Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Building IoT ventures from scratch by prototyping hardware devices and their backend systems as well as working for a large company that tries to sell IoT devices itself, we learned a lot about the pitfalls and problems concerning security in the IoT. Nearly every connected device out there proved to be vulnerable to attacks. Researchers showed that it's possible to remotely take control over autonomous vehicles, implanted medical devices were manipulated, voting machines compromised and of course all sorts of other "smart" devices... more
The Time Square Ball bringing in 2008 had more than 9,500 LED bulbs displaying 16 million colours while consuming power equivalent to about ten toasters. This compares to 600 incandescent and halogen bulbs adorning last year's Ball. Easy to forget that most mobile devices used by Time Square revelers were behind IPv4 NAT's and that always on applications such as Instant Messaging, Push e-mail, VoIP or location based services tend to be electricity guzzlers. It so happens that applications that we want always to be reachable have to keep sending periodic keepalive messages to keep the NAT state active... more
I recently attended RIPE 66 where Tore Anderson presented his suggested policy change 2013-03, "No Need -- Post-Depletion Reality Adjustment and Cleanup." In his presentation, Tore suggested that this policy proposal was primarily aimed at removing the requirement to complete the form(s) used to document need. There was a significant amount of discussion around bureaucracy, convenience, and "liking" (or not) the process of demonstrating need. Laziness has never been a compelling argument for me and this is no exception. more
The Internet Corporation for Assigned Names and Numbers (ICANN) has released an "Advisory" concerning VeriSign's deployment of DNS wildcard (Site Finder) service: "Since the deployment, ICANN has been monitoring community reaction, including analysis of the technical effects of the wildcard, and is carefully reviewing the terms of the .com and .net Registry Agreements. In response to widespread expressions of concern from the Internet community about the effects of the introduction of the wildcard..." more
There are some real problems in DNS, related to the general absence of Source Address Validation (SAV) on many networks connected to the Internet. The core of the Internet is aware of destinations but blind to sources. If an attacker on ISP A wants to forge the source IP address of someone at University B when transmitting a packet toward Company C, that packet is likely be delivered complete and intact, including its forged IP source address. Many otherwise sensible people spend a lot of time and airline miles trying to improve this situation... The problems created for the Domain Name System (DNS) by the general lack of SAV are simply hellish. more
As we finished this article, the world was hit by another global outage by content delivery network (CDN) provider, Akamai, on June 17, 2021. The cause seems to be related to the lack of capacity to a certain "routing table" of their distributed denial of service (DDoS) mitigation. Although the technical analysis is not yet available, the central premise of this article also applies to this incident, and it serves as a timely testimony. more
The number "5" license plate sold for $6.8 million dollars in Saudi Arabia and another 300 vanity plates sold for another $56 million at last week's auction. It is estimated that the number "1" will be auctioned next month for up to $20 million dollars. Domain names and license plates share some common characteristics. Both allow only one person to own a particular word or number. Of course, the exact same license plate 'word' or 'number' can be registered in every country and, in the USA, every state... more
Two weeks ago, the US government announced it would transition its role in the IANA functions to the global Internet community. It tasked ICANN with the job of arriving at a transition plan and noted that the current contract runs out in 18 months' time, 30 September 2015. This week, ICANN started that process at its meeting in Singapore. And on the ground were the two key US government officials behind the decision. more
Many online businesses use affiliates to drum up business. The affiliate finds a lead somewhere, passes it to the business, and gets a commission if the lead turns into a sale. Web based affiliates are relatively uncontroversial, but affiliates who advertise by e-mail are a chronic problem due to their propensity to send spam, both spam as normally defined and as defined by CAN SPAM. Is it possible to do legitimate e-mail affiliate marketing? Maybe... more
In the prior issue of CircleID, I described registrations by John Zuccarini. Many of Zuccarini's registrations are typographic variations on well-known domain names, and Zuccarini typically redirects users to sexually-explicit content and pop-up advertisements. Despite scores of UDRP claims and ACPA suits, plus a major case brought by the Federal Trade Commission, Zuccarini's registrations remain in effect -- more than 5,000 strong, in my research. more
Adobe, Facebook, Microsoft and eBay are among a group of leading companies demanding ICANN to take a closer look at an "immediate and urgent matter" involving a subset of questionable domain name registrars. more
I'm writing this in response to the myriad discussions about how to make sure that the Internet continues to "work" despite P2P or whatever the current threat seems to be. Behind much of the discussion is the presumption that the Internet has a purpose in the sense of making some applications like video games and VoIP work. Yesterday we feared modems, today we fear P2P. more
An Analogy: Europe is to the US controlled GPS as Europe is to the US controlled DNS root? That's not a very good title is it? But it does express the point I want to make. This week the European Union launched the first satellite of its own global positioning system, Galileo. One has to wonder why the Europeans feel they need to do this. Isn't the GPS system run by the United States a perfectly good system? more
The beginning of a new decade is always an invitation to have a broader look into the future. What, in the next ten years, will happen in the Internet Governance Ecosystem? Will the 2020s see the usual swinging pendulum between more liberal and more restrictive Internet policies in an interconnected world? Or will we move towards a watershed? more
As new Top-Level Domains (TLDs) are launched, the industry mustn't overlook the customer experience. A key question is this: Will the software applications we all use, recognize the new TLDs and know what to do with them in a timely fashion? Think email and even form-fill applications. I speak from experience here. In 2006 when we launched the .MOBI TLD, there were arguably only a handful of .MOBI email addresses in existence. To my dismay, I found that often emails sent only from my .MOBI account were not being received at the other end... more
A World-Renowned Source for Internet Developments. Serving Since 2002.