Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
In the first article of this two-part blog series, we looked at how frequently domains were used by bad actors for phishing activity across individual top-level domains (TLDs) or domain extensions, using data from CSC's Fraud Protection services, powered by our DomainSecSM platform. In this second article, we analyze multiple datasets to determine the highest-threat TLDs, based on the frequency with which the domains are used egregiously for a range of cybercrimes. more
Most people who have wireless Ethernet at home, or the office, connect to the wireless network by attaching to a wireless Access Point, or AP. This method of wireless networking is called "Infrastructure Mode". If you have a secure wireless network configured in "Infrastructure Mode" you are using MAC address filtering, some level of encryption, and have made some additional changes to your AP in order to prevent just anyone from using it or capturing data. ...However, for those who are not using "Infrastructure Mode", and are configured to communicate from machine to machine, or "Ad-Hoc", there are a few things you should be aware of. more
Much of the discussion about proposed TLDs centres around domain names as a form of classification: ".mobi" for mobile device content, ".kids" for child-safe content, language codes for language-specific content, ".museum" for museum-related entities, and so on. Notoriously little activity has been forthcoming in actually implementing these proposals, and the select few that have been allowed out into the world are, shall we say, a tad arbitrary. I'd like to engage in a little thought experiment where we abandon the "few TLDs with carefully chosen meanings" paradigm, and instead consider the benefits of a cornucopia of completely meaningless TLDs. more
The UDRP is obviously not working. Two websites, fundamentally the same (criticism at trademark.tld), two opposite decisions, both within weeks of each other! A Complainant (Biocryst Pharmaceuticals Inc) initiated a complaint to WIPO about one of my criticism websites (biocrystpharmaceuticals.com). The Panel found in my favour. Another Complainant (Eastman Chemical Inc) meanwhile made a complaint to NAF regarding another of my criticism websites (eastman-chemical.com). The Panel found against me. The two websites are fundamentally the same, both websites in criticism of the practices of the individual companies concerned... more
Without commenting on the particulars as they relate to Goodmail -- especially since I am on the advisory board for Habeas, a competitor -- let me note that public discussion is largely missing the nature of the current Internet mail realities and the nature of the ways we can deal with them. There are two articles in the current issue of the Internet Protocol Journal, of which I wrote one, that provide some useful background about this reality. Simply put, Internet mail needs to sustain spontaneous communications... more
Rep's Graves and Sinema recently introduced H.R. 4036, the catchily named Active Cyber Defense Certainty Act or ACDC act which creates some exceptions to criminal parts of computer crime laws. Lots of reports have decried "hack back" but if you read the bill, it's surprisingly well targeted. The first change is to what they call Attributional Technology, and says it's OK to put bait on your computer for an intruder intended to identify the intruder. more
When domain names expire they leave skeletons - networks of inbound links that continue to funnel traffic to that name, even if ownership has changed. Via eWeek, we learn that Microsoft owned HARDWARE-UPDATE.COM and used the name for a site featuring Windows drivers. The domain name is embedded in various error messages in Windows 2000. However, Microsoft did not renew the domain name and Ultimate Search, a company that specializes in this sort of thing, scooped it up. Now the page provides sponsored links, courtesy of Overture. The article reports that the top sponsored link pays over $3 a click-through. more
The UN's WSIS Prepcomm in Geneva has ended on a divided note. The US Government's Ambassador Gross pre-announced war-cry "The United Nations will not be in charge of the Internet. Period." had been met by a nearly unanimous global response from nations for some sort of government control of the Internet on a multilateral basis. A raft of proposals to alter the current situation are on the table -- most of them fairly benign, but none supportive of the indefinite continuance of unilateral US control of the root zone authorisation. more
From 5 April to 14 May 2004 trade mark owners can apply in the .pro domain for defensive registrations corresponding to their marks. The .pro domain is only available to doctors, lawyers and CPAs during this period, known as a "sunrise period". ...During the period when the creation of ten new generic domains is being discussed, it seems timely to wonder whether the multiplicity of generic extensions is not killing the specificity inherent of each of them. In addition, having a "sunrise period" for this new domain might be perceived by trade mark owners as an invitation to spend money rather than as a measure aimed at protecting their intellectual property rights. more
Last month, John Klensin wrote an article published here on CircleID regarding Internationalized Domain Names (IDN) Top Level Domains (TLD). Based on his Internet Draft, John suggests using language translation in the application for TLD. The advantage of this method is that all existing TLDs can now be represented in any number of languages without additional need for ICANN to create new TLD. While this sounds like a clean solution to the IDN TLD problem, I don't think it is viable for the following five reasons... more
Google has signed an agreement with the Cuban government allowing internet users on the Communist-run island quicker access to its branded content. more
The resale of genuine products presents particular difficulties in domain name disputes, testing the application of fair use doctrine. Several domain name disputes involving the resale of event tickets illustrate the point. I served as a panelist in one such case The Orange Bowl Committee, Inc. v. Front and Center Tickets, Inc., D2004-0947 (WIPO 2005). The decision, which issued with a dissent, explored fair use in the domain name context and addressed several related ticket resale disputes. more
The North American Network Operators Group (NANOG) conference, a gathering of Internet Service Provider (ISP) engineers and vendors convenes three times a year for mostly technical conversation along with social networking. The recent NANOG conference in Reston Virginia saw some unusually direct talk about Spam and the ISPs that tolerate it from America Online's Postmaster, Charles Stiles. more
The basic problem posed by WSIS was the role of national governments and national sovereignty in global Internet governance. That conflict remains completely unresolved by the WSIS document. The document's thinking is still based on the fiction that there is a clear divide between "public policy" and the "day to day operation" of the Internet, and assumes that governments should be fully in control of the policy-setting function. Moreover, new organizational arrangements are being put into place which will carry on that debate for another 5 years, at least. The new Internet Governance Forum is a real victory for the civil society actors, but also fails to resolve the basic issue regarding the role of governments and sovereignty. Although called for and virtually created by civil society actors, the language authorizing its creation asks to involve all stakeholders "in their respective roles." In other words, we still don't know whether this Forum will be based on true peer-peer based interactions among governments, business and civil society, or whether it will reserve special policy making functions to governments. more
An article in the September issue of Wired explores search spam and the role of .info domain names. The article, titled "Spam + Blogs = Trouble" is a good overview of the problems of search spam, blog spam, and other various forms of web activity designed to take advantage of search engines. (The article will be online September 5, but you can read it on page 104 of the print edition that is available to subscribers now). For those not versed in search spam, it's basically creating multiple websites, typically auto-generated by computers, to get good search rankings and then monetize the resulting search traffic through AdSense or affiliate programs. The article focuses much of its attention to splogs, or auto-generated blogs... more
A World-Renowned Source for Internet Developments. Serving Since 2002.