DNS |
Sponsored by |
|
As the steward of .ORG, Public Interest Registry is committed to serving as an "exemplary registry" for the DNS. As part of that mission, PIR published our Anti-Abuse Principles last year that serve as our north star to address questions of abuse. As PIR has stated on many occasions, generally speaking, the DNS is not the appropriate place to address questions of website content abuse because of the blunt tool we as a registry have and the collateral damage that can be caused by suspending a domain name for a piece of content. more
With Bill Clinton's appearance at ICANN San Francisco now confirmed to be more than mere rumor, the March meeting will be a very big event indeed. On its home turf, and under the glare of possibly unprecedented global attention, ICANN may feel some pressure to make sure it has some noteworthy news to announce at the end of the week, after its Board of Directors meets. more
On 19 February 2020, ICANN announced that ICANN67 would be held via remote participation out of an abundance of caution associated with the COVID-19 outbreak. Little did we know at the time that twelve months later, ICANN meetings would still be held via remote participation. For a community that has been accustomed to meeting face-to-face at least three times a year since ICANN1 in Singapore in March 1999, this has created a tremendous challenge for how we conduct our business. more
People are growing increasingly alarmed by recent examples of bad actors abusing proxy services offered by registrars. While proxy services are designed to protect the privacy of legitimate domain name users - they do the opposite when abused by cybercriminals. Responsible Proxy providers play a key role in mitigating abuse. When they don't act responsibly - it's clear they contribute to the problem. more
How much phishing is there? Where is it occurring, and why? How can it be reduced? I and my colleagues at Interisle Consulting have just published a new study called Phishing Landscape 2020, designed to answer those questions. We assembled a deep set of data from four different, respected threat intelligence providers and enriched it with additional DNS data and investigation. The result is a look at phishing attacks that occurred in May through July 2020. more
It's been 15 long years since the standard for DNSSEC was developed and sadly adoption has been painfully low until recently, thanks to Dan Kaminsky, the infamous Internet Researcher who indentified that gaping hole in the DNS. The discovery of the fundamental flaw in DNS sparked industry wide attention! Every day, we move a little closer to widespread DNSSEC adoption, so I thought I'd take a moment and highlight some of the most notable milestones... more
Over the next month, the ICANN Board will consider its options for ensuring that some framework is in place to ensure ICANN's accountability to the global Internet community after the approaching expiration of its Memorandum of Understanding and Joint Project Agreement (MOU/JPA) with the U.S. Department of Commerce. We analyze these options in our new paper... more
As we arrived in Hollywood -- the land of happy endings -- ICANN had just given us cause to hope that the ICANN accountability process might get its own Hollywood ending, despite a fitful start. As one who's been critical of ICANN management's heavy-handed attempts to control the accountability process, it's only appropriate to give credit where credit is due. In accepting the community's strenuous -- and nearly unanimous -- calls for a cross-community working group to lead the process of improving ICANN's accountability mechanisms, ICANN management says it's now prepared to follow the community's lead, rather than dictating and constraining it. more
Recently, the DNS has come under an extensive attack. The so-called "DNSpionage" campaigns have brought to light the myriad methods used to infiltrate networks. These attacks employed phishing, system hopping via key exfiltration, and software zero day exploits, illustrating that many secure networks may not be fully protected. more
If a scholar was to look back upon the history of the Internet in 50 years' time, they'd likely be able to construct an evolutionary timeline based upon threats and countermeasures relatively easily. Having transitioned through the ages of malware, phishing, and APT's, and the countermeasures of firewalls, anti-spam, and intrusion detection, I'm guessing those future historians would refer to the current evolutionary period as that of "mega breaches" (from a threat perspective) and "data feeds". more
DNSSEC is increasingly adopted by organizations to protect DNS data and prevent DNS attacks like DNS spoofing and DNS cache poisoning. At the same time, more DNS deployments are using proprietary DNS features like geo-routing or load balancing, which require special configuration to support using DNSSEC. When these requirements intersect with multiple DNS providers, the system breaks down. more
Recently, an article I wrote for Bitcoin Magazine talked about how we can use DNS underscore scoping to better abstract Lightning addresses and even create a de facto specification that could work on any resource (like a wallet or a smart contract) across all blockchains. more
The Dutch Internet registry SIDN has launched a unique program in partnership with CleanBits to identify what proportion of .nl domain names were hosted on a green or CO2-neutral basis. The results show a strong trend towards the 'greening' of the .nl internet zone. Nearly 30 per cent of .nl names were found to have green hosts. more
Today, the global Internet community reached an important milestone. The US Department of Commerce National Telecommunications & Information Administration (NTIA) announced that the community-developed proposal to transition the stewardship of the Internet Assigned Numbers Authority (IANA) functions meets the criteria it set out in March 2014. more
For those of you interested in IPv6 and/or DNSSEC, we'll have a live webcast out of the Internet Society's ION Singapore conference happening tomorrow, March 28, 2013, starting at 2:00pm Singapore time. more
A World-Renowned Source for Internet Developments. Serving Since 2002.