Cybersecurity |
Sponsored by |
|
As widely discussed recently, observed within the ICANN community several years ago, and anticipated in the broader technical community even earlier, the introduction of a new generic top-level domain (gTLD) at the global DNS root could result in name collisions with previously installed systems. Such systems sometimes send queries to the global DNS with domain name suffixes that, under reasonable assumptions at the time the systems were designed, may not have been expected to be delegated as gTLDs. more
Six months following the April 11th issuance of the Beijing Communique by ICANN's Governmental Advisory Committee (GAC), ICANN continues to wrestle with whether to accept the bulk of the GAC's proposed safeguards for new gTLDs as set forth in Annex 1 of that document. On October 1st ICANN Board Chairman Stephen Crocket sent a letter to GAC Chair Heather Dryden summarizing the results of the September 28th meeting of the New gTLD Program Committee (NGPC) that considered the remaining and still undecided advice received from the GAC. more
It is a safe assumption that if you are reading this post, you like technology. If that is the case, then you understand the tremendous economic, cultural, and human rights benefits an open, universal, and free Internet provides. That freedom is under attack. And it is our responsibilities, as stakeholders in a successful Internet, to balance governments and have an open dialog on the topic. more
How do we harden the Internet against the kinds of pervasive monitoring and surveillance that has been in recent news? While full solutions may require political and legal actions, are there technical improvements that can be made to underlying Internet infrastructure? As discussed by IETF Chair Jari Arkko in a recent post on the IETF blog, "Plenary on Internet Hardening", the Technical Plenary at next weeks IETF 88 meeting in Vancouver, BC, Canada, will focus on this incredibly critical issue. more
DNS tunneling -- the ability to encode the data of other programs or protocols in DNS queries and responses -- has been a concern since the late 1990s. If you don't follow DNS closely, however, DNS tunneling likely isn't an issue you would be familiar with. Originally, DNS tunneling was designed simply to bypass the captive portals of Wi-Fi providers, but as with many things on the Web it can be used for nefarious purposes. For many organizations, tunneling isn't even a known suspect and therefore a significant security risk. more
Google has received a lot of press regarding their Project Shield announcement at the Google Ideas Summit. The effort is being applauded as a milestone in social consciousness. While on the surface the endeavor appears admirable, the long-term impact of the service may manifest more than Google had hoped for. Project Shield is an invite-only service that combines Google's DDoS mitigation technology and Page Speed service... more
Today at the RIPE 67 event in Athens, Greece, IETF Chair Jari Arkko gave a presentation on "Pervasive Monitoring and the Internet" where he spoke about the ongoing surveillance issues and: What do we know? What are the implications? What can we do? Similar to his earlier article on the topic, Jari looked at the overall issues and spoke about how Internet technology should better support security and privacy. more
I often think there are only two types of stories about the Internet. One is a continuing story of prodigious technology that continues to shrink in physical size and at the same time continue to dazzle and amaze us... The other is a darker evolving story of the associated vulnerabilities of this technology where we've seen "hacking" turn into organised crime and from there into a scale of sophistication that is sometimes termed "cyber warfare". And in this same darker theme one could add the current set of stories about various forms of state sponsored surveillance and espionage on the net. more
Much of the discussion regarding mobile security revolves around the growing "pandemic" of mobile malware. It's not uncommon to see headlines reporting the discovery of large numbers of new malware samples. However, as Google recently pointed out, with quite a bit of data to support them, there's little discussion of real world impact of these discoveries. This raises a number of relevant questions. Is the average user likely to be infected? Where does this malware come from? These are questions that deserve analysis and thoughtful responses. more
If approved, the code would technically be voluntary for Canadian ISPs, but the active involvement of government officials suggests that most large providers would feel pressured to participate. The move toward an ISP code of conduct would likely form part of a two-pronged strategy to combat malicious software that can lead to cybercrime, identity theft, and other harms. First, the long-delayed anti-spam legislation features new disclosure requirements for the installation of software along with tough penalties for non-compliance. more
A World-Renowned Source for Internet Developments. Serving Since 2002.