Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
As the year comes to a close, it is important to reflect on what has been one of the major actions in the anti-spam arena this year: the quest for email authentication. With email often called the "killer app" of the Internet, it is important to reflect on any major changes proposed, or implemented that can affect that basic tool that many of us have become to rely on in our daily lives. And, while many of the debates involved myriads of specialized mailing lists, standards organizations, conferences and even some government agencies, it is important for the free and open source software (FOSS) community as well as the Internet community at large, to analyze and learn lessons from the events surrounding email authentication in 2004. more
It's funny, but I recall the battle cry that the WWW was "free" back in its early days. When contributing game concept to the early and great gaming pioneers like Infocom, there was such a great esprit-du-corps amongst our team regarding the fun as well as utility that the WWW offerred. In retrospect, we were so naive. I recall the days when guys like Bill Gates prided themselves on being such a great "hackers" - it was a noble term back then. more
The following article is an excerpt from the recently released Internet Analysis Report 2004 - Protocols and Governance. Full details of the argument for protocol reform can be found at 'Internet Mark 2 Project' website, where a copy of the Executive Summary can be downloaded free of charge. ..."In releasing this section for comment, I would like to point out that the report's conclusions are based on a cumulative examination of various protocols and systems. We are at a point of time where other protocols and systems are equally problematic -- the report points to some significant problems with DNS structure and scalability, and also points out that, to all intents and purposes, the basic email protocol, SMTP, is broken and needs immediate replacement." more
The first week in July I went to an acronym-heavy World Symposium on the Internet Society Thematic Meeting on spam in Geneva. A few people have reported this as a meeting by "the UN", which it wasn't. Although the International Telecommunications Union is now part of the UN, it dates back to an 1865 treaty to manage international telegraph communication... more
As the Internet has grown and matured, it has become obvious to everyone involved that the DNS Whois system, as it currently exists, is not a sustainable way to share contact information for resolving network problems. ICANN, in an attempt to save DNS Whois, has plunged head long into the process of developing new policies aimed at fixing it. While I respect all of the hard work that has gone into this process, the results thus far have only made it clearer that this system faces intractable problems. more
Amidst the fascinating news from the SCO saga, preparing for SANS London and contributing to the Unix timeline project at Grokline my eyes caught a piece of rather distressing news on the BBC. It appears that BT (British Telecom) intends to move its current phone network to an IP-based network by 2009 thereby sending the circuit-switched technology off to the attic. The real question is: can we guarantee the same level of reliability on VoIP as we had on circuit-switched telephony when the stated aim is to carry both voice and data traffic down the same cables (or fibres more likely)? more
A United Nations task force recently held a two-day workshop on the question of who governs the Internet. U.N. Secretary General Kofi Annan challenged those of us present to ensure that the Internet and the World Wide Web support "the cause of human development."
Following in the long-standing tradition of skepticism about governments in the Internet community, some in the technical community and the Internet's chattering classes view the concerns expressed by the United Nations and countries such as Brazil, India and others, as a threat to the operation of the Internet itself. This article was originally published at CNET News.Com on April 6, 2004. more
We, as the Internet engineering community, have made a great mistake. Actually, it wasn't even one large mistake, but a series of small ones. Engineers are busy people, and most of us work under the constraints of the organizational entities we serve (be it ISPs, non-internet corporates, or even non-profits). Few of us have time for politics; even fewer have the desire and motivation for politics, and those of us who do try usually end up facing a brick wall of stubbornness, lack of understanding of the underlying technical issues, or just a deaf ear. more
CircleID recently interview Paul Vixie, Founder & Chairman of Internet Software Consortium (ISC), to discuss ISC's newly formed Operations, Analysis, and Research Center (OARC). OARC is launched in response to DDoS attacks at the Internet's core infrastructure and the vital requirement for a formal coordination system. OARC is also a part of US homeland security initiatives, such as the formation of Information Sharing and Analysis Centers (ISACs).
"Registries and registrars, ccTLD operators, large corporate NOCs, ISPs and ecommerce companies that host many domain names are all likely candidates. This is also a natural for law enforcement groups that are worried about attacks on the Internet." more
The Internet Corporation for Assigned Names and Numbers (ICANN) has released an "Advisory" concerning VeriSign's deployment of DNS wildcard (Site Finder) service: "Since the deployment, ICANN has been monitoring community reaction, including analysis of the technical effects of the wildcard, and is carefully reviewing the terms of the .com and .net Registry Agreements. In response to widespread expressions of concern from the Internet community about the effects of the introduction of the wildcard..." more
Some individual appears to have hijacked more than a 1,000 home computers starting in late June or early July and has been installing a new Trojan Horse program on them. The Trojan allows this person to run a number of small websites on the hijacked home computers. These websites consists of only a few web pages and apparently produce income by directing sign-ups to for-pay porn websites through affiliate programs. Spam emails messages get visitors to come to the small websites.
To make it more difficult for these websites to be shut down, a single home computer is used for only 10 minutes to host a site. After 10 minutes, the IP address of the website is changed to a different home computer... more
A recent study by researchers at the Cooperative Association for Internet Data Analysis (CAIDA) at the San Diego Super Computer Center (SDSC) revealed that a staggering 98% of the global Internet queries to one of the main root servers, at the heart of the Internet, were unnecessary. This analysis was conducted on data collected October 4, 2002 from the 'F' root server located in Palo Alto, California.
The findings of the study were originally presented to the North American Network Operators' Group (NANOG) on October 2002 and later discussed with Richard A. Clarke, chairman of the President's Critical Infrastructure Protection Board and Special Advisor to the U.S. President for Cyber Space Security. more
Recently, I entered my domain name in a "WHOIS" database query to test the results of the database by using WHOIS on a number of domain name registrar websites. WHOIS is a database service that allows Internet users to look up a number of matters associated with domain names, including the full name of the owner of a domain name, the name of the domain name hosting service, the Internet Protocol or I.P. number(s) corresponding to the domain name, as well as personally identifying information on those who have registered domain names. I was astonished to find... more
The NANOG 95 conference spotlighted breakthroughs in fibre optics, wireless technology, routing security, and quantum computing, offering a forward-looking assessment of internet infrastructure and its vulnerabilities, as reported by APNIC's Geoff Huston. more
Google's lawsuit against the Lighthouse phishing syndicate exposes the industrial scale of cybercrime, highlighting how criminals exploit easy access to digital infrastructure to scam millions. The broader supply chain enabling such operations demands urgent reform. more
A World-Renowned Source for Internet Developments. Serving Since 2002.