Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
Unlike most new IETF standards, DNS over HTTPS has been a magnet for controversy since the DoH working group was chartered on 2017. The proposed standard was intended to improve the performance of address resolutions while also improving their privacy and integrity, but it's unclear that it accomplishes these goals. On the performance front, testing indicates DoH is faster than one of the alternatives, DNS over TLS (DoT). more
At Verisign we take our Internet stewardship mission very seriously, so when details emerged over the past week concerning the XcodeGhost infection, researchers at Verisign iDefense wanted to help advance community research efforts related to the XcodeGhost issue, and leveraging our unique capabilities, offer a level of public service to help readers determine their current and historical level of exposure to the infection. more
A few days ago, Eric Goldman wrote an interesting thinkpiece in CircleID regarding users' feeling about privacy. He seems to conclude that the existent regulations and policies on the matter are unnecessary, since Privacy doesn't "really" matters to the consumer. Eric based his argumentation on a number of surveys, stating that, even when the user expresses concerns about their privacy, on line behavior shows a different reality. We don't want to discuss here the soundness of surveys as a reliable source of information, but the author could be assuming too much in his analysis. more
While Congress and the White House deliberate possible actions on FISMA reform and increased oversight of critical infrastructure, relatively little attention is being given to the government-wide cybersecurity regulation already in place, the Data Quality Act (DQA). Unlike FISMA, which primarily governs the government's internal cybersecurity processes, and contemplated legislation and/or Executive Order(s), which would likely also include a focus on critical infrastructure protection, the DQA contains a unique mandate. more
After attending the afternoon ICANN Security & Stability Committee meeting, I realized that the issues involved fall into several related but independent dimensions. Shy person that I am *Cough*, I have opinions in all, but I think it's worthwhile simply to be able to explain the Big Picture to media and other folks that aren't immersed in our field. In these notes, I'm trying to maintain neutrality about the issues. I do have strong opinions about most, but I'll post those separately, often dealing with one issue at a time. more
In the rather unique world of public international law for cybersecurity, the treaty provisions of the International Telecommunication Union (ITU) stand alone. They form the multilateral basis for the existence of all communication networks, internets, and services worldwide and have obtained the assent by every nation in the world. They also contain the only meaningful multilateral cybersecurity provisions that have endured over a century and a half through all manner of technological change. more
The capabilities IPv6 provides will enhance online security, but the shift to the new Internet address scheme may also present risks if not properly managed. Previously, Internet security was largely an after-thought for the early Internet, as its primary purpose was to facilitate open, end-to-end, any-to-any communications and information exchange for bridging and accelerating research efforts. Today, we have a much more complex online ecosystem that spans billions of users across the globe and serves not only as an engine for e-commerce, but as an engine for all commerce. more
NTIA issued a Request for Comments today asking for broad input from "all interested stakeholders, including private industry, academia, civil society, and other security experts," on actions against botnets and distributed attacks. more
The IPv6 Forum, the North American IPv6 Task Force, and Charmed Technology, Inc. today announced that the U.S. IPv6 Summit 2003 will be held December 8 - 11, 2003 in Arlington, VA, at the Doubletree Crystal City. The U.S. IPv6 Summit 2003 will focus on deployment, technical depth of key IPv6 features, and applications or services of Internet Protocol version 6 (IPv6). more
IBM today released the results from its annual X-Force 2010 Trend and Risk Report, identifying more targeted phishing, spam and mobile attacks. The report also finds cloud security continuing to evolve. "From Stuxnet to Zeus Botnets to mobile exploits, a widening variety of attack methodologies is popping up each day," says Tom Cross, threat intelligence manager, IBM X-Force. "The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical." more
U.S. Senators Mark Warner, a Virginia Democrat, and Marco Rubio, a Florida Republican, both critics of China, have urged Canada to consider dropping China's Huawei Technologies from helping to build next-generation 5G telecommunications networks. more
The Paris Peace Forum (PPF), established by the French president Emanual Macron, was picked by the Global Commission for Stability in Cyberspace (GCSC) to launch its final report "Advancing Cyberstability" for good reasons: The Internet isn't just a purely technical issue with some political implications anymore. On the eve of the 2020s, the management of cyberspace is a global problem, a matter of international security, a question of war or peace. more
What is the responsibility of the DNS? Should the DNS be responsible for policing traffic across its infrastructure? Should the blocking and blacklisting of names or throttling of query packets be the responsibility of the DNS? From experience I know my opening paragraph has started passionate debates in more than one section of this globe. We at CommunityDNS have found ourselves right in the middle of such heated debates. "Oh YES you will!", "Oh NO you will not!" more
Tech developments saw less drama than trade and environmental shifts during Trump's first 100 days. Continuity, not abrupt change, defined his approach to AI and digital regulation. Only 9 of 139 executive orders (EOs) focused on tech. Trump's tech policy emphasised reviews and incremental shifts. Public consultations on AI, cybersecurity, and cryptocurrencies signal steady evolution over upheaval. more
According to Kaspersky Lab, 2011 has seen "numerous DDoS attacks with a variety of motives," many of which will "go down in the annals of cybercrime." As we look ahead to 2012, it's worth examining some of those motives to see what they portend. more
A World-Renowned Source for Internet Developments. Serving Since 2002.