Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
DNS |
Sponsored by |
|
In the last few weeks we've seen two very different approaches to the full disclosure of security flaws in large-scale computer systems. Problems in the domain name system have been kept quiet long enough for vendors to find and fix their software, while details of how to hack Transport for London's Oyster card will soon be available to anyone with a laptop computer and a desire to break the law. These two cases highlight a major problem facing the computing industry, one that goes back many years and is still far from being unresolved. Given that there are inevitably bugs, flaws and unexpected interactions in complex systems, how much information about them should be made public by researchers when the details could be helpful to criminals or malicious hackers? more
"The General Services Administration is analyzing what caused an outage of .gov websites for a few hours Wednesday morning," reports Federal Times. Officials said the problem involved so-called DNSSEC cybersecurity measures that affected access to certain .gov sites, according to GSA spokeswoman Mafara Hobson. more
It was never obvious at the outset of this grand Internet experiment that the one aspect of the network's infrastructure that would truly prove to be the most fascinating, intriguing, painful, lucrative and just plain confusing, would be the Internet's Domain Name System. After all, it all seemed so simple to start with: network applications rendezvous with their counterparts using protocol-level addresses, but we users prefer to use "natural" identifiers that act as aliases for these addresses. more
On July 2, 2002, Damien Cave published an interview on Salon.com with John Gilmore, "original 'cypherpunk' and all-around Internet supergeek," titled "It's time for ICANN to go." In this wide-ranging interview, Gilmore -- an early employee of Sun Microsystems who also co-founded Cygnus Software (acquired by Red Hat) and was an early supporter of the Electronic Frontier Foundation and the Internet Society (ISOC) -- offered blunt insight and eye-opening historical detail... more
In a letter released on Monday, the Internet Society Board of Trustees has expressed concern with a number of U.S. legislative proposals that would mandate DNS blocking and filtering by ISPs to protect the interests of copyright holders. "Policies mandating DNS filtering undermine the open architecture of the Internet and raise human rights and freedom of expression concerns," says Internet Society (ISOC). more
While Google admits that offering its services over IPv6 is still in its infancy, the company today announced the option for accessing Google services over IPv6. Last year, Google started offering Google search over IPv6 on IPv6-only websites like 'ipv6.google.com' requiring IPv6 connection, but other Google products have not been generally available over IPv6, says Google. "That's why we created Google over IPv6." more
As I noted over the weekend, ICANN has instigated legal action against EPAG, an ICANN accredited registrar based in Germany that is part of the Tucows group. ICANN claims that the case is to "preserve WHOIS data", but Tucows asserts in their statement that the ICANN approach is flawed. It's not a frivolous statement, but one they've backed with fairly detailed rationale - and this is just their public statement and not a formal legal filing. more
This is serious. I'm not joking. You can look it up. Morgan Stanley brought a UDRP action involving the domain name 'mymorganstaleyplatinum.com' against a registrant identified as "Meow ("Respondent"), Baroness Penelope Cat of Nash DCB, Ashbed Barn, Boraston Track, Tenbury Wells, Worcestershire WR15 8LQ, GB." The decision summarizes the response... more
I'm in attendance at the the TRAFFIC EAST 2006 show, in Hollywood [Miami], Florida. There has been a lot of buzz here about the .Mobi top level domain, ranging from the talk of early registrants hoping to create the next big mobile portal to those that were keen to see implementations of mobile content. There was a domain name auction this evening where flowers.mobi sold for $200,000.00 (USD), and fun.mobi for $100,000.00 (USD) from a long list of domain names in the com, net, info, org, us and mobi extensions. more
The Internet's Domain Name System is a modern day miracle. It may not represent the largest database that has ever been built, but nevertheless it's truly massive. And even if it's not the largest database that's ever been built, it's perhaps one of the more intensively used... Given the fragmentation of the IPv4 address space with the widespread use of various forms of address sharing, then it increasingly looks as if the DNS is the only remaining common glue that binds the Internet together as a single network. more
With great anticipation I waited for the most recent Applicant Guidebook version 4 aka DAG4. I was looking forward to seeing gTLD program timeline. Was it possible that ICANN would give us another timeline and be firm with it? And then I saw it. Those 3 letters next to the new October 2010 launch date: tbd. So the date is October 2010 but it is "To Be Determined"? On one hand we have a set date but on the other hand it is yet to be determined. more
It's unclear what this means in the long run. Do bad actions and actors go undetected? Do we lose our visibility into network management? What is a "secure" network, and how do we secure it using traditional techniques of network perimeter traffic inspection when all the network traffic is opaque? If we can't see inside the DNS anymore, then how can we tell if (or when) the DNS has been captured by one or two digital behemoths? more
Yesterday CommunityDNS noticed a sudden, heavy spike in traffic through its Anycast node in Hong Kong. While comfortably processing queries at 863,000 queries per second for close to 2 hours the occurrence was undeniable. While we can't say the increase in traffic was specifically due to DDoS, its sudden increase is suspicious and reminds us that DDoS is still a popular tool used by the malicious community. more
I recently wrote about the encouraging level of DNSSEC adoption among top-level domain name registries, and noted that adoption at the second level and in applications is an important next step for adding more security to the DNS. The root and approximately 20 percent of the top level domains are now signed; it is time for registrars and recursive DNS servers operated by the ISPs to occupy center stage. more
There is a lot of discussion about the Expedited Policy Development Process (EPDP) Phase 2 report on evaluating a System for Standardized Access/Disclosure (SSAD) to non-public gTLD registration data after the decisions taken by the GNSO Council on September 24th. Notably, the Business Constituency (BC) and the Intellectual Property Constituency (IPC) have voted against the adoption of the Final Report of the EPDP team. more
A World-Renowned Source for Internet Developments. Serving Since 2002.