Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
Pew Internet Project has released a report called "The Future of the Internet" based on a recently conducted survey where 1,286 internet experts are said to have looked at the future impact of the internet and assessed predictions about how technology and society will unfold. The following is and excerpt from the report predicting at least one devastating attack will occur in the next 10 years on the networked information infrastructure or the United States power grid. more
At the 20th Internet Governance Forum in Lillestrøm, Norway, the UN Internet Governance Forum's dynamic coalition Internet Standards, Security and Safety (IS3C) released its new report on post-quantum policies. This report presents the findings of a collaborative study undertaken by IS3C and the French domain name registry Afnic and examines the critical need for Post-Quantum Cryptography (PQC) to achieve greater security in the ever-expanding global IoT landscape. more
In the past three years, Akamai has seen 2,000% increase in the number of DDoS attack incidents investigated on behalf of its customers. The latest State of the Internet report released today by Akamai also identifies top countries from which this observed attack traffic originates, as well as the top ports targeted by these attacks. more
Internationalized Domain Names or IDNs are back in the news. ICANN recently released a document entitled "Proposed Final Implementation for IDN ccTLD Fast Track Process"... In a nutshell, ICANN has now offered a path toward authorizing the adoption of ccTLDs in many countries' native languages. This marks a welcome advance for millions of Internet users who do not speak English or who do not use another language covered by ASCII. But with this advance comes some concerns. more
Verisign recently published a technical report on new generic top-level domain (gTLD) security and stability considerations. The initial objective of the report was to assess for Verisign's senior management our own operational preparedness for new gTLDs, as both a Registry Service Provider for approximately 200 strings, as well as a direct applicant for 14 new gTLDs... However, in cataloging internal and external risks related to the new gTLD program, we found several far-reaching and long-standing issues that need to be further explored and/or resolved with varying levels of urgency. more
A name collision occurs when a user attempts to resolve a domain in one namespace, but it unexpectedly resolves in a different namespace. Name collision issues in the public global Domain Name System (DNS) cause billions of unnecessary and potentially unsafe DNS queries every day. A targeted outreach program that Verisign started in March 2020 has remediated one billion queries per day to the A and J root name servers, via 46 collision strings. more
This Sunday, March 22, 2015, the second Registration Operations Workshop (ROW) will be taking place at the Fairmont Dallas hotel from 12:30 -- 4:30 pm CDT. Discussion will include extensions to EPP, new encryption initiatives and also suggestions for ways to further automate DNS interactions between registries, registrars and DNS operators, including a need to do this for DNSSEC. more
There have been quite a few news stories released over the last 24 hours regarding a wide-scale compromise of 300,00 Internet gateway devices. Here's the executive summary of what happened, how to check if you are vulnerable, and what you can do to fix it... If you use any of these devices, you should check it to ensure your device has not been compromised. more
The former contract with ICANN and the US Department of Commerce (DOC) was due to expire on September 30, 2002. In the statement announcing the renewal, the DOC acknowledged that ICANN was the subject of many complaints from many sectors of the Internet community. Some of these complaints had been presented to the US Congress during a hearing held in June 2002 by a Senate Subcommittee. At the hearing, a General Accounting Office (GAO) spokesperson, Peter Guerrero, testified, noting not only that ICANN had failed in its mandate, but that the U.S. Department of Commerce was also at fault in failing to properly oversee ICANN activities. He explains... more
Time flies. Although it was over 18 months ago, it seems just like yesterday that a small Czech provider, SuproNet, caused global Internet mayhem by making a perfectly valid (but extremely long) routing announcement. Since Internet routing is trust-based, within seconds every router in the world saw this announcement and tried to pass it on. Unfortunately, due to the size of this single message, quite a few routers choked -- resulting in widespread Internet instability. Today, over a year later, we were treated to a somewhat different version of the exact same story. more
At the Virus Bulletin conference last month, Andrew Lee from ESET gave a talk entitled "Cyberwar: Reality or Weapon of Mass Distraction?" In it, Lee talks about how the term "cyberwar" is thrown around a lot these days. However, he disagreed with the use of the term because it uses inflationary language and overstates the case; today's "cyberwar" is not the same as a conventional ware. more
There's been a lot of ink and pixels spilled of late over the Heartbleed bug. Yes, it's serious. Yes, it potentially affects almost everyone. Yes, there are some precautions you should take. But there's good news, too: for many people, it's a non-event. Heartbleed allows an attacker to recover a random memory area from a web or email server running certain versions of OpenSSL. The question is what's in that memory. It may be nothing, or it may contain user passwords (this has reportedly been seen on Yahoo's mail service), cryptographic keys, etc. more
In the second part of this two-part series article (part one here), Andrew McLaughlin concludes his critical look at the recently reported study, Public Participation in ICANN, by John Palfrey, Clifford Chen, Sam Hwang, and Noah Eisenkraft at the Berkman Center for Internet & Society at Harvard Law School... "ICANN has never attempted to be -- and was never designed to be -- 'representative' of the worldwide Internet community in any mathematically precise way. In view of the vast size of the global population of Internet users, and the specialized technical focus of ICANN's policy-making responsibilities, it would be a hopeless task to try to achieve truly representative statistical proportionality among ICANN's participants, committees, task forces, or Board members. Rather, here's how the U.S. government's foundational 1998 DNS policy statement described the core principle of 'representation'." more
Together with Thorsten Holz, I recently published a paper on fast flux botnet behaviors, "As the Net Churns: Fast-Flux Botnet Observations," based on data we gathered in our ATLAS platform. Fast flux service networks utilize botnets to distribute the web servers to the infected PCs... One of the most well known fast flux botnets has been the Storm Worm botnet, which uses the zombies to spam, send out new enticements to infect users, and to host the malicious website which delivers the malcode. more
Crypto-anarchism (or crypto-anarchy) is a form of anarchy accomplished through computer technology. Crypto-anarchists develop and employ their own cryptographic techniques to prevent knowledge of the information or even the identity of parties communicating over networks. The motivations vary - from just having fun and causing turmoil, to achieving perceived status within a crypto-anarchy community, to furthering socio-economic views about information availability, absolute privacy, political advocacy and spreading anti-government paranoia. more
A World-Renowned Source for Internet Developments. Serving Since 2002.