Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Unsuspecting website visitors are often unaware when they have landed on a spoofed page or are re-directed to malware-hosting web servers designed to steal their sensitive data and information. This attack is known as subdomain hijacking, or subdomain takeover. A web user's private information is then traded on the dark web, and cybercriminals profit, further fueling the expansion of identity theft in the online world. more
Yesterday Goodmail sent out mail to all their customers announcing they are ceasing operations and taking all their token generators offline as of 5pm pacific on February 8th. While this is a bit of a surprise on one level, I'm not that shocked. Ken Magill mentioned in August that Goodmail was on the sales block and rumors have been circulating for weeks about significant changes coming to Goodmail. ... Despite the free service, people at some of those ESPs told me they were having difficulty getting customers to adopt Goodmail. more
There have been lots of press stories in the last day reporting on what the Internet shutdown in Myanmar looked like for people there, and that's the important story. This is what it looked like to the rest of the world, from an Internet infrastructure standpoint. The connection between Myanmar and the rest of the world appears to be turned back on, at least temporarily. The 45 megabit per second circuit connecting Myanmar to Kuala Lumpur that is Myanmar's primary connection to the Internet came back up at 14:27 UTC today. It had mostly been "hard down," indicating either that it had been unplugged or that the router it was connected to was turned off, with the exception of a few brief periods since September 28. Myanmar's country code top level domain, .MM, disappeared... more
When ICANN implemented the Uniform Domain Name Dispute Resolution Policy (UDRP) in 1999, it explained its purpose as combating "abusive registrations" of domain names which it defined as registrations "made with bad-faith intent to profit commercially from others' trademarks... Bad actors employ a palette of stratagems, such as combining marks with generic qualifiers, truncating or varying marks or by removing, reversing, and rearranging letters within the second level domain (typosquatting). more
Big Tech firms should back Africa's AI future by investing in its vast energy resources and infrastructure needs. Doing so offers a strategic answer to growing data demands and an opportunity for shared prosperity. more
Most of us would be put off if a court issued a press release cheering the number of prisoners its judges had put behind bars or the number of tenants it had helped landlords to evict. That seems antithetical to the neutral adjudication of disputes, and ethical rules regularly decry such "appearance of bias." Yet WIPO seems to think it perfectly natural to crow about its arbitrators' favoritism for complainants against "cybersquatters" in UDRP proceedings. It issued a release that reads like a solicitation for trademark claimants' business, not a promotion of neutral arbitration services... more
According to RFC1034, "cnn.com" and "cnn.com." should be the same domain names. However, it doesn't appear that programmers always understand that trailing dots can be added to domain names. Web servers also can't seem to agree what to do with a period at the end of a host name. IIS, thttp, and Akamai's Web server all get confused while Apache doesn't seem to care. How much other software behaves incorrectly because of a trailing period on a domain name? Can spam-filtering software be bypassed with dotted email addresses? Here is a situation when bad things can happen -- "WebShield SMTP infinite loop DoS Attack"... more
This month I thought I could feel smug, deploying Postfix, with greylisting (Postgrey), and the Spamhaus block list (SBL-XBL) has reduced the volume of unsolicited bulk commercial email one of our servers was delivering to our clients by 98.99%. Alas greylisting is a flawed remedy, it merely requires the spambots to act more like email servers and it will fail, and eventually they will... more
ipoque, a European deep packet inspection hardware provider has published an Internet study for 2008/2009 providing an overview of the Internet's current state based on analyzing 1.3 petabytes of Internet traffic -- "the amount of data equal to 300,000 DVDs" -- in eight regions of the world (Northern Africa, Southern Africa, South America, Middle East, Eastern Europe, Southern Europe, Southwestern Europe, Germany). The study includes the use of about 100 of the most popular Internet protocols including P2P, VoIP, media streaming, instant messaging. more
Hi! My name is spamfighter. I investigate spam and phish in a post-GDPR dystopia. Recently, I invented Fire, to save you millions of €uros. One day, my Boss suggested I automate some of my processes. I, for one, welcome our Robot Overlords (and a happy boss), but I can be exacting about the tools I use. Perhaps not to the degree of the infamous Van Halen 'no brown M&M's' contractual clause but I have no patience for poorly-designed software, and truly dislike typing when... more
One of the most profoundly disruptive developments occurring in the cyber security arena today is the headlong rush by a set of parties to ubiquitously implement extreme End-to-End (e2e) encryption for communication networks using essentially unbreakable encryption technology. A notable example is a new version of Transport Layer Security (TLS) known as version 1.3. The activity ensues largely in a single venue... more
Yesterday, the IESG, the group that approves RFCs for publication received an appeal from Julian Mehnle to not to publish the Sender-ID spec as an experimental RFC due to technical defects. IESG members' responses were sympathetic to his concerns, so I'd say that a Sender-ID RFC has hit a roadblock. The problem is simple: Although Sender-ID defines a new record type, called SPF 2.0, it also says that in the absence of a 2.0 record, it uses the older SPF1 record. Since SPF and Sender-ID can use the same records, if you publish an SPF record, you can't tell whether people are using it for SPF or Sender-ID. Ned Freed commented... more
The recent row between Google, Apple and AT&T concerning the removal of Google Voice from the Apple iPhone store highlights the friction existing between network operators and so-called over the top (OTT) application providers. Most observers believe that AT&T initiated the blockade because Google Voice (which offers free or highly discounted calling rates) is a direct threat to AT&Ts call revenue (Google Voice users need only pay AT&T for access to the Internet). more
I've been following SpaceX, OneWeb and Boeing satellite Internet projects, but have not mentioned Telesat's project. Telesat is a Canadian company that has provided satellite communication service since 1972. (They claim their "predecessors" worked on Telstar, which relayed the first intercontinental transmission, in 1962). Earlier this month, the FCC approved Telesat's petition to provide Internet service in the US using a proposed constellation of 117 low-Earth orbit (LEO) satellites. more
Record-breaking domain sales, acquisitions, and growing industry credibility all highlight a critical year for the domain name industry. The domain name industry had a heck of a year. It's impossible to rank the top news stories of 2006, but I'm going to make an attempt... Let's talk about it before the end of the year; then let's look forward to a fantastic 2007. more
A World-Renowned Source for Internet Developments. Serving Since 2002.