Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Three vectors were exploited in the recent DDoS attack against Spamhaus: 1) Amplification of DNS queries through the use of DNSSEC signed data; 2) Spoofed source addresses due to lack of ingress filtering (BCP-38) on originating networks; 3) Utilisation of multiple open DNS resolvers While. 1) is unavoidable simply due to the additional data that DNSSEC produces, and 2) "should" be practised as part of any provider's network configuration, it is 3) that requires "you and I" ensure that systems are adequately configured. more
I remember being told three years ago that, in general, internet backbone issues weren't really a subject for regulatory involvement, and didn't need to be. Although the last mile was a problem, the upstream fat-pipe relationships weren't - they were all competitive and thriving. Or at least that's what people thought. Over the last couple of days I've been looking around trying to figure out what the facts are about backbones and peering. It seems that we don't even know what we don't know... more
Too many techies still don't understand the concept of due process, and opportunistic law enforcement agencies, who tend to view due process constraints as an inconvenience, are very happy to take advantage of that. That's the lesson to draw from Verisign's proposal and sudden withdrawal of a new "domain name anti-abuse policy" yesterday. The proposal, which seems to have been intended as a new service to registrars, would have allowed Verisign to perform malware scans on all .com, .net, and .name domain names quarterly when registrars agreed to let them do it. more
Last month saw a much-anticipated decision handed down in the Independent Review Panel (IRP) proceeding examining the controversial 2015 auction for the .web generic top-level domain name registry (gTLD). This decision has been covered by others, including Kevin Murphy's DomainIncite, and has been the subject of unsurprisingly incongruous statements by both Verisign and Afilias, who are both contending for the .web concession privilege. more
When CAN-SPAM was passed in 2003, it was fairly clear that Congress wasn't trying to enable broad private enforcement. Everyone knew that rabid anti-spammers would seize any new statutory right for a litigation frenzy... Although I personally think Congress would better served all of us by omitting all private enforcement rights in CAN-SPAM, unquestionably the private rights in CAN-SPAM are drafted narrowly to prevent their abuses. That hasn't stopped some zealous anti-spammers from testing the limits of CAN-SPAM's private enforcement remedies anyway. more
ICANN has just published a paper from its contractor PowerAuctions LLC, regarding the use of auctions to award new Top Level Domains (TLD) strings in case of contention. I can understand what ICANN wants to avoid. In the past, it has been criticized for using the "beauty contest" model with the redelegation of the .net TLD... However, the auction model is based on the idea that whoever wins the auction will be able to recoup its investment on the sale... more
The imminent expiration date (September 30) of the joint project agreement between ICANN and the US government, establishing the US as unilateral supervisor over Internet's addressing and Domain Name System (DNS) operations, has rejuvenated the call for an internationalization of Internet oversight. The average Internet user, however, is unlikely to benefit from a change in the current status quo as both alternatives, full privatization and intergovernmental oversight, are bound to affect both the Internet's innovative power and the personal liberties enjoyed by its users. more
Tim Wu had an OpEd published in the Wall Street Journal this weekend: In the Grip of the Internet Monopolists. There are commentaries on the piece on The Technology Liberation Front and TechCrunch. The more I thought about the OpEd, the more troubling it seemed. more
In its informal background paper "Applying the Highest Standard of Corporate Governance" (August 2011) the European Commission proposes to revise the procedures of ICANNs Nominating Committee (NomCom). Instead of the confidential treatment of applicants the EU calls for an open publication of "a full list of candidates". Is this a good idea? I don't think so. The rationale behind the EU proposal is "to improve confidence on the selection procedure" and "to avoid conflict of interests". But the proposed improvement is based on a wrong assumption... more
The public policy objectives in the area of content filtering and blocking space are intended to fulfil certain public policy objectives by preventing users within a country from accessing certain online content. The motives for such public policies vary from a desire to uphold societal values through to concessions made to copyright holders to deter the circulation of unauthorised redistribution of content. more
To paraphrase an old Klingon proverb, there can be no spam solution, so long as e-mail is free. Yahoo has unveiled plans to launch its Domain Keys software as an open-source toolkit in 2004. The intent is to allow developers of major e-mail systems to integrate Yahoo's public/private key authentication system into their own software and thus create momentum for a standard whose raison d'etre is identify verification. This is a commendable effort, but a closer look reveals that it will not only not stop the spam problem, it may have almost no effect at all. more
CAUCE Executive Director Neil Schwartzman won the prestigious Mary Litynski award on June 08, 2011 for his contributions to Internet anti-abuse efforts, including the passage of Canada's Anti-Spam Law. more
This case had a bit of a weird result -- even though the brand owner had a mark that was 20 years old, and the alleged cybersquatter, in the meantime, acquired a domain name on the open market identical to that mark, because the domain name was first registered (by an unrelated party) before the brand owner's trademark rights arose, there was no relief under federal trademark law. more
ICANN's new gTLD expansion is really quite an ingenious ploy to grow the once small California non-profit into an unstoppable machine, worth hundreds of millions of dollars, which soon plans to finally be free from any external oversight. I have no doubt that ICANN pats itself on the back for pulling the wool over so many eyes, including stakeholders, new gTLD applicants, politicians, and the global general public. more
With companies shifting away from on-premises and "traditional" telecom networks to Internet-based protocols - such as Voice Over IP (oIP) - the market for critical communications infrastructure - most notably SIP trunking - is on the rise; not only multiple failover sites but cloud-based SIP-as-a-service solutions are now popular options. However, there's a caveat: problems unique to SIP systems that can cause IT headaches if you're not prepared. Here are three of the most common. more
A World-Renowned Source for Internet Developments. Serving Since 2002.