DNS

DNS / Most Viewed

Domain Tasting Target of US Federal Cybersquatting Lawsuit

So Domain Tasting, where registrants (who may also be registrars) taste names and keep only those that have economic value, is now the target of a federal cybersquatting lawsuit, brought about by lawyers for major brand name retailers Neiman Marcus and Bergdorf Goodman against major domain name registrar Dotster. This Dotster lawsuit involves allegations of cybersquatting by registrars who use the Create Grace Period, which is mandated by ICANN for global registries... more

To Fight Domain Name Theft: Sex.com Gives Birth to a New Property Right

For those who are Star Wars fans, the following scene from the prequel, Attack of the Clones, will be easy to recall: a young and misinformed Jedi, known as Obi-waan Kenobi, opines about how an army of clones had been able to snatch a victory from imminent defeat. Yoda, a Jedi Master and virtual fountain of wisdom, immediately gushes forth an important correction: "Victory? Victory you say? Master Obi-waan, not victory." Yoda explains that winning a battle is not a victory, if the win merely signals that the war has just begun. Yoda's apparent perception seems particularly apt for the precedent setting federal court opinion involving the sex.com domain name. Notwithstanding that individual domain name registrants may seek comfort in the victory obtained from the Ninth Circuit's opinion in Kremen v. Cohen, that decision merely signals a beginning -- not an end -- to the controversy over the proper legal framework for resolving domain name theft.  more

Do Not Enter - It’s XXX

There soon will be a central place for Web surfers to dwell in a forbidden cyber land of adult fantasies, sex, dark rituals and total taboos. Finally, ICANN has given in to the pressure and has tossed a big rock across the turbulent e-commerce ocean. It has approved a new suffix, .xxx, for adult-only porn sites, creating ripples and debates in ever so confusing global cyber branding times when cyber global domain name challenges are being fought in the complex earthly trademark realities. Three things are bound to happen... more

Security Researcher Dan Kaminsky Has Died

The celebrated security researcher, Dan Kaminsky, widely known for his work on discovering cruicisl DNS security flaws, Sony Rootkit infections and pupular talk at the Black Hat Briefings. more

Why I Am Participating in the ORSN Project

As a long time supporter of the universal namespace operated by IANA, it may come as a surprise that I have joined the Open Root Server Network project (ORSN). I'll try to explain what's going on and what it all means. ...If one of my kids, or anybody anywhere, sits down in front of a web browser and keys in a URL, it ought to just work. They ought to see the same web page that anybody else would see, no matter what country they're in or what their ISP wants or what their local church or government wants. This universality of naming is one of the foundations on which the Internet was built, and it is how the Internet fosters economic growth and social freedoms. It's what makes the Internet different from old Compuserve, old AOL, old MSN, old Minitel, and everything else that has come -- and gone -- before... more

ICANN Confirms: Tiered Pricing Not Forbidden in New .BIZ, .INFO and .ORG Contracts

I finally got the "official" word from Vint Cerf of ICANN, "on the record", who confirmed that my interpretation is correct, that differential/tiered pricing on a domain-by-domain basis would not be forbidden under the .biz/info/org proposed contracts. This means that the registries could charge $100,000/yr for sex.biz, $25,000/yr for movies.org, etc. if they wanted to -- it would not be forbidden the way the proposed contracts are currently written. This would represent a powerful pricing weapon for registries, and a fundamental shift in possible domain name pricing, that could lead them to emulate .tv-style price schedules. It doesn't mean they will necessarily do it, but it's not forbidden. When a contract doesn't forbid something bad, it implicitly allows it... more

.XXX Puzzle Pieces Start to Come Together: And the Picture is Ugly

Americans who worried about governments somehow "running" the Internet through the United Nations failed to see the Trojan Horses that were rolled into ICANN's structure in 1998: the Governmental "Advisory" Committee and the special US Government powers over ICANN. The attempt by the US Commerce Department to "recall" the delegation of .xxx to ICM Registry due to pressure from deluded right-wing groups in the US who think that it will add to pornography on the Internet is a major inflection point in the history of ICANN, and could represent the beginning of the end of its private sector/civil society based model of governance. more

