Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Is desktop anti-virus dead? Someday I'd love to make that announcement, but it still feels to me that there's a Patron Saint of Voodoo with an affinity for bringing it back to life -- like some macabre mirror image of the malicious zombies it's supposed to provide protection against. It's kind of ironic that today's innovation in desktop anti-virus isn't really happening at the desktop; rather it's occurring in the cloud. more
Well... Maybe not the world, but the Internet it seems. According to a Pastebin letter, Anonymous announced they will black-out Internet on 31st of March. They even explained how to do it by attacking the DNS Root Servers on Internet using a reflected amplification attack. If this is successful, the root DNS servers will become unresponsive and cannot handle any other requests... more
I was looking at the End User License Agreement to which Skype wants people to assent. I noticed the following odd provision (Section 3.2.4): You hereby grant to Skype a non-exclusive, worldwide, perpetual, irrevocable, royalty-free, sublicensable and transferable licence to Use the Content in any media in connection with the Skype Software, the Products and the Skype Website. more
Nearly 92 percent of malware use DNS to gain command and control, exfiltrate data or redirect traffic, according to Cisco's 2016 Annual Security Report. It warns that DNS is often a security "blind spot" as security teams and DNS experts typically work in different IT groups within a company and don't interact frequently. more
The European Union's cloud computing strategy couldn't come at a better time as the region lags behind the rest of the world when it comes to cloud computing usage. The EU announced its cloud computing strategy last month and is optimistic it will create new jobs and help boost a struggling economy. An information campaign is necessary if the EU is to overturn the misunderstanding and general lack of knowledge about the cloud. more
In a recent decision, a World Intellectual Property Organization (WIPO) domain name arbitration panel dismissed a complaint filed by the Mexican Tourist Board (MTB) against Latin America Telecom (LAT) concerning the domain name "mexico.com." The panel went so far as to find that the complaint was brought in "bad faith" and made a finding of attempted "Reverse Domain Name Hijacking" against the MTB. ...In its complaint, the MTB argued that LAT had registered the domain name in "bad faith" in order to sell it for a profit at a later date. more
Source from Google have recently confirmed total number of YouTube video streams are above 1.2 billion per day worldwide according to Michael Arrington at TechCrunch. Previously reported numbers by comScore and other third party services appear to have been fairly under-estimated. more
This text was originally meant to be read by the Swedish authorities and municipalities, but the problem is most probably similar all over the world. Along with others, I have repeatedly written and spoken about the need for municipalities and agencies to start with the roll-out of IPv6. Most of what I have written has been focused on IT managers. It might seem natural that it is the IT manager's decision to get the IPv6-project started. But what if perhaps it isn't...? more
The growth of broadband customers has looked spectacular over the past year during the pandemic. It's easy to chalk up higher broadband customers nationwide to the need for households to be connected during the pandemic. But as I look back on what's happened during the last year, I can't help but wonder if the broadband stats we are seeing are somehow overinflated. more
A story... ZZZ Telemarketing (not a real name) is locked in a heated fight with their bitter rival, YYY Telemarketing (also not a real name), to win a very large lead generation contract with Customer X. Customer X has decided to run a test pitting the two companies against each other for a week to see who can generate the most leads. The ZZZ CEO has said to his staff that it is "do or die" for the company. If they fail to win the contract, they will have to shut down -- they need to do "whatever it takes" to win over YYY. A ZZZ staffer discovers that part of why YYY has consistently underbid them is because they are using SIP trunks to reduce their PSTN connection costs. But the staffer also discovers that YYY is using very cheap voice service providers who run over the public Internet with no security... more
How prevalent is cybersquatting and typosquatting? Take a look at www.wipo.com, and then compare it with the World Intellectual Property Organization's web site www.wipo.org. Ironically, the WIPO Arbitration and Mediation Center handles a majority of the UDRP domain dispute arbitrations internationally. The very organization which is invested with the authority by ICANN to resolve cybersquatting and typosquatting disputes internationally under the UDRP is, by all appearances, being squatted. Here are two apparent typosquatters... more
On November 4, 2003, VeriSign announced a new "trust enhancing" seal which they built using Macromedia's Flash technology...While there are problems inherent to VeriSign's approach that call into question their understanding of "The Value of Trust," there are ways they could have made this particular implementation less trivially spoofable. The flaws I demonstrate on this page are flaws in the concept and the execution rather than anything inherently flawed in Flash. Overall this kind of graphical "trustmark" is extremely easy to forge just by recreating the artwork. But in this case, you don't even have to do that. The seal can still be called directly off the VeriSign servers, yet it is easily modified, without recreating artwork, and without doing anything untoward with VeriSign's servers! more
I have been an active participant in the ICANN "grand experiment" from the beginning. An experiment in which a private sector led organization was entrusted by the Internet community and governments to be a trustee of a global public resource. However, at no time during my twelve years of participation in ICANN have I been more concerned about the long term viability of this organization than I do now heading into the Singapore meeting. Failure of the ICANN Board to do the right thing in Singapore will have a profound impact on the future of the private sector led model. more
Internet security has been a primary focus this week for more than 1100 engineers and technologists from around the world gathered at the 88th meeting of the Internet Engineering Task Force (IETF). Participants are rethinking approaches to security across a wide range of technical areas. more
ICANN hosted a Resolver Operator Forum in mid-December, and the session had several interesting presentations that I would like to comment on here... The first presentation in this forum was from Paul Mockapetris. He pointed to the original academic published paper, Development of the Domain Name System, by Paul Mockapetris and Kevin Dunlap, published in the proceedings of ACM SIGCOMM’88. The paper noted that by 1983 it was obvious that the shared HOSTS.TXT file was not a scalable solution... more
A World-Renowned Source for Internet Developments. Serving Since 2002.