Red Cross and Internet Governance with Cause

One of many controversies surrounding the introduction of new domain names is the special protection given, though a moratorium, to the Red Cross and Red Crescent Movement (RCRC) and International Olympic Committee (IOC). Although the RCRC and the IOC are discussed together, they are very different. more

US-NL Cybercrime Treaty Signed

On Wednesday 22 February the United States and The Netherlands signed a "declaration of intent" on the cooperation on fighting cybercrime. This event was reported by the press as a treaty. At least that is what all Dutch postings I read wrote, with exception of the official website of the Dutch government. So what was actually signed? Reading the news reports some thoughts struck me. more

The Privacy Party and Leaving Dishes in the Sink

Boy, that was a great party the White House threw yesterday when their new online privacy rights were unwrapped and passed around. Most everyone hefted their shiny new rights, agreed they were nice, and talked about the need for swift adoption. But when the party was done, everyone filed out, turning a blind eye to the post-party cleanup and a sink full of dirty dishes. more

Email and Social Media Accounts Under the Spotlight in UK’s Proposed New ‘Spy’ Plan

It would be reasonable to assume that your employer is archiving your email communications. But what about your personal emails, texts, phone calls and Facebook posts. Are these really private? Not for long, if the UK government has its way. It has been reported that its new anti-terror plan, if passed, would require Internet providers and phone companies to store all online communications by UK citizens for one year. more

Debilitating Cyber Attack: Not If, But When?

We all know how easy it can be to ignore or underestimate the possibly, or even likelihood, of a terrorist attack; just remember what happened on 9-11. That seems to be just what the U.S. is doing when it comes to a possible Cyber-Attack, no not in other countries, but right here at home where targets like private sector companies, who provide vital economic and emergency services to our population using broadband infrastructure, and are woefully under-secured for such attacks. more

How Frequently Do Botnets Reuse IP Addresses?

I wonder how much botnets reuse IP addresses. Do they infect a system and spam, get blocked, discard the IP and move onto the next (new) one? This means that they have a nearly unlimited supply of IP addresses. Or do they infect a system and spam, get blocked, and then let it go dormant only to awaken it some time later? I decided to take a look. more

World Notices That Verisign Said Three Months Ago That They Had a Security Breach Two Years Ago

The trade press is abuzz today with reports about a security breach at Verisign. While a security breach at the company that runs .COM, .NET, and does the mechanical parts of managing the DNS root is interesting, this shouldn't be news, at least, not now. Since Verisign is a public company, they file a financial report called a 10-Q with the SEC every quarter. According to the SEC's web site, Verisign filed their 10-Q for June through September 2011 on October 28th. more

Exporting SOPA-Like Rules to Other Countries

"While SOPA may be dead (for now) in the U.S., lobby groups are likely to intensify their efforts to export SOPA-like rules to other countries," says Michael Geist in a blog post today. Geist writes: "With Bill C-11 back on the legislative agenda at the end of the month, Canada will be a prime target for SOPA style rules. In fact, a close review of the unpublished submissions to the Bill C-32 legislative committee reveals that several groups have laid the groundwork to add SOPA-like rules into Bill C-11 ..." more

2012: The Year of the New gTLD Program and the Year to Support ICANN - Part I

The ICANN new gTLD program began today, 12th January 2012, with the application round now open and this important activity will make 2012 a very memorable year. It is expected that a minimum of 500 fresh applications for new generic Top Level Domains will be received by ICANN through the online TLD Applications System (TAS) by April 12 when the round closes, for processing and evaluation afterwards. This promises to be a hectic and engaging period for new gTLD applicants, and also for ICANN. more

Trademarks Tango in Cyber Ballrooms

The global trademark laws have served the business community well during the last century. But is it possible that with the advent of ICANN gTLD, a new layer of speed and protection would complement the trademark holders to further establish their name identity presence and visibility in the complex marketplace? Although the trademark laws have served the business community very well during the last century, now with the advent of ICANN gTLD platform, it appears that it will provide an additional layer of speedy protection and increase the name identity visibility resulting in market domination via name identity. more

Antispam Law Draws Backlash

I was reading in the Canadian Lawyer Mag that businesses in Canada are now coming to grips with the Canadian Antispam law that was passed last year. Canada's antispam law is much tougher than most jurisdictions. Aside from the penalties of the law, which are steep, what differentiates it the most from the US law is that Canada's law is an opt-in law; marketers who send commercial email must be able to demonstrate that they received consent in writing in order to market to people. As expected, people who are most affected by the law - marketers - are upset about the lack of wriggle room and how it could affect their business. more

The Christmas Goat and IPv6 (Year 2)

Last year the municipality of Gavle asked my company if we could help them load share the streaming pictures of the famous Christmas goat in Gävle. I accepted the invitation and set up a separate domain. My own interest in this was of course to track the usage of IPv6 and validation of DNSSEC from the visitors of the site. more

Greylisting Still Works - Part II

In my last post I blogged about greylisting, a well-known anti-spam technique for rejecting spam sent by botnets. When a mail server receives a an attempt to deliver mail from an IP address that's never sent mail before, it rejects the message with a "soft fail" error which tells the sender to try again later. Real mail senders always retry, badly written spamware often doesn't. I found that even though everyone knows about greylisting, about 2/3 of IPs don't successfully retry. more

White House Issues Cloud Computing Policy Standards

U.S. Office of Management and Budget released a memo today establishing a program to reduce "duplicative efforts, inconsistencies and cost inefficiencies when assessing and authorizing cloud systems." The initiative called, Federal Risk and Authorization Management Program (FedRAMP), is aimed to develop a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services through standardized security requirements and controls. more

U.S. Senate Committee on Commerce, Science, and Transportation Holding Full Hearing on New TLDs

On Thursday, December 8, the U.S. Senate Committee on Commerce, Science and Transportation will host a full committee hearing on "ICANN's Expansion of Top-Level Domains." According to the Committee's website, the hearing will "examine the merits and implications of this new program and ICANN's continuing efforts to address concerns raised by the Internet community." more