Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
The most recent episode of The Ask Mr. DNS Podcast offers up some disturbing corroborating evidence as to the extent of DNS filtering and outright blocking occurring in China. VeriSign's Matt Larson and InfoBlox's Cricket Liu, who co-host the geeky yet engaging and extremely informative show, held a roundtable discussion including technical experts from dynamic name service providers (better known as "managed DNS" services) DynDNS, TZO, No-IP, and DotQuad, as well as Google and Comcast. more
As often occurs in networking and cryptographic history, anecdotes and insularity conspire to mask how developments actually occurred, and seminal roles undertaken by women are forgotten or ignored. One of the notable examples of this proclivity occurred in the cybersecurity cryptology arena as it involves a critical platform known as the Transport Layer Security Protocol (TLS) and the pioneering role of Ruth Nelson. more
While people may debate the death of email, there is no question that many email servers are already overloaded with spam. Current spam solutions are beginning to address the problem, but so far they all suffer from the arms race issue - as fast as we come up with new ways to fight spam, spammers are finding new ways to deliver it to us. While the functionality of email will certainly continue, the current system must change. When the change comes, it will deliver the future of email to Microsoft. more
In today's digital age, securing your website and ensuring your users' safety has never been more critical. Secure sockets layer (SSL) certificates are the go-to solution for securing websites by encrypting the data transmitted between web servers and browsers. Historically, SSL digital certificates could be valid for years, after which they had to be renewed or replaced. more
Those of you familiar with the American comic series "Peanuts" by the late Charles Schultz may be familiar with the recurring theme of Lucy's football. Lucy holds a football on her toe for Charlie Brown to practice a field goal kick. Charlie Brown realizes that the last 25 times Lucy has held the ball for him to kick, she pulled the ball out of the way at the last minute, causing him to trip and fall. Charlie Brown knows full well that Lucy may not keep the ball in place for him to kick, yet his determination gets him running towards that unlikely opportunity each and every time. more
The folks at Renesys pointed out earlier this week some interesting activity surrounding the L-root name server, highlighting some activity that should give us all yet another reason to be concerned about the security and integrity of the Internet DNS... considering that a great deal of malware today tends to corrupt the DNS resolution path in order to further exploit compromised end-systems, and that corruption, or any other actual end-system compromise, might well be unnecessary if the root were compromised -- well, think of the possibilities! more
The essay expands a cooperative solution to third-party use of brands in domain names. Like any approach that depends on cooperation, the solution will require both sides to change behavior but also allow both sides to take credit for the resulting benefits, i.e. a triangular solution. If not immediately addressed, the problem of third-party use can become a major threat to the industry. But we already know one thing: when it comes to this issue, legal action and bullying don't work. more
A group of leading domain name registries and registrars have joined forces in the fight against abuse in the Domain Name System (DNS), by developing a "Framework to Address Abuse." Each contributing company has shared its expertise and experience mitigating abusive practices with the goal of submitting the resulting Framework as a foundational document for further discussion in the multistakeholder community. more
While the global rollout of DNSSEC continues at the domain name registry level - with more than 25% of top-level domains now signed - the industry continues to focus on the problem of registrar, ISP and ultimately end-user adoption. At the ICANN meeting in Dakar in late October, engineers from some of the early-adopting registries gathered for their regular face-to-face discussion about how to break the "chicken or egg" problems of secure domain name deployment. more
One of my pet peeves is the headline "n %" of email is spam, it is inherently misleading, and conveys no useful data. I guess it makes for great newspaper headlines then! On our servers looking at one email address for 4 hours, we saw 208 attempted connections for SMTP traffic referring to this email address. ...One can't measure spam in relation to the amount of genuine email, because the amount of genuine email is not connected to the amount of spam... more
In October of 2016 the Mirai botnet came thundering onto the internet landscape. A digital Godzilla, a DDoS King Kong, this Internet of Things-powered behemoth began smashing DDoS attack records, online powerhouses like Reddit, Etsy, Spotify, CNN and the New York Times crumbling under its fists. When the dust had settled, and services had been restored, one thing seemed certain: a new era of DDoS attacks was upon us. Mirai was terrifying as a botnet but even worse as a harbinger. more
The ICANN Board voted today 9-5, with Paul Twomey abstaining, to reject a proposal to open .xxx. This is my statement in connection with that vote. I found the resolution adopted by the Board (rejecting xxx) both weak and unprincipled... I am troubled by the path the Board has followed on this issue since I joined the Board in December of 2005. I would like to make two points. First, ICANN only creates problems for itself when it acts in an ad hoc fashion in response to political pressures. Second, ICANN should take itself seriously as a private governance institution with a limited mandate and should resist efforts by governments to veto what it does. more
Unsuspecting website visitors are often unaware when they have landed on a spoofed page or are re-directed to malware-hosting web servers designed to steal their sensitive data and information. This attack is known as subdomain hijacking, or subdomain takeover. A web user's private information is then traded on the dark web, and cybercriminals profit, further fueling the expansion of identity theft in the online world. more
This month I thought I could feel smug, deploying Postfix, with greylisting (Postgrey), and the Spamhaus block list (SBL-XBL) has reduced the volume of unsolicited bulk commercial email one of our servers was delivering to our clients by 98.99%. Alas greylisting is a flawed remedy, it merely requires the spambots to act more like email servers and it will fail, and eventually they will... more
Hi! My name is spamfighter. I investigate spam and phish in a post-GDPR dystopia. Recently, I invented Fire, to save you millions of €uros. One day, my Boss suggested I automate some of my processes. I, for one, welcome our Robot Overlords (and a happy boss), but I can be exacting about the tools I use. Perhaps not to the degree of the infamous Van Halen 'no brown M&M's' contractual clause but I have no patience for poorly-designed software, and truly dislike typing when... more
A World-Renowned Source for Internet Developments. Serving Since 2002.