Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
The number "5" license plate sold for $6.8 million dollars in Saudi Arabia and another 300 vanity plates sold for another $56 million at last week's auction. It is estimated that the number "1" will be auctioned next month for up to $20 million dollars. Domain names and license plates share some common characteristics. Both allow only one person to own a particular word or number. Of course, the exact same license plate 'word' or 'number' can be registered in every country and, in the USA, every state... more
SpaceX on Tuesday disclosed that it has received 500,000 preorders for its Starlink satellite internet service and that it anticipates no technical problems meeting the demand. more
I was talking to my good friend Verner Entwhistle the other day when he suddenly turned to me and said "I don't think we need DNSSEC". Sharp intake of breath. Transpired after a long and involved discussion his case boiled down to four points: 1. SSL provides known and trusted security, DNSSEC is superfluous, 2. DNSSEC is complex and potentially prone to errors, 3. DNSSEC makes DoS attacks worse, 4. DNSSEC does not solve the last mile problem. Let's take them one at a time... more
The Time Square Ball bringing in 2008 had more than 9,500 LED bulbs displaying 16 million colours while consuming power equivalent to about ten toasters. This compares to 600 incandescent and halogen bulbs adorning last year's Ball. Easy to forget that most mobile devices used by Time Square revelers were behind IPv4 NAT's and that always on applications such as Instant Messaging, Push e-mail, VoIP or location based services tend to be electricity guzzlers. It so happens that applications that we want always to be reachable have to keep sending periodic keepalive messages to keep the NAT state active... more
Building IoT ventures from scratch by prototyping hardware devices and their backend systems as well as working for a large company that tries to sell IoT devices itself, we learned a lot about the pitfalls and problems concerning security in the IoT. Nearly every connected device out there proved to be vulnerable to attacks. Researchers showed that it's possible to remotely take control over autonomous vehicles, implanted medical devices were manipulated, voting machines compromised and of course all sorts of other "smart" devices... more
I recently attended RIPE 66 where Tore Anderson presented his suggested policy change 2013-03, "No Need -- Post-Depletion Reality Adjustment and Cleanup." In his presentation, Tore suggested that this policy proposal was primarily aimed at removing the requirement to complete the form(s) used to document need. There was a significant amount of discussion around bureaucracy, convenience, and "liking" (or not) the process of demonstrating need. Laziness has never been a compelling argument for me and this is no exception. more
It took three years for ICANN to issue a breach notice to BizCn over the invalid WHOIS record behind RAPETUBE[DOT]ORG. Throughout the history of this absurd case ICANN staff would repeatedly insist the record had been validated and the registrar was compliant, regardless of extensive evidence proving otherwise. Despite a letter sent to ICANN's CEO and an investigation by the Washington Post, the Rape Tube stayed online. more
The Internet Corporation for Assigned Names and Numbers (ICANN) has released an "Advisory" concerning VeriSign's deployment of DNS wildcard (Site Finder) service: "Since the deployment, ICANN has been monitoring community reaction, including analysis of the technical effects of the wildcard, and is carefully reviewing the terms of the .com and .net Registry Agreements. In response to widespread expressions of concern from the Internet community about the effects of the introduction of the wildcard..." more
There are some real problems in DNS, related to the general absence of Source Address Validation (SAV) on many networks connected to the Internet. The core of the Internet is aware of destinations but blind to sources. If an attacker on ISP A wants to forge the source IP address of someone at University B when transmitting a packet toward Company C, that packet is likely be delivered complete and intact, including its forged IP source address. Many otherwise sensible people spend a lot of time and airline miles trying to improve this situation... The problems created for the Domain Name System (DNS) by the general lack of SAV are simply hellish. more
Two weeks ago, the US government announced it would transition its role in the IANA functions to the global Internet community. It tasked ICANN with the job of arriving at a transition plan and noted that the current contract runs out in 18 months' time, 30 September 2015. This week, ICANN started that process at its meeting in Singapore. And on the ground were the two key US government officials behind the decision. more
The beginning of a new decade is always an invitation to have a broader look into the future. What, in the next ten years, will happen in the Internet Governance Ecosystem? Will the 2020s see the usual swinging pendulum between more liberal and more restrictive Internet policies in an interconnected world? Or will we move towards a watershed? more
Adobe, Facebook, Microsoft and eBay are among a group of leading companies demanding ICANN to take a closer look at an "immediate and urgent matter" involving a subset of questionable domain name registrars. more
Many online businesses use affiliates to drum up business. The affiliate finds a lead somewhere, passes it to the business, and gets a commission if the lead turns into a sale. Web based affiliates are relatively uncontroversial, but affiliates who advertise by e-mail are a chronic problem due to their propensity to send spam, both spam as normally defined and as defined by CAN SPAM. Is it possible to do legitimate e-mail affiliate marketing? Maybe... more
As new Top-Level Domains (TLDs) are launched, the industry mustn't overlook the customer experience. A key question is this: Will the software applications we all use, recognize the new TLDs and know what to do with them in a timely fashion? Think email and even form-fill applications. I speak from experience here. In 2006 when we launched the .MOBI TLD, there were arguably only a handful of .MOBI email addresses in existence. To my dismay, I found that often emails sent only from my .MOBI account were not being received at the other end... more
As attack vectors go, very few are as significant as obtaining the ability to insert bespoke code in to an application and have it automatically execute upon "inaccessible" backend systems. In the Web application arena, SQL Injection vulnerabilities are often the scariest threat that developers and system administrators come face to face with (albeit way too regularly). more
A World-Renowned Source for Internet Developments. Serving Since 2002.