query on the Internet's WHOIS database reported results of names and addresses of domain name owners who had developed websites devoted to providing information on certain serious illnesses. John compared these names and addresses with those in his portfolio of loans. For the matches, he canceled the loans and required immediate payment-in-full.
A recent study by researchers at the Cooperative Association for Internet Data Analysis (CAIDA) at the San Diego Super Computer Center (SDSC) revealed that a staggering 98% of the global Internet queries to one of the main root servers, at the heart of the Internet, were unnecessary. This analysis was conducted on data collected October 4, 2002 from the 'F' root server located in Palo Alto, California.
The findings of the study were originally presented to the North American Network Operators' Group (NANOG) on October 2002 and later discussed with Richard A. Clarke, chairman of the President's Critical Infrastructure Protection Board and Special Advisor to the U.S. President for Cyber Space Security.
What happens if ICANN fails? Who will run the DNS then?
Of course to many, ICANN already has failed -- spectacularly so. Critics have long complained that ICANN not only lacks accountability and legitimacy, but also that it is inefficient (at best) and downright destructive (at worst). According to these critics, ICANN's many sins include threatening the stability of the Internet, limiting access by imposing an artificial domain name scarcity, and generally behaving like a petulant dictator.
A World-Renowned Source for Internet Developments. Serving Since 2002.