Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS Security |
Sponsored by |
|
As expected, VeriSign raised the price of domain names, effective in October. New prices wholesale prices (to the registrar) for .com domain names are going from $6.42 to $6.86, while .net will increase from $3.85 to $4.23. This news came a few days ago in a letter to registrars. (Hint to consumers: renew your domains now.) ...So, basically, many if not most of VeriSign's registry costs have been falling at an exponential rate. Hard disk storage, computing performance, bandwidth, RAM storage... yet the cost is going up. How is this justified? more
The Internet Governance Project has unearthed a consultancy report to the U.S. Department of Homeland Security (DHS) that makes it clear that the issue of root signing and DNSSEC key management has been recognized as a political issue within the US government for long time. more
I was talking to my good friend Verner Entwhistle the other day when he suddenly turned to me and said "I don't think we need DNSSEC". Sharp intake of breath. Transpired after a long and involved discussion his case boiled down to four points: 1. SSL provides known and trusted security, DNSSEC is superfluous, 2. DNSSEC is complex and potentially prone to errors, 3. DNSSEC makes DoS attacks worse, 4. DNSSEC does not solve the last mile problem. Let's take them one at a time... more
DNS rebinding attacks are real and can be carried out in the real world. They can penetrate through browsers, Java, Flash, Adobe and can have serious implications for Web 2.0-type applications that pack more code and action onto the client. Such an attack can convert browsers into open network proxies and get around firewalls to access internal documents and services. It requires less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers. Everyone is at risk and relying on network firewalls is simply not enough. In a paper released by Stanford Security Lab, "Protecting Browsers from DNS Rebinding Attacks," authors Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and Dan Boneh provide ample detail about the nature of this attack as well as strong defenses that can be put in place in order to help protect modern browsers. more
As cross-border cyber enforcement falters, critics argue Article 19's DNS abuse framework prioritizes procedural purity over user protection, leaving courts too slow to counter AI-driven phishing, rapid-flux domains, and increasingly automated online threats. more
A flawed abuse-response system shifts costs from perpetrators to intermediaries, overwhelming enforcement. The Trusted Notifier Network seeks to realign incentives, curb low-quality reporting, and restore efficiency by embedding trust, accountability, and cost redistribution. more
A once-trusted internet protocol is showing its age. DNSXplore, a global DNSSEC archive, exposes weaknesses, improves diagnostics and nudges adoption, helping secure the cryptographic chain underpinning online trust. more
Bad actors are exploiting DNS with growing sophistication. New domains dominate threat infrastructure, daily user exposures are rising, and AI is accelerating attack creation, making DNS intelligence an increasingly critical early-warning system for modern cyber defence. more
Project Jake invites global DNS stakeholders to test JADDAR, a privacy-respecting framework for secure access to registration data, aiming to reduce regulatory fragmentation and modernise domain governance through collaborative, policy-aligned engineering solutions. more
A six year study of Global 2000 firms finds progress on email authentication but worrying gaps elsewhere. Despite rising DMARC adoption, falling DNS redundancy and uneven regional uptake leave companies exposed to domain based attacks. more
DNSSEC promised to secure DNS with cryptographic proof, yet messy rollouts, outages, and hype backlash ruined its reputation. This piece argues that storytelling and emotions shape adoption as much as specs, and that automation enables a reset. more
ICANN invites proposals for its DNSSEC and Security Workshop at the ICANN85 Community Forum in March 2026, offering a platform for global experts to share insights on DNS, routing security, and emerging threats. more
As Internet governance fragments in 2026, authority shifts from open, multistakeholder forums to state-led security regimes, legal instruments, and alliance-based cooperation, challenging longstanding institutions and reshaping global norms through enforcement rather than consensus. more
ICANN is finalising a policy to curb DNS abuse, aiming to preserve internet stability while defending freedom of expression. With regulatory pressure mounting, the multistakeholder model faces a critical test. more
The NANOG 95 conference spotlighted breakthroughs in fibre optics, wireless technology, routing security, and quantum computing, offering a forward-looking assessment of internet infrastructure and its vulnerabilities, as reported by APNIC's Geoff Huston. more
A World-Renowned Source for Internet Developments. Serving Since 2002.
