Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
The basic problem posed by WSIS was the role of national governments and national sovereignty in global Internet governance. That conflict remains completely unresolved by the WSIS document. The document's thinking is still based on the fiction that there is a clear divide between "public policy" and the "day to day operation" of the Internet, and assumes that governments should be fully in control of the policy-setting function. Moreover, new organizational arrangements are being put into place which will carry on that debate for another 5 years, at least. The new Internet Governance Forum is a real victory for the civil society actors, but also fails to resolve the basic issue regarding the role of governments and sovereignty. Although called for and virtually created by civil society actors, the language authorizing its creation asks to involve all stakeholders "in their respective roles." In other words, we still don't know whether this Forum will be based on true peer-peer based interactions among governments, business and civil society, or whether it will reserve special policy making functions to governments. more
Over the past five years, nearly 10 billion records have been lost, stolen or exposed, with an average of five million records compromised every day. more
The U.S. Internet Revenue Service now says that criminals already had most of the information that credit bureau Equifax lost in a breach that revealed personal information about nearly 150 million people. The incident at Equifax and the IRS' mid-October admission of how much-stolen data was already in criminal hands may force changes in how the world handles personal information. more
I'm interested in CircleID community's take on NeuStar's recent announcement of Cache Defender. While only effective for domains the company is authoritative for, that does cover a large number of big Internet brands and financial institutions. Why wouldn't an ISP deploy this now, while waiting for all the myriad issues involved in DNSSEC to be resolved? more
The new gTLD program will have a profound impact on the private sector's increasing dominance over Internet information resources and ownership of critical registry technical infrastructure assets. It is already anticipated that only the private sector will take full advantage of the commercial possibilities... However, the successful introduction of new gTLDs will also create new challenges of security for the private sector. more
A domain name consists of two main elements: the second-level domain name to the left of the dot - often consisting of a brand name or relevant keywords - and the domain extension or top-level domain (TLD) to the right of the dot. Domain names form the key elements of the readable web addresses allowing users to access pages on the internet and also allowing the construction of email addresses. more
Internet Protocol addresses fill two unique roles. They are both identifiers and locators. They both tell us which interface is which (identity) and tell us how to find that interface (location), through routing. In the last myth, about network scanning, we focused mainly on threats to IPv6 addresses as locators. That is, how to locate IPv6 nodes for exploitation. Today's myth also deals with IPv6 addresses as identifiers. more
As facts unfold, and the NTIA's decision to take away our privacy comes to light, it is interesting to see the NTIA struggling to explain its decision. Keep in mind that an "as yet to be identified" bureaucrat made this decision to take away your privacy, did it without notice, and without holding hearings. Those affected were not given an opportunity to explain how the loss of privacy would negatively affect them. Quite simply, this is NOT how our government is supposed to work. We should be outraged... more
New Zealand's .nz operator, InternetNZ, on Wednesday disclosed a vulnerability against authoritative DNS servers. The vulnerability called TsuNAME was first detected in February 2020 in the .nz registry and found that it could be exploited to carry out Denial-of-Service (DoS) attacks across the world. more
On Wednesday September 29th at 1PM there will be a meeting in the Old Executive Building in Washington D.C. with Registries and domain Registrars to discuss illegal Internet sales of prescription drugs. ICANN was originally invited but declined because citing "inappropriateness" . One "U.S." Registrar who definitely will not be in attendance is OnlineNIC more
Seems that DNSSEC is being subjected to what an old boss of mine used to call the "fatal flaw seeking missiles" which try to explain the technical reasons that DNSSEC is not being implemented. First it was zone walking, then the complexity of Proof of Non-Existence (PNE), next week ... one shudders to think. While there is still some modest technical work outstanding on DNSSEC, NSEC3 and the mechanics of key rollover being examples, that work, of itself, does not explain the stunning lack of implementation or aggressive planning being undertaken within the DNS community. more
It's late in the new gTLD day and the program looks to be inching ever closer to the finish line. Yet last minute hiccups seem to be a recurring theme for this ambitious project to expand the Internet namespace far beyond the 300 odd active TLDs in existence today (counting generics and country codes). A drive for growth which is already underway, with 63 gTLD contracts now signed as of mid September... But will those users find themselves at greater risk because of this namespace expansion? That's what several parties have been asking in recent months. more
The following is a report by Susan Crawford at the ICANN meeting in Cape Town where a workshop was held yesterday for increasing awareness and understanding of United Nation's World Summit on the Information Society (WSIS) and issues that directly impact ICANN. "WSIS" is defined as a process in which governments intend to address a broad range of international legal, regulatory, economic, and policy issues related to the Internet. Some governments have proposed that an intergovernmental organization be responsible for "Internet governance," a phrase that remains undefined and some consider to include and/or mean the administration and coordination of the domain name system (DNS). more
Over the past 30 years the Domain Name System has become an integral part of the operation of the Internet. Due to its ubiquity and good performance, many new applications over the years have used the DNS to publish information. But as the DNS and its applications have grown farther from its original use in publishing information about Internet hosts, questions have arisen about what applications are appropriate for publication in the DNS, and how one should design an application to work well with the DNS. more
I have previously pointed out the shortcomings of good and user friendly support for DNSSEC in Microsoft's Server 2008 R2. During the period just after I wrote the post, I had a dialogue with Microsoft, but during the last months there has been no word at all. The reason I bring this up again is that more and more Top Level Domains (TLDs) now enable DNSSEC and also the fact that within six months the root will be signed. more
A World-Renowned Source for Internet Developments. Serving Since 2002.