The historical development of spam fighting is allowing computer-aware criminals to take the upper hand in the fight against what has now evolved into a completely technologically and organizationally merged threat to public safety. If we do not change our strategic approach immediately, the battle, indeed even the war may be all but lost... Of late, much has been said in the popular and computer press about a vector that is annoying, but hardly critical in nature: 'Image spam'. Spammers have jumped on the new technology of 'image-only' payloads, which morph one pixel per message, rendering them unique, and traditional check-sum blocking strategies ineffective... Fortunately this fraudulent stock-touting scheme leaves a paper trail that has allowed for some successful prosecutions in the latter half of the year. Stock spamming, while popular at present time is likely to decline as legal actions increase... more
Most new domain names are malicious. I am stunned by the simplicity and truth of that observation. Every day lots of new names are added to the global DNS, and most of them belong to scammers, spammers, e-criminals, and speculators. The DNS industry has a lot of highly capable and competitive registrars and registries who have made it possible to reserve or create a new name in just seconds, and to create millions of them per day. Domains are cheap, domains are plentiful, and as a result most of them are dreck or worse. more
In fact WiFi (technically standard 802.11) and WiMAX (802.16) don't compete for broadband users or applications today. That's partly because WiFi is widely deployed and WiMAX is still largely an unfulfilled promise and partly because the two protocols were designed for very different situations. However, if WiMAX is eventually widely deployed, there will be competition between them as last mile technologies. Some people describe the difference between WiFi and WiMAX as analogous to the difference between a cordless phone and a mobile phone... more
Larry Seltzer wrote an interesting article for eWeek, on port 25 blocking, the reasons why it was being advocated, and how it would stop spam. This quoted an excellent paper by Joe St.Sauver, that raised several technically valid and true corollaries that have to be kept in mind when blocking port 25 -- "cough syrup for lung cancer" would be a key phrase... Now, George Ou has just posted an article on ZDNET that disagrees with Larry's article, makes several points that are commonly cited when criticizing port 25 blocking, but then puts forward the astonishing, and completely wrong, suggestion, that worldwide SPF records are going to be a cure all for this problem. Here is my reply to him... more
At the 44th Session of the Human Rights Council, we heard how 1 billion children in 2019 who were subjected to various forms of violence and the need for more action to protect children according to the Special Rapporteur. The United Nations Committee on the Rights of the Child released Guidelines on the implementation of the international treaty that bans child pornography, proposing to expand its interpretation to include bans on drawings and stories that sexually depict minors. more
Sex.com announced today a final settlement with VeriSign (formerly Network Solutions, Inc.), concluding a six-year legal fight that set several important precedents for the future of the Internet. After the Ninth Circuit Court of Appeals granted Sex.Com a sweeping victory that held VeriSign/Network Solutions, Inc. (collectively "VeriSign") strictly responsible for mishandling the famous domain name, Sex.Com and VeriSign have settled Sex.Com's lawsuit against VeriSign. more
Following a post on the DomainState forum today, a number news and blogs have criticized Network Solutions for front running domain names that customers try to register. (See for instance today's report on DomainNameNews). Jonathon Nevett, Vice President of Policy at Network Solutions, has offered the following in response to the news break... more
Ever been prosecuted for tracking spam? Running a traceroute? Doing a zone transfer? Asking a public internet server for public information that it is configured to provide upon demand? No? Well, David Ritz has. And amazingly, he lost the case. Here are just a few of the gems that the court has the audacity to call "conclusions of law." Read them while you go donate to David's legal defense fund... more
Dynamic Host Configuration Protocol (DHCP) is a protocol intended to enable machines (servers, game consols, etc) wishing to be "online" the ability to request Internet Protocol information from a DHCP server automatically. ... In this article we will begin to outline some of the fundamental differences between DHCPv4 and DHCPv6, explore historical uses of DHCPv4 and how those concepts will adapt/change in IPv6. more
Recently, the news that China is adopting IPv9 is making rounds on the Internet. While some of them write off as an April Fool's joke (in July?) like RFC 1606, other wonders if there are more than meets its eyes. But most of them wonders what is this IPv9 and how does it actually works. And some of the English translated article are so badly done that it is impossible to get any useful technical information except that 'It is developed and supported by Chinese government!' more
Is it time for a split between allocation and services for Internet number resources as was the case for domain name resources? Back in 1996, Network Solutions had essentially four different government granted monopolies... In 1997, Network Solutions "spun" off the 3rd and 4th monopoly into a non-stock corporation known as American Registry for Internet Numbers (ARIN) which has continued the monopoly for its region after spinning off several other Regional Internet Registers (RIR) which are in themselves monopolies. more
The .cm (Cameroon) ccTLD operators have discovered that since their TLD is simply one omitted letter away from .com, that there is a gold mine in the typo traffic that comes their way. Accordingly, Cameroon has now wild-carded its ccTLD and is monetizing the traffic. The upshot is that, if the Neiman Marcus / Dotster lawsuit over 27 domain names was properly characterized as "massive", then the Cameroonians are now going well beyond massive... more
I'm not sure what the Chinese government is thinking, or whether certain parts of certain ministries and party apparatus have gotten completely out of control. Until recently, it had seemed to me that the Chinese government was managing its censorship system with surprising success... But this month, something shifted. It's unclear whether the shift is long-lasting or just temporary madness until the PRC's 60th anniversary on October 1st. more
At ThousandEyes, we've always been curious about the performance of various public DNS resolvers -- especially since Google threw their hat in the ring back in 2009. We satisfied our curiosity this week, so we thought we'd share the results. Here's how we did it. more
It's no secret that I don't very much like this whole private cloud or internal cloud concept... on the basis that while advanced virtualisation technologies are valuable to businesses they are a severe short sell of what cloud computing is ultimately capable of. The electricity grid took over from the on-site generators very quickly and I expect cloud computing to do the same with respect to private servers, racks and datacenters... more