Not a Guessing Game

On Tuesday July 8, CERT/CC published advisory #800113 referring to a DNS cache poisoning vulnerability discovered by Dan Kaminsky that will be fully disclosed on August 7 at the Black Hat conference. While the long term fix for this attack and all attacks like it is Secure DNS, we know we can't get the root zone signed, or the .COM zone signed, or the registrar / registry system to carry zone keys, soon enough. So, as a temporary workaround, the affected vendors are recommending that Dan Bernstein's UDP port randomization technique be universally deployed. Reactions have been mixed, but overall, negative. As the coordinator of the combined vendor response, I've heard plenty of complaints, and I've watched as Dan Kaminsky has been called an idiot for how he managed the disclosure. Let me try to respond a little here, without verging into taking any of this personally... more

.XXX as Proposed is Wrong for Families & Kids

On August 23rd, the Internet Governance Project posted a letter Opposing Political Intervention in the Internet's Core Technical Administrative Functions. I disagree. ICANN and Governments should get involved when it comes to protecting children online. Every effort should be made to make it SIMPLE for average parents to let their children run free online without the risk of running across pornography and adult material while doing so. Why continue to let pornographers run free and unchecked on the most exciting tool created in the history of mankind just because they got there first? more

An Interview with the Lead Developer of SPF - Part I

CircleID recently interviewed Meng Weng Wong, the lead developer of Sender Policy Framework (SPF) and founder of Pobox.com. As one of the leading anti spam authentication schemes, SPF is used by companies such as AOL, Earthlink, SAP and supported by anti spam companies such as Sophos, Symantec, Brightmail, IronPort, Ciphertrust, MailArmory, MailFrontier, Roaring Penguin Software, and Communigate Pro. Last month, Microsoft announced its agreement to merge Caller ID, its own proposed anti spam authentication scheme, with SPF -- the joint standard is called 'Sender ID'. In this two-part interview, Meng Wong explains how SPF got started, where it is today and what could be expected in the future of email. more

Whois Privacy vs. Anonymity

The Internet is often a lawless place. Everyone knows that there are many tricks and traps lurking on the Internet, just waiting to prey on unsuspecting and innocent users. Some of these traps will trash your computer while others will turn your PC into a zombie that will broadcast messages at the virus writer's command. ...The list of annoyances and downright criminal activities seem endless. ...To make the Internet a safer place both legislators and law enforcement are now focusing on the Internet. In the crossfire that's taking place there are many ideas that are being offered up. Some of them are good and some are not. One bad decision that was recently forced upon the Internet community (without hearings -- more on this later) was to eliminate private domain name registrations for .US domain names. ...It's important to understand the difference between privacy and anonymity. more

Internet Governance: An Antispam Perspective

All those Internet Governance pundits who track ICANN the way paparazzi track Paris Hilton are barking up the wrong tree. They've mistaken the Department of Street Signs for the whole of the state. The real action involves words like rbldnsd, content filtering, and webs of trust. Welcome to the Internet! What's on the menu today? Spam, with some phish on the side! We've got email spam, Usenet spam, IRC spam, IM spam, Jabber spam, Web spam, blogs spam, and spam splogs. And next week we'll have some brand new VoIP spam for you. Now that we're a few years into the Cambrian explosion of messaging protocols, I'd like to present a few observations around a theme and offer some suggestions. more

Ask Vint Cerf: The Road Ahead for Top-Level Domains

As most readers are no doubt aware, when it comes to the topic of Top-Level Domains (TLDs), Internet Corporation for Assigned Names and Numbers (ICANN) takes center stage. Vint Cerf, Google's VP and Chief Internet Evangelist, who has served as chairman of the board of ICANN since the November of 1999 has accepted CircleID's invitation to directly respond to your questions on the topic. This is your opportunity to have your Top-Level Domain related questions responded by Vint Cerf. more

Is the Internet Dying?

There are indications that the Internet, at least the Internet as we know it today, is dying. I am always amazed, and appalled, when I fire up a packet monitor and watch the continuous flow of useless junk that arrives at my demarcation routers' interfaces. That background traffic has increased to the point where it makes noticeable lines on my MRTG graphs. And I have little reason for optimism that this increase will cease. Quite the contrary, I find more reason to be pessimistic and believe that this background noise will become a Niagara-like roar that drowns the usability of the Internet. And the net has very long memory... more

Examining Two Well-Known Attacks on VoIP

VoIP is here to stay. In fact many incumbent telecommunication carriers have started offering VoIP service for sometime and several new VoIP service providers have emerged. Aside from issues such as quality of service, the aspect of security, or lack thereof, is misunderstood by some of the VoIP service providers. This purpose of this article is to discuss two of the most well known attacks that can be carried out in current VoIP deployments. more