DNS |
Sponsored by |
|
FireEye announced a new piece of malware yesterday named MULTIGRAIN. This nasty piece of code steals data from Point of Sale (PoS) and transmits the stolen credit card numbers by embedding them into recursive DNS queries. While this was definitely a great catch by the FireEye team, the thing that bothers me here is how DNS is being used in these supposedly restrictive environments. more
I've written recently about a general purpose method called DNS Response Policy Zones (DNS RPZ) for publishing and consuming DNS reputation data to enable a market between security companies who can do the research necessary to find out where the Internet's bad stuff is and network operators who don't want their users to be victims of that bad stuff... During an extensive walking tour of the US Capitol last week to discuss a technical whitepaper with members of both parties and both houses of the legislature, I was asked several times why the DNS RPZ technology would not work for implementing something like PROTECT-IP. more
You'd be surprised how many people are asking that question at the moment, but you won't be surprised to know that the only thing they agree on is that they either don't know, or that they disagree with the people that believe they do. I am not going to attempt to provide my own answer, but I will point to a paper just released by the Parliamentary Office of Science and Technology (POST). POST, among other things, produces regular, concise briefings for the UK Parliament on whatever are the important topics of the time. And they have now done one on Internet Governance. more
My book, "The Current State of Domain Name Regulation: Domain Names as Second Class Citizens in a Mark-dominated World" is now available by Routledge. The following is an overview of the book. more
The American Bar Association/International Chamber of Commerce (ABA/ICC) recently released a survey on global Internet jurisdiction. The survey, co-chaired by Professor Michael Geist, involved nearly 300 companies in 45 different countries. It found that U.S. companies were far more concerned and pessimistic about Internet jurisdiction risk than European and Asian companies. The study has also found that an "Internet jurisdiction risk toolkit" is emerging where companies target low risk jurisdictions and take steps to avoid doing business in perceived high risk jurisdictions. more
You all remember Sitefinder don't you? According to The Register, CentralNic , owner of a number of popular domains including uk.com and us.com, has added wildcard A records to .uk.com. Cue the usual round of sniping about Internet stability (with which, as you will see, I agree). The question is, given the difference in scale (.com and .net are huge; .uk.com is quite small) will anyone notice? And does it matter? Certainly CentralNic seems to think the small scale of their domains excuses or at least mitigates the Internet stability side effects of their ploy. more
But even if the collateral damage is left out of the picture, the very idea behind SiteFinder is user-unfriendly, and that's the second half of the ALAC's note: SiteFinder is, ultimately, about short-cutting other error handling methods, and redirecting any users that enter non-existing domain names into a web browser to Verisign's own service, for commercial purposes. SiteFinder is designed so it becomes difficult to deploy superior error handling services that would compete with it -- because errors aren't flagged. more
After almost four years, ICANN has announced that they have adopted a new domain name transfer policy that make it much easier for domain name registrants to do business with the ICANN accredited Registrar of their choosing. Highlights from this new policy include; streamlined definition of responsibilities as it relates to the management of the domain name. Under the new policy, only the Administrative Contact or Registrant can authorize a domain name transfer to a new service provider... more
In a 33-page motion filed on Monday, April 5, 2004, ICANN has asked a federal judge in Los Angeles to dismiss VeriSign's recent lawsuit filed against the non-profit organization. More specifically, the filed motion has asked the court to "dismiss VeriSign's first six claims for relief with prejudice," which are... more
In the late summer of 2006, the ICANN Nominating Committee will convene to select three members to the ICANN Board of Directors, and four members to various councils. Depending on the global visibility of the nominees, and the current political and technical currents pulling at the Internet community, these nominations will be both pilloried and lauded in different circles. This process of selecting a good ICANN board member is astonishingly complex; I should know, having served on the founding NomCom in 2003, and the succeeding NomComs in 2004 and 2005. By far the biggest challenge is finding good candidates... more
The World Intellectual Property Organization (WIPO) -- the same organization whose head recently equated intellectual property infringement with terrorism -- has been pressing ICANN to add domain name monopolies on the names of countries, and the names and acronyms of inter-governmental organizations, into the Uniform Domain Name Dispute-Resolution Policy (UDRP). Despite the fact that no-one but WIPO seems to want these new exclusions, a working group has nonetheless been convened to study their recommendations. more
There have been a number of attacks on the root name servers over the years, and much written on the topic. (A few references are here, here and here.) Even if you don't know exactly what these servers do, you can't help but figure they're important when the US government says it is prepared to launch a military counterattack in response to cyber-attacks on them. more
The Twitterverse is awash with catchy URL shortening services, which allow what would otherwise be long URLs to fit within the strict character limit of individual Tweets. Before the Twitter phenomenon really took hold, tinyurl.com was one of the more popular services; now much shorter options are available, using various Country Code Top-Level Domains (ccTLDs) which have the significant advantage of being only two characters after the last dot. more
We are on the brink of the most serious threat to the open and public Internet for decades. ICANN, under pressure from domain name registrars and EU data protection authorities, has proposed an "interim" plan that will hide critical information in WHOIS. Security, threat intelligence, and anti-abuse professionals rely on WHOIS to track down bad guys and keep the Internet as safe and secure as possible. more
Patent practitioners are familiar with the long-honored practice of engaging in standards-setting activities with the aim of having the standard ultimately require the use of one's proprietary technology. This practice is no longer limited to patents, but has become the game the whole family can play. While most standards-setting organizations have caught on, and have implemented IP disclosure policies, ICANN has not done so... As some are aware, the question of making single-character domain names available has been a perennial topic of discussion within ICANN, championed by a few who have quietly been engaged in some interesting advocacy within the USPTO along a parallel track. more
A World-Renowned Source for Internet Developments. Serving Since 2002.