A small but intriguing paragraph in the VeriSign settlement says that ICANN gets to maintain the root zone. I thought they did now, but I guess VRSN does, following advice from ICANN. This has two and a half effects. The most obvious is political -- if ICANN rather than VRSN is distributing the root zone, it removes the symbolic significance of VeriSign's A root server. The second is DNSSEC key management. Until now, the contents of the root zone have been pretty boring, a list of names and IP addresses of name servers. If DNSSEC is deployed in the root, which is not unlikely in the next few months, ICANN rather than VeriSign will hold the crypto keys used to sign the root zone. If a tug of war develops, whoever holds the keys wins, since without the keys, you can't publish a new version of the root with changed or added records unless you publish your own competing set of keys and can persuade people to use them. more
The latest Anti-Phishing Working Group (APWG) Global Phishing Survey, which analyzed over 100,000 phishing attacks in the first half of 2014, examines the progress that top level domains (TLDs) are making in responding to phishing attacks that use their TLDs. The report finds the .INFO domain has the lowest average phishing uptimes as compared to other TLDs, such as .COM and .NET. more
Network operators rely on guidance from IP address experts because not all IP addresses used on the Internet are the same. The "reputation" of email senders is especially important because some are malicious users of the system. But identifying "senders" based on their email addresses or the individual IP address of a user presents issues that are unnecessarily complex. more
A new report issued by the Number Resource Organization (NRO) has found that demand for both IPv4 and IPv6 address space is continuing to grow. The Internet Number Resource Status Report for the first quarter of 2010 is based on data collected by the five Regional Internet Registries (RIRs) that oversee the allocation of all Internet number resources, and outlines RIR allocation of IP address space (IPv4 and IPv6), as well as AS number assignments. In the report, the NRO notes that allocations of IPv4 addresses in Q1 have reduced the IANA free pool of IPv4 addresses to 8.5 percent. more
A recent press release from the Internet Society reports that the IETF will shortly publish specifications of SPF and Sender-ID in the RFC series. What does this mean for the future? ...More than 4000 documents have been published in the RFC series since the first RFC in 1969, relatively few of which have evolved into Internet standards. Each RFC is characterized when published as standards-track, best current practice, informational, experimental, or historical. These four RFCs, three describing Sender ID and one describing SPF, are all experimental. more
Here we are, half-way through this list of the top 10 IPv6 security myths! Welcome to myth #6. Since IPv6 is just now being deployed at any real scale on true production networks, some may think that the attackers have yet to catch up. As we learned in Myth #2, IPv6 was actually designed starting 15-20 years ago. While it didn't see widespread commercial adoption until the last several years, there has been plenty of time to develop at least a couple suites of test/attack tools. more
It is no secret that in the Caribbean people are crazy about their cell phones. In fact, the Caribbean has one of the highest levels of mobile phone penetration in the world. According to a report from BuddeComm, an Australia-based telecom research firm, mobile phone penetration in Latin America and the Caribbean reached an estimated 80% in early 2009, well above the world average which was about 58%. The report stated that Latin America and the Caribbean together now account for an estimated 12% of the world's 3.97 billion mobile subscribers. more
Efforts to take down websites for copyright infringement are likely to move beyond U.S.-based domain name registries, with ICANN promising to more closely cooperate with global law enforcement agencies and governments. During an open session with the Government Advisory Committee (GAC), the ICANN board confirmed that it will enforce its contracts with registrars more effectively in order to meet expectations from governments and law enforcement authorities. more
At the ENISA presentation on her botnet report at eco in Cologne, 9 and 10 March, one of the slots was dedicated to threats to the mobile environment. The message I was supposed to come home with was: we can still count the numbers of mobile viruses manually, <600; the problem will never be the same as on a fixed network as traffic is monitored and metered: We detect it straight away. We are studying the problem seriously. Are mobile operators really prepared for what is coming? more
We got used to it: if we open a website, it's always like stop and go on a high-traffic highway or city traffic jam. At some point, we will reach the destination. The constant stalling is due to a traffic rule for the Internet called TCP (Transmission Control Protocol). The TCP/IP protocol family comes from the American defense industry. It was introduced by DARPA (Defence Advanced Research Projects Agency) in the early 1970s. At that time, no one had the Internet as the need of the masses on the screen. more
Netchoice, a lobbying group for the e-commerce industry had a strange reaction on the failure of the GNSO working group on Whois to reach a consensus. After all, they say, "Privacy concerns with Whois that were identified years ago have already been addressed by in the marketplace"... more
Have you ever found yourself blocked by a snowshoe spam filter or listed on a snowshoe blacklist? Or perhaps you've been told that one of your mailing practices makes you look like a snowshoe spammer? If so, you're probably wondering what snowshoe spam is, what you're doing to earn this reputation and what you should be doing differently. Here's a brief overview of the history of snowshoe and some suggestions on how to avoid being mistaken for a snowshoe spammer. more
In the first article of this two-part blog series, we looked at how frequently domains were used by bad actors for phishing activity across individual top-level domains (TLDs) or domain extensions, using data from CSC's Fraud Protection services, powered by our DomainSecSM platform. In this second article, we analyze multiple datasets to determine the highest-threat TLDs, based on the frequency with which the domains are used egregiously for a range of cybercrimes. more
The Working Group of Internet Governance has released its final report [PDF]. As I wrote this week in my Law Bytes column, the report comes on the heels of the U.S. statement that it has no intention of surrendering control of root zone file. The WGIG report developed a working definition of Internet governance that states: "Internet governance is the development and application by Governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the Internet."... more
Netflix has become the largest source of Internet traffic in North America, according Sandvine's Spring 2011 Global Internet Phenomena Report. Company further reports that currently, Real-Time Entertainment applications consume 49.2% of peak aggregate traffic, up from 29.5% in 2009 -- a 60% increase [see figture]. Sandvine forecasts that the Real-Time Entertainment category will represent 55-60% of peak aggregate traffic by the end of 2011. more
A World-Renowned Source for Internet Developments. Serving Since 2002.