Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
The debates are raging over whether or not we should migrate to IPv6. The strongest argument is the enormous address space that will allow for everyone and everything to have a unique public address, many addresses actually. It is often said that the shortage of public IPv4 addresses has limited our capabilities because it led to the pervasive use of private addressing, Network Address Translation (NAT) and Port Address Translation (PAT). Though these technologies remain critical, they are often regarded as stop-gap measures, and they sometimes create problems. In some circles, NAT has acquired a very bad name. But is that a fair perspective of the technology? Let's review the positives and negatives. more
This week two major transoceanic cables experienced outages that may last several days. The outages provide a reminder that several Internet bottlenecks exist where these cables make landfall. When one thinks of bottlenecks in telecommunications the first and last mile come to mind. Yet equally vulnerable are the last few 1000 feet of submarine cable links. more
Interesting things happening in China. An article in the English edition of the People's Daily on line is headlined, Decimal network security address begins operation: "China's decimal network security address was officially launched. China has made a fundamental breakthrough in its Internet development; and actual use has been successful. The birth of decimal network technology makes China the only country able to unify domain names, IP addresses and MAC addresses into the text of a metric system..." Someone asked whether this was a rumored IPv9? It appears IPv9 is a project name, not a new protocol. It lumps together several activities, including at least... more
I wrote this history and analysis of domain tasting for the ICANN Business Constituency membership. It's by no means perfect but I thought I'd share it with those who would like a bit more color on the subject. "Present day 'Domain Tasting' has its roots in 2001 and 2002 when a small group of ambitious domain registrants persuaded two registrars to allow them to register large blocks of domain names for the purpose of establishing which names garnered type-in traffic..." more
The Internet Governance Project has unearthed a consultancy report to the U.S. Department of Homeland Security (DHS) that makes it clear that the issue of root signing and DNSSEC key management has been recognized as a political issue within the US government for long time. more
After looking at the state of DNSSEC in some detail a little over a year ago in 2006, I've been intending to come back to DNSSEC to see if anything has changed, for better or worse, in the intervening period... To recap, DNSSEC is an approach to adding some "security" into the DNS. The underlying motivation here is that the DNS represents a rather obvious gaping hole in the overall security picture of the Internet, although it is by no means the only rather significant vulnerability in the entire system. One of the more effective methods of a convert attack in this space is to attack at the level of the DNS by inserting fake responses in place of the actual DNS response. more
The Internet Governance Forum (IGF) is an annual UN conference on Internet governance which was held this year in Rio de Janeiro, Brazil. The topics discussed range from human rights online to providing Internet access in developing countries. A somewhat secondary topic of conversation is Internet security and cyber-crime mostly limited to policy and legislative efforts. Techies and Internet security industry don't have much to do there, but I have a few updates for us from the conference. more
I'm writing this column in November, and that means that it is time for the traveling circus known as the Internet Governance Forum (IGF) to come down to earth, unpack its tents and sell tickets for its annual song and dance routine. The script for this year's show has been changed, and after being excluded from the main arena last year at the Athens gig, the headline act of "Critical Internet Resources" is taking a starring role this year in Rio. Some folk are even saying that it is the single most contentious issue to be scheduled at this year's IGF show. So what are "Critical Internet Resources" anyway? If folks are going to spend all this time, energy and carbon emissions traveling to Rio to talk on this topic, then wouldn't it be helpful to understand what it means in the first place? There are probably a number of ways to answer this question, so in this heavily opinionated column I'd like to look at the range of possible answers to this question. more
This is an issue of some concern and should be watched carefully: phishers are now trying to get passwords of domain registrants (domain owners). Currently, correspondents inform me that GoDaddy is the target, but there's no reason to think the phishers won't expand to other registrars. Normally, phishers go after bank accounts or other financial information, or sometimes the online accounts of users so that they may send spam. It's not known precisely why phishers are after domain registration information, but the possibilities are chilling... more
You all remember cybersquatting, a popular sport in the late 90s, right? McDonalds.com, JenniferLopez.com, Hertz.com and Avon.com thankfully all point to the right web sites today, but thaiairline.com, mcdonald.com, luftansa.com, gugle.com, barnesandnobles.com and other misspellings are fake web sites intended to trap the casual surfer with a hand that's a bit too much quicker than the eye... If you want to go to the McDonalds web site, you don't even spend the 10 seconds to look it up -- you will type McDonalds.com and expect to see the latest dollar meal menu. But the same is true for the other popular form of communication -- email... more
There are many network operator group meetings being held these days. Even in the backwater of the South Pacific where I live there is now AUSNOG, and NZNOG is just next door in New Zealand. We now have MENOG in the Middle East and AFNOG in Africa. The original NOG was the North American Network Operators Group (NANOG), and they have the T-Shirts to prove it! NANOG meets three times a year, and I attended NANOG 41 in October 2007. NANOG meetings cover a broad variety of topics, from operational tools, measurement, and peering practices through to a commentary on the state of the Internet industry. Here are my impressions of the meeting. more
As the second Internet Governance Forum approaches, it is an appropriate moment to take stock of how the Internet Governance dialogue has evolved since the conclusion of the WSIS Summit in 2005. One year after the first IGF in Athens, it is clear that government, industry and civil society stakeholders are still grappling over the direction and focus of the IGF... There is little doubt that some governments will choose to borrow concepts from the IGF when developing law and policy and will ultimately apply them to the Internet within their respective jurisdictions. Given the global nature of the Internet, this should be a fundamental concern. While this important dialogue about the Internet continues at the IGF in Brazil next month, another no less important debate is emerging with regard to RFID technology and the so-called "Internet of Things." The Internet of Things is a term coined to describe a future ubiquitous sensor network that collects commercial and personal data in public and private settings created, in part, through the rollout of RFID technology... more
OK, you know things are getting bad when Ameritrade leaks its customer information yet again, and I don't even bother to report it because it's not news anymore. Well, recent updates to the story have prompted me to correct that omission. Yes, it happened again. Roughly a month ago, correspondents began to receive pump-n-dump spam to tagged email addresses which they had given only to Ameritrade... This now marks the third major confirmed leak of customer information from Ameritrade. In addition, the Inquirer reported the loss of 200,000 Ameritrade client files in February 2005. One correspondent informs me that this has happened to him on four or five previous occasions. more
In one of the first (if not the first) UDRP cases for .cat, the auto giant BMW appears to have filed a WIPO case over the BMW.cat domain name. Other prospective new TLD operators have tried to suggest in ICANN meetings that these new TLDs do not cause problems with cybersquatting or defensive registrations... Obviously, given the above WIPO case, that statement is false. more
I was talking to my good friend Verner Entwhistle the other day when he suddenly turned to me and said "I don't think we need DNSSEC". Sharp intake of breath. Transpired after a long and involved discussion his case boiled down to four points: 1. SSL provides known and trusted security, DNSSEC is superfluous, 2. DNSSEC is complex and potentially prone to errors, 3. DNSSEC makes DoS attacks worse, 4. DNSSEC does not solve the last mile problem. Let's take them one at a time... more
A World-Renowned Source for Internet Developments. Serving Since 2002.