Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
The DNSSEC is a security protocol for providing cryptographic assurance (i.e. using the public key cryptography digital signature technology) to the data retrieved from the DNS distributed database (RFC4033). DNSSEC deployment at the root is said to be subject to politics, but there is seldom detailed discussion about this "DNS root signing" politics. Actually, DNSSEC deployment requires more than signing the DNS root zone data; it also involves secure delegations from the root to the TLDs, and DNSSEC deployment by TLD administrations (I omit other participants involvement as my focus is policy around the DNS root). There is a dose of naivety in the idea of detailing the political aspects of the DNS root, but I volunteer! My perspective is an interested observer. more
VoIP is here to stay. In fact many incumbent telecommunication carriers have started offering VoIP service for sometime and several new VoIP service providers have emerged. Aside from issues such as quality of service, the aspect of security, or lack thereof, is misunderstood by some of the VoIP service providers. This purpose of this article is to discuss two of the most well known attacks that can be carried out in current VoIP deployments. more
Over the last ten years, Andrew Odlyzko has been writing about a pricing algorithm that would assure reasonable service levels at reasonable prices. If you're going to F2C, you might want to read that brief article or this slightly more complex one to learn (or refresh your sense of) PMP -- Paris Metro Pricing models to deal with network congestion. You'll also get a sense of why throwing bandwidth at the network will not be sufficient. Here's a great article from 1995... more
Burton Group issued a press release last week announcing the conclusions of my recent report on Skype. I thought the release clearly stated our conclusions on Skype, which essentially were that there are indeed security and management concerns that enterprises ought to be aware of, but that those risks may be outweighed by the business benefits offered by the use of the application, and that enterprises must carefully weigh risk vs. reward when evaluating Skype usage. more
I'm continually amazed by the amount of FUD being spread with regard to VoIP security threats. People...the sky is not falling. VoIP isn't e-mail. It isn't implemented like e-mail, it won't be implemented like e-mail (maybe "it shouldn't be implemented like e-mail" is a more appropriate statement). Following best security practices will ensure at least a level of security equivalent to current TDM systems. Best FUD I've heard this week: VoIP is insecure because you can simply put a bridge on an ethernet line and capture a stream. Hey, has anyone ever heard of alligator clips? more
In a U.S. congress hearing held yesterday November 9th, significant focus was projected on "network neutrality" and a new telecommunications bill affecting the Internet. "This bill could fundamentally alter the fabulously successful end-to-end Internet," says Alan Davidson in the post on Google blog. Vint Cerf was not able to testify because of the Presidential Medal of Freedom award ceremony at the White House, but submitted the following letter to the hearing... more
ICANN's Nomination Committee has begun their process to nominate more members to various boards, councils and committees of ICANN. This is the process by which I was elected to the board last year. Contrary to what some people may think, these positions should not be taken to try to gain some privilege or power. These are positions of responsibility and require a lot of work for no tangible return except possibly the opportunity to meet other very interesting people. I think about my role at ICANN like I would think about jury duty. We have all benefited from the proper functioning of the Internet for the last decade. If you've benefited in the past and care about the future of the Internet, it is a great opportunity to give back to the community by applying for one of these positions. more
The outcome of the .Net rebid process will involve the security, stability and diversity of management of the Internet's critical infrastructure. As well, the rebid process introduces competitive forces that will flow through to users in the form of cost savings and improved service levels. DENIC has submitted a bid that is consistent with the goals and interests of the Internet community and is the only proponent that has done so. Let us consider the following factors and assess the alignment of the bids with the goals and interests for the Internet community. more
Former CIA Director, George J. Tenet recently called for measures to safeguard the United States against internet-enabled attacks. "I know that these actions will be controversial in this age when we still think the Internet is a free and open society with no control or accountability, but ultimately the Wild West must give way to governance and control." Mr. Tenet seems about as confused about the internet as the ITU... more
In an article by MSNBC called "Fort N.O.C.'s" [Network Operating Center] Brock N. Meeks reports: "The unassuming building that houses the "A" root sits in a cluster of three others; the architecture looks as if it were lifted directly from a free clip art library. No signs or markers give a hint that the Internet's most precious computer is inside humming happily away in a hermetically sealed room. This building complex could be any of a 100,000 mini office parks littering middle class America." ...It is hardly the "most precious computer"!!! more
On Saturday, November 29, 2003 a post on the GNSO mailing list indicated that the .name registry website had been hacked. As reported by George Kirikos, "The .name registry's main website www.nic.name has been hacked, as of Saturday evening in North America. According to Netcraft, they're running Linux. They must not have kept up to date with all security updates, or someone cracked a password. Hopefully offsite backups were made, to ensure data integrity." Although, due to this emergency, the .name web servers have been pulled down as of this writing, just a short few hours ago, visitors to the .name registry home page would find a mysterious black screen upon visiting the site, including the following text... more
A few days ago, Eric Goldman wrote an interesting thinkpiece in CircleID regarding users' feeling about privacy. He seems to conclude that the existent regulations and policies on the matter are unnecessary, since Privacy doesn't "really" matters to the consumer. Eric based his argumentation on a number of surveys, stating that, even when the user expresses concerns about their privacy, on line behavior shows a different reality. We don't want to discuss here the soundness of surveys as a reliable source of information, but the author could be assuming too much in his analysis. more
Later today, Senator Conrad Burns, who chairs the U.S. Senate subcommittee responsible for supervising ICANN, will be holding a hearing on a number of issues.
At the beginning of the year, a press release called "Burns Unveils NexGenTen Agenda For Communications Reform and Security in the 21st Century", had reported:
"U.S. Sen. Conrad Burns (R-Mont.) announced his top priorities for his chairmanship of the Senate Communications Subcommittee during the 108th legislative session. The ten items, called the Burns NexGenTen Tech Agenda, aim to strengthen security and usher reform for 21st Century Communication... more
America has barred imports of new foreign-made routers, citing cybersecurity risks tied to espionage and infrastructure disruption, signalling a broader push to reduce reliance on Chinese technology in critical network systems. more
Self-propagating malware hidden in open-source software is targeting Iranian systems, wiping data on infected machines while sparing others, signalling a shift towards precise, politically motivated cyber sabotage through widely trusted digital supply chains. more
A World-Renowned Source for Internet Developments. Serving Since 2002.