Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
In my day job I run one of the largest registrars / resellers of IE domains (the IE ccTLD is the domain name for Ireland). In the course of doing that I have spent quite a lot of time becoming accustomed to the rules and regulations that govern both the naming and general registration criteria of IE domains. In some cases I can understand why rules are the way they are, whereas in others I am completely baffled... more
Over the past five years, nearly 10 billion records have been lost, stolen or exposed, with an average of five million records compromised every day. more
Earlier this week, Poland’s new President, Karol Nawrocki, vetoed amendments to the Act on Assistance to Citizens of Ukraine, provoking debate over critical satellite connectivity. Deputy Prime Minister and Minister of Digital Affairs Krzysztof Gawkowski warned that the veto “de facto switched off Starlink for Ukraine,” potentially disrupting connectivity for hospitals, schools, and government operations. more
I'm interested in CircleID community's take on NeuStar's recent announcement of Cache Defender. While only effective for domains the company is authoritative for, that does cover a large number of big Internet brands and financial institutions. Why wouldn't an ISP deploy this now, while waiting for all the myriad issues involved in DNSSEC to be resolved? more
The new gTLD program will have a profound impact on the private sector's increasing dominance over Internet information resources and ownership of critical registry technical infrastructure assets. It is already anticipated that only the private sector will take full advantage of the commercial possibilities... However, the successful introduction of new gTLDs will also create new challenges of security for the private sector. more
Internet Protocol addresses fill two unique roles. They are both identifiers and locators. They both tell us which interface is which (identity) and tell us how to find that interface (location), through routing. In the last myth, about network scanning, we focused mainly on threats to IPv6 addresses as locators. That is, how to locate IPv6 nodes for exploitation. Today's myth also deals with IPv6 addresses as identifiers. more
It's late in the new gTLD day and the program looks to be inching ever closer to the finish line. Yet last minute hiccups seem to be a recurring theme for this ambitious project to expand the Internet namespace far beyond the 300 odd active TLDs in existence today (counting generics and country codes). A drive for growth which is already underway, with 63 gTLD contracts now signed as of mid September... But will those users find themselves at greater risk because of this namespace expansion? That's what several parties have been asking in recent months. more
On Wednesday September 29th at 1PM there will be a meeting in the Old Executive Building in Washington D.C. with Registries and domain Registrars to discuss illegal Internet sales of prescription drugs. ICANN was originally invited but declined because citing "inappropriateness" . One "U.S." Registrar who definitely will not be in attendance is OnlineNIC more
As facts unfold, and the NTIA's decision to take away our privacy comes to light, it is interesting to see the NTIA struggling to explain its decision. Keep in mind that an "as yet to be identified" bureaucrat made this decision to take away your privacy, did it without notice, and without holding hearings. Those affected were not given an opportunity to explain how the loss of privacy would negatively affect them. Quite simply, this is NOT how our government is supposed to work. We should be outraged... more
The following is a report by Susan Crawford at the ICANN meeting in Cape Town where a workshop was held yesterday for increasing awareness and understanding of United Nation's World Summit on the Information Society (WSIS) and issues that directly impact ICANN. "WSIS" is defined as a process in which governments intend to address a broad range of international legal, regulatory, economic, and policy issues related to the Internet. Some governments have proposed that an intergovernmental organization be responsible for "Internet governance," a phrase that remains undefined and some consider to include and/or mean the administration and coordination of the domain name system (DNS). more
New Zealand's .nz operator, InternetNZ, on Wednesday disclosed a vulnerability against authoritative DNS servers. The vulnerability called TsuNAME was first detected in February 2020 in the .nz registry and found that it could be exploited to carry out Denial-of-Service (DoS) attacks across the world. more
Seems that DNSSEC is being subjected to what an old boss of mine used to call the "fatal flaw seeking missiles" which try to explain the technical reasons that DNSSEC is not being implemented. First it was zone walking, then the complexity of Proof of Non-Existence (PNE), next week ... one shudders to think. While there is still some modest technical work outstanding on DNSSEC, NSEC3 and the mechanics of key rollover being examples, that work, of itself, does not explain the stunning lack of implementation or aggressive planning being undertaken within the DNS community. more
Although IPv6 DDoS attacks are not yet a common occurrence, there are indications that malicious actors have started testing and researching IPv6 based DDoS attack methods. more
I have previously pointed out the shortcomings of good and user friendly support for DNSSEC in Microsoft's Server 2008 R2. During the period just after I wrote the post, I had a dialogue with Microsoft, but during the last months there has been no word at all. The reason I bring this up again is that more and more Top Level Domains (TLDs) now enable DNSSEC and also the fact that within six months the root will be signed. more
Over the past 30 years the Domain Name System has become an integral part of the operation of the Internet. Due to its ubiquity and good performance, many new applications over the years have used the DNS to publish information. But as the DNS and its applications have grown farther from its original use in publishing information about Internet hosts, questions have arisen about what applications are appropriate for publication in the DNS, and how one should design an application to work well with the DNS. more
A World-Renowned Source for Internet Developments. Serving Since 2002.