Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
In my roles as postmaster at CAUCE (the Coalition Against Unsolicited Commercial E-mail) and abuse.net, I get a lot of baffled and outraged mail from people who have discovered that someone is sending out spam, often pornographic spam, with their return address on the From: line. "How can they do that? How do I make them stop?'' The short answers are "easily'' and "it's nearly impossible.'' more
The following article is an excerpt from the recently released Internet Analysis Report 2004 - Protocols and Governance. Full details of the argument for protocol reform can be found at 'Internet Mark 2 Project' website, where a copy of the Executive Summary can be downloaded free of charge. ..."In releasing this section for comment, I would like to point out that the report's conclusions are based on a cumulative examination of various protocols and systems. We are at a point of time where other protocols and systems are equally problematic -- the report points to some significant problems with DNS structure and scalability, and also points out that, to all intents and purposes, the basic email protocol, SMTP, is broken and needs immediate replacement." more
Counterfeiting is big business. A 2021 study by the Organisation for Economic Cooperation and Development (OECD) estimated that the international trade in counterfeit and pirated products was worth up to $464 billion in 2019, or around 2.5% of all world trade. A significant proportion of this trade occurs via digital channels, where global annual expenditure on eCommerce is more than $4 trillion. more
In the last days, news and government web sites in Georgia suffered DDoS attacks. While these attacks seem to affect the Georgian Internet, it is still there... Up to the Estonian war, such attacks would be called "hacker enthusiast attacks" or "cyber terrorism" (of the weak sort). Nowadays any attack with a political nature seems to get the "information warfare" tag. When 300 Lithuanian web sites were defaced last month, "cyber war" was the buzzword. Running security for the Israeli government Internet operation and later the Israeli government CERT such attacks were routine... more
Starting from an old article (dated July 21st, 2005) published at Computer Business Review, (and following a more recent entry on GoDaddy's Bob Parson's blog) I would like to touch a bit more on the topic of 'traffic testing' or 'traffic tasting' of domains. This topic has been discussed at ICANN meetings since last year and is also referred to by the name of 'add/delete' or 'add/drop' storms... more
In its February 18, 2005 press release, WIPO has reported filing an average of 3.4 UDRP and UDRP-based cases per calendar day in 2004, bringing the total number of cases received in 2004 to 1,179 -- an increase of 79 cases (or 6.6%) as compared to 2003. Also mentioned in the report is a 37 percent increase in ccTLDs cases over the previous year. Listed below are a number of additional facts and figures reported... more
The CENTR Global TLD Report 2024 highlights a modest growth in registered domains across the EU, with a notable increase in Poland, France, and Italy, primarily through their national ccTLDs. more
By now, you should have read elsewhere that the ICANN board has rejected the ICM application to create a .XXX TLD. It still comes as a surprise to some. Frankly, this was the prognosis I made to Stuart Lawley two years ago, for the very reasons mentioned by the European Commission. I mentioned in a previous blog entry that 6000 complaints from US citizens would have more weight on the conservative US administration than any other consideration... more
Earlier in the Registerfly controversy, ICANN Vice President Paul Levins posted to the ICANN Blog: "ICANN is not a regulator. We rely mainly on contract law. We do not condone in any way whatsoever RegisterFly's business practice and behaviour." This is disingenuous. ICANN is the central link in a web of contracts that regulate the business of domain name allocation. ICANN has committed, as a public benefit corporation, to enforcing those contracts in the public interest. Domain name registrants, among others, rely on those contracts to establish a secure, stable environment for domain name registration and through that for online content location. more
Sender Policy Framework (SPF) stops novice spammers but not the professionals, says Spammer-X, a retired spammer who has gone into a lot of the details in his book, "Inside the Spam Cartel". The best way to beat SPF is to join it... First, Joe Spammer rents a dedicated spam host in a spammer-friendly location, like China. Next, he registers 100 domain names, and each domain is registered under a fake name and address. Next, DNS entries for each of the hosts are set up, including a valid pointer record (PTR), an MX record and reverse DNS entries for each domain... more
In a "policy implementation and experience report" presented at ARIN 31 in Barbados, ARIN's staff noted that they are seeing "circumstances" related to the leasing of IPv4 number blocks. At the recent INET in Denver, ARIN's Director John Curran alleged that there is a "correlation" between address leasing activity and organizations that have been unable to complete specified transfers through the ARIN process, which requires needs-based justification. more
If you want to find out the WHOIS server for a particular TLD then in many cases you can do it with a simple DNS lookup. Just query for an SRV record for the domain _nicname._tcp.tld, like this... Many other TLDs follow this convention including .au .at .dk .fr .de .hu .ie .li .lu .nl .no .re .si .se and .ch. more
In the absence of any formal announcements, news of Google being accredited by ICANN as a domain name registrar, spread fast in the media today after it was first reported by Bret Fausett on Lextext -- see Google is a Registrar. The company has since mentioned that "Google became a domain name registrar to learn more about the Internet's domain name system," and that it has no plans to sell any domain names at the moment. However, speculations on what Google could do as an accredited registrar are far and wide. Here are ten, listed in no particular order... more
Kim Zetter has a new story out describing a very serious attack. In fact, the implications are about as bad as possible. The attack has been dubbed ShadowHammer by Kaspersky Lab, which discovered it. Briefly, some crew of attackers -- I suspect an intelligence agency; more on that below -- has managed to abuse ASUS' update channel and private signing key to distribute bogus patches. more
Shakespeare has Marcellus say in Act 1 of Hamlet, "Something's rotten in the state of Denmark." ...Milton Mueller, in his recent post to this site, would have us believe that since ICANN's Board long ago agreed that ICM's application for dot-xxx registry satisfied its own criteria for a sponsored TLD, then the only explanation for all the delay is, "I'm beginning to think that ICANN's approach to TLD approval was cooked up by a demented sergeant from Abu Ghraib." Milton goes on to assert that ICM's claim on dot-xxx is protected by the 1st Amendment. If this is so, then why after more than six years of discussion, is dot-xxx still raising such a fuss? more
A World-Renowned Source for Internet Developments. Serving Since 2002.