Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Building on my last article about Network Assessments, let's take a closer look at vulnerability assessments. (Because entire books have been written on conducting vulnerability assessments, this article is only a high level overview.) What is a vulnerability assessment? more
On his blog Bruce Schneier recently published a post called "Power and the Internet". An article that most people in the western world will agree with. Internet freedom against Internet safety and security, the powerful have a lot of power to wield and the rest is at best ad hoc organised or fairly powerless lobby organisations. So who is likely to win? Vested interests, he warns. more
It puzzles me to watch Governments introducing or subscribing to proposals that would in effect smoothly concede part their sovereignty to the ITU -- in an area that is central -- Communications. The WCIT 2012, in the middle of its second week, would now discuss Document DT/51-E 11, which is said to be a "package" of not-yet-compromised draft proposal for revisions to the International Telecommunication Regulations, which inevitably makes ITU the control center of all communications in the known Universe. more
The market has failed to secure cyberspace. A ten-year experiment in faith-based cybersecurity has proven this beyond question. The market has failed and the failure of U.S. policies to recognize this explains why we are in crisis. The former chairman of the Security and Exchange Commission, Christopher Cox, a longtime proponent of deregulation, provided a useful summary of the issue when he said, "The last six months have made it abundantly clear that voluntary regulation does not work."... more
It makes me cringe when I hear operators or security practitioners say, "I don't care who the attacker is, I just want them to stop." I would like to believe that we have matured past this idea as a security community, but I still find this line of thinking prevalent across many organizations -- regardless of their cyber threat operation's maturity level. Attribution is important, and we as Cyber Threat Intelligence (CTI) professionals, need to do a better job explaining across all lines of business and security operations... more
There are a number of things that make a responsible Email Service Provider (ESP), including setting and enforcing standards higher than those set by the ISPs. One of the responsible ESPs is Mailchimp. (Full disclaimer, I do consult for Mailchimp.) This ESP focuses on businesses with small to medium sized lists. They screen new customers for source of permission as well as mail content. more
The IPv4 market has created serious interest in the protocol far beyond the natural confines of networking professionals. These assets are worth a lot. Marketplaces, IPv4.Global's especially, have grown to be large centers of asset transfer by buyers and sellers of IPv4 addresses. IPv4.Global has helped transfer over $1 billion in IPv4 blocks. more
All round the world we are seeing massive social changes in the way people interact with their leaders and with their political elite. In many cases governments and politicians seem to be behaving as though they are immune to the changes that are following on from these new grassroots-based democratic processes. They often do mention reforms and recommend reforms, but there is an equal need for them to transform their own sector and their own way of conducting politics and government. This applies to both the political leaders in developed and the developing economies. more
Over the last ten years we have heard a lot about edge-based services. These were needed to enable the operation of applications at the edge of the network, as the lack of available bandwidth capacity made it difficult to do so over the core network. However, with the prospect of limitless bandwidth the design of the network is changing again. more
Having trademarks (registered or unregistered) is the prerequisite for maintaining a UDRP, but having one is not conclusive of either Respondent’s lack of rights or legitimate interests or that it registered and is using the domain name in bad faith. The cautionary tale in many of these cases, especially for the Complainant who has the burden of proof, is that it has to satisfy each of the elements in the three subsections... more
Most of the good thrillers I tend to watch have spies and assassins in them for some diabolical reason. In those movies you'll often find their target, the Archduke of Villainess, holed up in some remote local and the spy has to fake an identity in order to penetrate the layers of defense. Almost without exception the spy enters the country using a fake passport; relying upon a passport from any country other than their own... So, with that bit of non-fiction in mind, why do so many people automatically assume that cyber-attacks sourced from IP addresses within China are targeted, state-sponsored, attacks? more
Could the Trump administration reverse the decision to give the Internet Corporation for Assigned Names and Numbers (ICANN) autonomy from the U.S. Department of Commerce? more
In 2026, internet infrastructure will be reshaped by geopolitics, grid constraints, and regulatory shifts. Firms that treat data location, power access, and legal compliance as strategic priorities will gain competitive advantage. more
As I mentioned in a post to the Deploy360 blog today, there are three excellent sessions relating to DNSSEC happening at ICANN 50 in London next week: DNSSEC For Everybody: A Beginner's Guide; DNSSEC Implementers Gathering; DNSSEC Workshop. Find out more. more
Is there any act more primary than naming? It comes before all else and makes possible what follows. For the most part, names are drawn from cultural assets: collections of words, geographic locations, family names, etc. They can be valuable, which is why they are guarded, protected, and hoarded. The balancing of rights among those competing for names is a deliberate feature of the Uniform Domain Name Dispute Resolution Policy (UDRP). more
A World-Renowned Source for Internet Developments. Serving Since 2002.