Cybersecurity

Sponsored
by

Cybersecurity / Most Viewed

You Don’t Need to Hack Twitter.com to Control All Its Traffic and Email

A big security news event last night and today is that the Twitter.com Web site was hacked and content on the site replaced. TechCrunch reported it and it has been picked up globally. But - was the Twitter.com website really hacked? We now know it was not so. There are four ways that users typing in Twitter.com would have seen the Iranian Cyber Army page. more

Reaction to VeriSign’s New 36-Hour Deadline

ICANN today has made a formal demand stating: "Given the magnitude of the issues that have been raised, and their potential impact on the security and stability of the Internet, the DNS and the .com and .net top level domains, VeriSign must suspend the changes to the .com and .net top-level domains introduced on 15 September 2003 by 6:00 PM PDT on 4 October 2003. Failure to comply with this demand by that time will leave ICANN with no choice but to seek promptly to enforce VeriSign's contractual obligations." What follows is a collection of commentaries made around the net and by experts in response to today's announcement...
 more

DNS WHOIS: Barking Up the Wrong Tree

As the Internet has grown and matured, it has become obvious to everyone involved that the DNS Whois system, as it currently exists, is not a sustainable way to share contact information for resolving network problems. ICANN, in an attempt to save DNS Whois, has plunged head long into the process of developing new policies aimed at fixing it. While I respect all of the hard work that has gone into this process, the results thus far have only made it clearer that this system faces intractable problems. more

Vint Cerf Speaking Out on Internet Neutrality

In a U.S. congress hearing held yesterday November 9th, significant focus was projected on "network neutrality" and a new telecommunications bill affecting the Internet. "This bill could fundamentally alter the fabulously successful end-to-end Internet," says Alan Davidson in the post on Google blog. Vint Cerf was not able to testify because of the Presidential Medal of Freedom award ceremony at the White House, but submitted the following letter to the hearing... more

An Authenticated Internet

Discussions around DNSSEC are so often focused on the root, the attacks, what DNSSEC does and doesn't do and so on -- and these are all valid and important points. But there is far less attention focused on the opportunities that will surface from an authenticated internet. ...DNSSEC is becoming more of a reality now -- rather than a technical discussion which has been stuck in the mud for 15 years. We can now begin to think about new opportunities to build from a secure DNS, opportunities that build on the certainty that you have arrived at the correct website. Today, you can't be sure. more

The Site Finder Report: Dr. Stephen Crocker, Chair of the Committee

As an advisory committee, our focus is to give ICANN and the community our best advice regarding security and stability issues for the domain name system and the addressing system. We are not a standards, regulatory, judicial or enforcement body; those functions belong elsewhere. As we all know, VeriSign is in the process of suing ICANN on a number of matters, including ICANN's response to their registry change last September. Although VeriSign now contends that a number of us on the committee are "Site Finder co-conspirators" the next steps are really up to the ICANN board, the ICANN staff and the many members of the technical and operating community who run the domain name system. I'll be happy to interact with the members of the community here on CircleID as time permits. more

ITU Launches IDN Survey and ccTLD Outreach

Today, the ITU launched a new survey asking member states, ccTLDs and other ITU member organizations to provide answers to a specialized questionnaire asking for their experiences on the use of IDNs. The ITU states that it is reaching out to ccTLDs to "collect information and experiences on Internationalized Domain Names under ccTLD (country code Top Level Domain) around the globe." One of the goals of this survey is to collate information on the "needs and practices" of each ccTLD that is surveyed -- so as to compile a report from the ITU that speaks to the implementation of IDNs around the world... more

Internet to ITU: Stay Away from My Network

An ITU document entitled "Beyond Internet Governance" crossed my desk earlier this week. Given that I had absolutely nothing better to do, I decided to give it a read. The audacity of the ITU Secretariat is nothing less than shocking. It has been a long while since I read such a self-serving, narrow-minded and inaccurate document. The backbone of the ITU's contention rests on the premise that something called the Next Generation Network and the contention that this network will act as one big bug fix for all the problems created by current inter-networking technology. more

Exposing 9 Myths About IPv6

This is a special two-part series article providing a distinct and critical perspective on Internet Protocol Version 6 (IPv6) and the underlying realities of its deployment. The first part gives a closer look at how IPv6 came about. This part exposes the myths.

Good as all this is, these attributes alone have not been enough so far to propel IPv6 into broad-scale deployment, and consequently there has been considerable enthusiasm to discover additional reasons to deploy IPv6. Unfortunately, most of these reasons fall into the category of myth, and in looking at IPv6 it is probably a good idea, as well as fair sport, to expose some of these myths as well. more

DKIM for Discussion Lists

There's a pernicious meme floating around that DomainKeys Identified Mail (DKIM) doesn't work with discussion lists, particularly those hosted on common open source software packages like MailMan. It's particularly odd to see this claim after I set it up successfully on a stock Debian server in less than half an hour, just a few weeks ago. Here's how it can, should, and does work. more

The Cybersecurity Act of 2009

Four senators (Rockefeller, Bayh, Nelson, and Snowe) have recently introduced S.773, the Cybersecurity Act of 2009. While there are some good parts to the bill, many of the substantive provisions are poorly thought out at best. The bill attempts to solve non-problems, and to assume that research results can be commanded into being by virtue of an act of Congress. Beyond that, there are parts of the bill whose purpose is mysterious, or whose content bears no relation to its title. more

Securing a Domain: SSL vs. DNSSEC

There has been quite a bit of talk lately about the best way to secure a domain, mainly centered in two camps: using Secure Socket Layer (SSL), or using DNS Security Extensions (DNSSEC). The answer is quite simple -- you should use both. The reason for this is that they solve different problems, using different methods, and operate over different data. more

The Case Against DNSSEC

I was talking to my good friend Verner Entwhistle the other day when he suddenly turned to me and said "I don't think we need DNSSEC". Sharp intake of breath. Transpired after a long and involved discussion his case boiled down to four points: 1. SSL provides known and trusted security, DNSSEC is superfluous, 2. DNSSEC is complex and potentially prone to errors, 3. DNSSEC makes DoS attacks worse, 4. DNSSEC does not solve the last mile problem. Let's take them one at a time... more

She Gave Me a Fake Phone Number!

The Intellectual Property Constituency, meeting at the ICANN conference in Vancouver, was interested in increasing ICANN's budget not because they thought they deserved it, but because they wanted ICANN to actually enforce the rules on the books about fake registrations. Now there's some evidence about how prevalent that is. If there's any surprise here, it's that the numbers are so low. more

ICANN and IAB Ask VeriSign to Suspend Site Finder

The Internet Corporation for Assigned Names and Numbers (ICANN) has released an "Advisory" concerning VeriSign's deployment of DNS wildcard (Site Finder) service: "Since the deployment, ICANN has been monitoring community reaction, including analysis of the technical effects of the wildcard, and is carefully reviewing the terms of the .com and .net Registry Agreements. In response to widespread expressions of concern from the Internet community about the effects of the introduction of the wildcard..." more