Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
At the Internet Governance Forum (IGF) 2024 in Riyadh, the Internet Standards, Security and Safety Coalition (IS3C) released a new tool: 'To deploy or not to deploy, that's the question. How to convince your boss to deploy DNSSEC and RPKI'. In this report, IS3C advocates mass deployment of these two newer generation, security-related internet standards, as their deployment contributes significantly to the safety and security of all internet users. more
It was not without a little trepidation that I planned the 2nd DNS Abuse Institute Forum to focus on the long-standing and often contentious definitional issues surrounding DNS Abuse. While the risk of getting stuck in the usual entrenched positions was real, it seemed to me that we had an opportunity to provide some clarity and if not change minds, at least provide perspective. more
Last year there was a "threat" by anonymous group to black out Internet by using DNS Reflection/Amplification attack against the Internet DNS Root servers. I even wrote a little article about it: "End of the world/Internet". In the article I was questioning if this was even possible and what was needed as general interest and curiosity. Well, looking at the "stophaus" attack last week, we are getting some answers. more
Last December I wrote about Mark Mumma, who runs a small web hosting company in Oklahoma City and his battle with Omega World Travel a/k/a cruise.com. Mumma lost his CAN SPAM suit agains them in December, but Omega's countersuit for defamation went to trial last week, and I hear that the jury awarded Omega $2.5 million in damages, which Mumma is not likely to be able to pay. This may be painted in some circles as a huge defeat for anti-spam activists, but it's not... more
ISPs in the U.S. saw a significant surge in both downstream and upstream traffic, increasing at least 30% and as much as 40% during peak business hours and as much as 60% in some markets, according to a new report from the Broadband Internet Technical Advisory Group (BITAG). more
Over the past several months, CITP-affiliated Ph.D. student Sarthak Grover and fellow Roya Ensafi been investigating various security and privacy vulnerabilities of Internet of Things (IoT) devices in the home network, to get a better sense of the current state of smart devices that many consumers have begun to install in their homes. To explore this question, we purchased a collection of popular IoT devices, connected them to a laboratory network at CITP, and monitored the traffic that these devices exchanged with the public Internet. more
In 2002, VeriSign, the registry for .COM and .NET domain names, proposed the idea of a centralized, registry-level "wait list" for currently registered domain names. The system would let anyone around the world get "next in line" for a name that is registered now but may become available later.
This new registry service, titled Wait List System (or WLS), would augment what is now an ad-hoc group of registrar-level services that are useful, but aren't always fully dependable or even available to the general public. more
There's a bit of a debate going on about whether the Kaseya attack exploited a 0-day vulnerability. While that's an interesting question when discussing, say, patch management strategies, I think it's less important to understand attackers' thinking than understand their target selection. In a nutshell, the attackers have outmaneuvered defenders for almost 30 years when it comes to target selection. more
After the botched burglary at the Watergate Apartments, every scam and scandal that hit the headlines became a 'gate' -- Irangate, Contragate, you name it. The Heartbleed bug is possibly the closest thing to Watergate that this generation of computer security had seen till the past few days -- an exploit in a component that is "just there" -- something you utterly rely on to be there and perform its duties, and give very little thought to how secure (or rather, insecure) it might be. So, fittingly, every such catastrophic bug in an ubiquitous component is now a 'bleed'. more
The recent tempest in a teacup on ARINs PPML list over the transfer of IP address blocks from Nortel (a company in Chapter 11) to Microsoft has some interesting Internet Governance dimensions that are yet to be discussed. One aspect that has been overlooked amidst all the sound and fury, is the governmental perspective on IP address transfers. more
New research has uncovered evidence of spammers establishing their own fake URL-shortening services for the first time. According to the latest MessageLabs Intelligence report, shortened links created on these fake URL-shortening sites are not included directly in spam messages; instead, the spam emails contain shortened URLs created on legitimate URL-shortening sites. "Rather than leading directly to the spammer's final Web site, these links actually point to a shortened URL on the spammer's fake URL-shortening Web site, which in turn redirects to the spammer's final Web site." more
The first part of a multi-part series report by ICANNfocus. This part discusses the history of the data quality act. "The Center for Regulatory Effectiveness (CRE) has determined that ICANN is subject to the Data Quality Act. Specifically, because ICANN carries out the technical management of the internet, including the IANA function and the implementation of new top level domains, under agreement with the U.S. Department of Commerce, ICANN's information disseminations are "sponsored" by the Department and thus subject to the Act." more
Last night Intelligence Squared and Neustar conducted a fascinating, Oxford style debate on whether the threat of cyber war has been exaggerated. A packed house at the Newseum in Washington, DC heard four cyber heavyweights go toe-to-toe verbally both for and against the proposition that the threat has been exaggerated. more
Internet Corporation For Assigned Names and Numbers (ICANN) has released the following announcement today for its upcoming meetings in Kuala Lumpur, Malaysia: ICANN, the international organisation responsible for managing and coordinating the Internet's Domain Name System is meeting in Kuala Lumpur 19-24 July, amidst reports that Internet usage in Asia is growing at an increasing pace, and that ICANN's model of public-private partnership is succeeding. more
A World-Renowned Source for Internet Developments. Serving Since 2002.