Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
For several years, DNS-OARC has been collecting DNS query data "from busy and interesting DNS name servers" as part of an annual "Day-in-the-Life" (DITL) effort (an effort originated by CAIDA in 2002) that I discussed in the first blog post in this series. DNS-OARC currently offers eight such data sets, covering the queries to many but not all of the 13 DNS root servers (and some non-root data) over a two-day period or longer each year from 2006 to present. more
The front page story of the September 13 2011 issue of the International Herald Tribune said it all: "Iranian activists feel the chill as hacker taps into e-mails." The news story relates how a hacker has "sneaked into the computer systems of a security firm on the outskirts of Amsterdam" and then "created credentials that could allow someone to spy on Internet connections that appeared to be secure." According to this news report this incident punched a hole in an online security mechanism that is trusted by hundreds of millions of Internet users all over the network. more
Six months following the April 11th issuance of the Beijing Communique by ICANN's Governmental Advisory Committee (GAC), ICANN continues to wrestle with whether to accept the bulk of the GAC's proposed safeguards for new gTLDs as set forth in Annex 1 of that document. On October 1st ICANN Board Chairman Stephen Crocket sent a letter to GAC Chair Heather Dryden summarizing the results of the September 28th meeting of the New gTLD Program Committee (NGPC) that considered the remaining and still undecided advice received from the GAC. more
The Internet has enhanced freedom of communication, ignored national borders, and removed time and space barriers. But the Internet sphere was never a law-free zone. Already ICANN's "Articles of Incorporation" (1998) constituted that the management of critical Internet resources has to take place within the frameworks of "applicable national and international law". more
I have to tell you -- I'm not really happy about the fact that the majority of serious cyber crime on the Internet happens without any legal prosecution. I spend an enormous amount of time -- far beyond my "day job" and exceeding what some might consider my professional capacity -- tracking cyber crime. I also work closely with law enforcement (both in the U.S. and abroad) to assist in the intelligence gathering process, putting the pieces of the puzzles together, connecting the dots, and so forth. And most of the major criminal organizations are still operating (pretty much) in the open, with fear of retribution or criminal prosecution, for a number of reasons. more
Recently a proof of concept attack was announced on the Internet that demonstrated how a web address could be constructed that looked in some web browsers identical to that of a well known website. This technique could be used to trick a user into going to a website that they did not plan on visiting, and possibly provide sensitive information to a third party. As a result of this demonstration, there has been a number of voices calling for web browsers to disable or remove support for IDNs by default. ...CENTR, a group of many of the world's domain registries - representing over 98% of domain registrations worldwide - believes such strong reactions are heavily detrimental... more
The Domain Name System Security Extensions (DNSSEC) is a suite of IETF-developed specifications designed to validate information provided by the Domain Name System (DNS). ... When the root zone was signed in June 2010, this acted as a catalyst for TLD operators to deploy DNSSEC on their side. We have seen a gradual but significant increase in signed TLDs since then. The map in this post shows the level of DNSSEC deployment in Europe. more
Like many people, I was taken by surprised by Google's announcement about its threatened withdrawal from China in the wake of continued censorship and attacks that appeared to emanate from there. My immediate reaction was quite simple: "Wow". There's been a lot of speculation about just why they pulled out. Some reports noted that Google has been losing market share to Baidu... I don't think, though, that that's the whole story. more
The Storm worm has gotten a lot of press this year, with a lot of the coverage tending toward the apocalyptic. There's no question that it's one of the most successful pieces of malware to date, but just how successful is it? Last weekend, Brandon Enright of UC San Diego gave a informal talk at the Toorcon conference in which he reported on his analysis of the Storm botnet. According to his quite informative slides, Storm has evolved quite a lot over the past year... more
During the 11th Internet Governance Forum (IGF), a United Nations-convened conference taking place in Mexico, 6-9 December, the Internet Society urged the global Internet community to redouble its efforts in addressing the wave of unprecedented challenges facing the Internet. more
Former CIA Director, George J. Tenet recently called for measures to safeguard the United States against internet-enabled attacks. "I know that these actions will be controversial in this age when we still think the Internet is a free and open society with no control or accountability, but ultimately the Wild West must give way to governance and control." Mr. Tenet seems about as confused about the internet as the ITU... more
Security is great when all the green lights are shining brightly and everything validates as intended, but what happens when you encounter failure? In this work we examine the behaviour of the DNS when security, in the form of DNSSEC is added, and we look at what happens when things do not happen as intended. What triggered this examination was a sudden increase in the traffic generated by secondary servers for the in-addr.arpa reverse zones in December 2009. more
Data solutions provider Return Path has released a new report highlighting 20 visionary ideas for brands to "futureproof" their email program. Among various insights, the report warns brands that adoption of IPv6 will result in rising dependency on domain-based reputation. more
The Internet of Things (IoT) is on an explosive growth trajectory. According to Transforma Insights, the number of IoT-connected devices is projected to increase to 24.1 billion worldwide by 2030. That's almost a three-fold increase from 2019. Much of this growth will be fueled by the coming 5G revolution, which will enable businesses and consumers to take advantage of a wide range of increasingly sophisticated connected devices. more
Google today announced that its "Public DNS" service is now performing DNSSEC validation. Yunhong Gu, Team Lead for Google Public DNS, in post today wrote: "We launched Google Public DNS three years ago to help make the Internet faster and more secure.Today, we are taking a major step towards this security goal: we now fully support DNSSEC (Domain Name System Security Extensions) validation on our Google Public DNS resolvers." more
A World-Renowned Source for Internet Developments. Serving Since 2002.