Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
An acquaintance asked whether there's been any progress in the oft-rumored project to come up with a more secure replacement for SMTP. Answer: No. Truly, spam isn't a technical problem, it's a social one. If we could figure out some way to make mail recipient networks and hosts willing to shun known bad actors, even at the cost of losing some real mail for a while until the bad actors cave, it would make vastly more difference than any possible technical changes. more
There is a new threat in town known as "SAD DNS" that allows attackers to redirect traffic, putting companies at risk of phishing, data breach, reputation damage, and revenue loss. What is SAD DNS? No, it isn't the domain name system (DNS) feeling moody, but an acronym for a new-found threat -- "Side-channel AttackeD DNS" discovered by researchers that could revive DNS cache poisoning attacks. more
The APNIC Blog has recently published a very interesting article by Willem Toorop of NLnet Labs on the relationship between Security Extensions for the DNS (DNSSEC) and DNS over Transport Layer Security. Willem is probably being deliberately provocative in claiming that "DoT could realistically become a viable replacement for DNSSEC." If provoking a reaction was indeed Willem's intention, then he has succeeded for me, as it has prompted this reaction. more
Just when you thought making phone calls couldn't get any cheaper, along comes last week's news from Google about their latest iteration of Google Voice. There have been several steps along the way for Google to get to this point, and there are a host of reasons why this news is of interest to service providers of all stripes. I often write about how certain technologies and disruptive forces change the business of being a service provider, and this is but the latest example. more
A recent report published by the cybersecurity firm Armor says ransomware infections have hit over 500 US schools in 2019 to date. Armor warns the rate of attack seems to be picking up with 15 new ransomware victims in the last two weeks, all of them educational institutions. more
Either because of laxness on the part domain name holders or cunning on the part of thieves, registrars have been duped into transferring domain names to fraudsters' accounts. I discussed the matter last year in Recovering Domain Names Lost to Fraudulent Transfer. These cases are mostly filed in the Eastern District of Virginia, Alexandria Division, for the good reason that the registry for dot com is located in that jurisdiction and they are mostly recovered. more
A new study by anti-phishing company PhishLabs reveals 49 percent of all phishing sites in the third quarter of 2018 had Secure Sockets Layer or SSL with HTTPS in their URL. more
Several people pointed out that although the suit still hasn't appeared in PACER, copies of the complaint are available online, including this one [PDF] at Lextext. Having read it, I'm rather underwhelmed... I do not purport to be a lawyer (nor do I usually play one on the net), but it's hard to see how the facts, which are not in serious dispute, would support any of these charges. more
With the recent attacks against high-profile New Zealand domain names including Coca-Cola.co.nz and F-Secure.co.nz, fingers are naturally pointing to Domainz, the registrar of record for these domains, as the party responsible for this lapse in security. While domain name registrars certainly need to ensure the security and stability of their systems, domain name registries must also step up and take responsibility for mitigating risks posed by hackers... more
February 4th 2008 will be the day the repotting of the internet finally starts. A milestone of sorts for some people who spent a good part of the last five years getting us this far. It should now be finally possible for a IPv6 only device to have a chance to communicate on the Internet. Indeed, today, IPv6 address information is not included in most root DNS servers. Some good write-ups are already appearing on the subject covering the relevance of this development... Why get excited as there are practically no IPv6 only devices yet, some will bemoan. Well, one can hear a distant rumbling of such devices coming, alongside the mobile internet... more
A number of news sources marked Monday, April 23, as the day Net Neutrality died. EFF in response posted a blog clarifying that the case is not true. more
Over the past 30 months, since Trump was installed in the White House, he has systematically abrogated US treaty responsibilities and diminished the nation's engagement in international collaborative activities. More recently, his gambits have expanded to market entry, chip component, and software restrictions on Chinese telecommunication equipment vendors, especially Huawei. more
ARIN deployed a series of enhancements to its Whois-RWS service today. This includes enabling CIDR support and IPv6 lookups in the search box on the web page, provided plain text rendering of lists of ASNs and networks on the web - plus enhanced CIDR query matching on WHOIS port 43. more
The scale of the devastation inflicted by Haiti's earthquake a little over two weeks ago, meant that no industry has been left untouched by its effect. The telecommunications sector is no exception. Ever since the earthquake struck on Tuesday 12th January, fixed line and wireless communications have been virtually unavailable. more
Six years ago today, organizations all across the Internet came together as part of World IPv6 Launch to permanently enable IPv6 on their networks. Today, from that tiny launch the global Internet has grown to where over 25% of users are regularly connecting over IPv6. In some regions, this is significantly higher. For example, 237 million people in India connect over IPv6. Some mobile operators have over 80 or 90% of their devices connecting over IPv6. more
A World-Renowned Source for Internet Developments. Serving Since 2002.