One of the most profoundly disruptive developments occurring in the cyber security arena today is the headlong rush by a set of parties to ubiquitously implement extreme End-to-End (e2e) encryption for communication networks using essentially unbreakable encryption technology. A notable example is a new version of Transport Layer Security (TLS) known as version 1.3. The activity ensues largely in a single venue... more
The website designated by Dell Inc. to help customers recover from malicious software and other computer maladies may have been hijacked for a few weeks this summer by people who specialize in deploying said malware, reports Brian Krebs in KrebsOnSecurity. more
In his book "The Darkening Web: The War for Cyberspace" (Penguin Books, New York 2017), Alexander Klimburg, an Austrian-American academic, gives "Internet Dreamers" a "Wake Up Call". He tells us the background-story why people start to be "anxious about the future of the Internet", as the recent ISOC Global Internet Report "Paths to Our Digital Future" has recognized. Klimburg refers to Alphabets CEO Erich Schmidt, who once said that "the Internet is the first thing that humanity has built that humanity does not understand". more
UDRP decisions come down from providers (principally from WIPO and the Forum) at the rate of 7 to 10 a day. Complainants mostly prevail; this is because in 90% of the cases (more or less that percentage) respondents have no plausible defense and generally don't bother appearing, although default alone is not conclusive of cybersquatting; there must be evidence of infringement. When complainants do not prevail, it is not because they lack rights... more
On 30 September 1850 at Dresden, the first international treaty was issued among the first sovereign nations to internet their national electronic communication networks. It was known as the Dresden Convention, and culminated several weeks hammering out basic requirements and techniques to implement an internet spanning the Austro-German European continent at the time, and established a continuing "Union" of signatories to evolve the provisions of the treaty. more
I'm an engineer, and I firmly believe that Internet matters and, in general, Information Society, should be kept separate from politics, so usually, I'm very skeptical to talk about those and mix things. Let's start by saying that I'm Catalonian. Despite the dictatorial regime when I was born, forbidden teaching Catalonian, I learned it, even despite, initially for family reasons and now for work reasons, I live in Madrid. However, I keep saying everywhere I go, that I was born in Barcelona... more
I use Paypal, and I am quite satisfied with how it helps me with my business: it is still a little hard to use, and I don't use all functions of the tool, but it is not so expensive, it is fast and efficient, and Paypal does not send so many emails. In one word, Paypal rocks... The only problem that I have with Paypal is the number of fake emails that I receive. Of course, I easily identify them as they come in and luckily, G Suite (Gmail) does an excellent job at blocking all spam and phishing. more
What happens when you open an email and allow it to display embedded images and pixels? You may expect the sender to learn that you've read the email, and which device you used to read it. But in a new paper we find that privacy risks of email tracking extend far beyond senders knowing when emails are viewed. Opening an email can trigger requests to tens of third parties, and many of these requests contain your email address. more
The Equifax hack is understood to have compromised the personal data of over 140 million individuals. Although recent hacks of other businesses have affected more individuals, the personal data held by Equifax is significantly more sensitive than the data compromised in other hacks and includes Social Security numbers, birth dates, current and previous addresses and driver licence details... (Co-authored by Peter Davis and Brendan Nixon.) more
The Internet Corporation for Assigned Names and Numbers (ICANN) has postponed plans to change the cryptographic key -- a critical step in updating protection measures for the Domain Name System (DNS). more
As you've undoubtedly heard, the Equifax credit reporting agency was hit by a major attack, exposing the personal data of 143 million Americans and many more people in other countries. There's been a lot of discussion of liability; as of a few days ago, at least 25 lawsuits had been filed, with the state of Massachusetts preparing its own suit. It's certainly too soon to draw any firm conclusions... but there are a number of interesting things we can glean from Equifax's latest statement. more
The offices of the .cat gTLD registry Fundació puntCAT were raided by the Spanish police this morning. The company reported the incident via a series of tweets as the raid was being carried out. more
Suppose for a moment that you are the victim of a wicked ISP that engages in disallowed "throttling" under a "neutral" regime for Internet access. You like to access streaming media from a particular "over the top" service provider. By coincidence, the performance of your favoured application drops at the same time your ISP launches a rival content service of its own. You then complain to the regulator, who investigates... It seems like an open-and-shut case of "throttling" resulting in a disallowed "neutrality violation". Or is it? more
A recent article in the New York Times Dealbook column reported on phone number hijacking, in which a bad guy fraudulently takes over someone's mobile phone number and used it to reset credentials and drain the victim's account. It happens a lot, even to the chief technologist of the FTC. This reminds us that security is hard, and understanding two-factor authentication is harder than it seems. more
Over the past couple of weeks, following the events in Charlottesville, Virginia, there has been significant discussion in social and traditional media about various technology companies removing websites from their servers, or otherwise making them unavailable. As the operators of Canada's Internet domain, we at CIRA are getting numerous inquiries about our stance and policies on this issue. I'd like to use this opportunity to make a couple of clarifications about how CIRA works and what CIRA actually does. more
A World-Renowned Source for Internet Developments. Serving Since 2002.