Provoking National Boundaries on the Internet? A chilling thought…

The impact of the recently revealed US government data collection practices may go well beyond the privacy ramifications outlined in the Internet Society's statement: expect a chilling effect on global, resilient network architecture. As governments of other countries realize how much of their citizens' traffic flows through the US, whether or not it is destined for any user or service there, expect to see moves to curtail connections to and through the US. more

Can’t Sell Your IPv4 Numbers? Try Leasing Them

In a "policy implementation and experience report" presented at ARIN 31 in Barbados, ARIN's staff noted that they are seeing "circumstances" related to the leasing of IPv4 number blocks. At the recent INET in Denver, ARIN's Director John Curran alleged that there is a "correlation" between address leasing activity and organizations that have been unable to complete specified transfers through the ARIN process, which requires needs-based justification. more

What May Happen to GAC Advice? 3 Fearless Predictions

Many TLD applicants are likely to respond to the GAC Advice in a manner that is like story telling: Based on a mixture of fiction garnished with some facts from their applications, applicants will write savvy responses with only one aim -- to calm down the GAC's concerns and survive the GAC Advice storm. The "duck and cover" strategy... According to the Applicant Guidebook, material changes to applications need to go through a Change Request process. more

Open DNS Resolvers - Coming to an IP Address Near You!

Three vectors were exploited in the recent DDoS attack against Spamhaus: 1) Amplification of DNS queries through the use of DNSSEC signed data; 2) Spoofed source addresses due to lack of ingress filtering (BCP-38) on originating networks; 3) Utilisation of multiple open DNS resolvers While. 1) is unavoidable simply due to the additional data that DNSSEC produces, and 2) "should" be practised as part of any provider's network configuration, it is 3) that requires "you and I" ensure that systems are adequately configured.  more

Opportunity Missed: Hilton Checks-Out of New Domains Boom

American author Mark Twain once wrote: "I was seldom able to see an opportunity until it had ceased to be one." Last month we learned that Hilton Hotels & Resorts joined six other new Top-Level Domain applicants in withdrawing their application and exiting the program. I was disappointed when I first heard the news. My initial thoughts were centred on the enormous potential .hilton offered the company and the innovative business opportunities they were now abandoning. more

The Incredible Leakyness of Commercial Mailers

Acronis is a company that sells backup software. They have been around for over a decade, and have lots of big respectable customers. The Wall Street Journal is the nation's leading business newspaper. Equifax is one of the big three national credit bureaus. Shelfari is a book interest web site owned by Amazon. The Economist is a globally influential newsweekly. Airliners.net is a popular photosharing site for airplane enthusiasts. What do they have in common? more

Africa vs. Africa: The GAC Early Warnings on New gTLD Applications Indicate an Africa Divided

Last week, the much-anticipated Governmental Advisory Committee (GAC) Early Warnings on new gTLD applications were finally issued. And the GAC didn't disappoint. A total of 242 warnings were issued on 163 strings (including 31 strings applied for by Radix). The GAC warnings yet again show that Africa is perfectly capable of being at the top of league tables -- for the wrong reasons. more

Report Reveals Planned DNSSEC Adoption of 2010 by Key Industries Still in Limbo

A recent progress report on DNSSEC adoption reveals the extent to which organizations in a number of industries are falling short of their own objectives for making Domain Name Server (DNS) infrastructure more secure. The progress report, conducted by Secure64 Software Corporation, is a follow-up to a 2010 study by Forrester Research titled, "DNSSEC Ready for Prime Time," which reported on organizations' plans to implement DNSSEC in order to shore up vulnerabilities in DNS. more

The London Process Arrived in Budapest: Another Travel Circus for the Internet Community?

The Budapest Conference on Cyberspace brought together nearly 20 heads of states and ministers plus 700 high level experts from various stakeholder groups from 60 countries. However, after two days of discussion there is less clarity where the so-called "London Process" - established by the British Foreign Minister William Hague in November 2011 in London - will go. The next meeting is scheduled for October 2013 in Seoul. Another flying circus for another Internet Governance talking shop? more

Privatizing the ITU-T: Back to the Future

The awkwardly named International Telecommunication Union Telecommunication Standardization Sector (ITU-T) by any measure is a highly unusual body. It is the only global intergovernmental organization where Nation States produce detailed technical standards for telecommunications. Even more amazing is that it produces these standards for a field that is so dynamic and globally competitive as telecommunications. What is not well known is that the ITU-T was once a private standards body... more

Cyber Criminals Infiltrate Even Small Businesses

I read an interesting article in the Wall Street Journal today entitled Cyber Criminals Sniff out Vulnerable Firms. It's a story of a small business owner in New York whose company was broken into by cyber criminals and stole $1.2 million from its bank accounts, although the owner was able to later recover about $800,000 of that. The moral of the story is that small businesses feel like they are not a major target for online thefts like these. more

Cloud Redundancy: How Amazon Should Repair Credibility

I'm curiously puzzled, but not entirely surprised, how a company such as Amazon (NASDAQ: GS) allowed its servers to be interrupted for any length of time due to severe storm damage in northern Virginia this past weekend. Companies using cloud servers are both expectant and dependent on being able to pull information from cloud sources to operate their businesses without interruption. After all, IT professionals have been preaching the security and reliability of the cloud for quite some time to manage large data off-site. Steps for Amazon to repair credibility should be transparent and swift. more

About That Second, Third and Fourth Wireless “Attachment”

There is some good news about the decision by Verizon Wireless to offer shared monthly data plans. But there could be a lot more if the FCC applied its Carterfone policy. That policy gave consumers the power to decide what and how many devices to attach to a network connection. If Carterfone applied, consumers could use multiple devices to access a network subscription, albeit perhaps not at the same time. more

Getting On Board With DNSSEC - A Personal Recount

I first became familiar with DNSSEC around 2002 when it was a feature of the Bind9 server, which I was using to setup a new authoritative DNS platform for customers of the ISP I was working for. I looked at it briefly, decided it was too complex and not worth investigating. A couple of years later a domain of a customer got poisoned in another ISPs network. And while the DNS service we provided was working properly, the customers impression was we hadn't protected them. more

BYOD Woes and Worries

Like the scene of a movie in which a biblical character holds back the mighty sea and is about to release the tide against his foes, BYOD has become a force of nature poised to flood those charged with keeping corporate systems secure. Despite years of practice hardening systems and enforcing policies that restrict what can and can't be done within the corporate network, businesses are under increasing (if not insurmountable) pressure to allow a diversifying number of personal devices to connect to their networks and be used for business operations. more