A Cynic’s View of 2015 Security Predictions - Part 4

Lastly, and certainly not the least, part four of my security predictions takes a deeper dive into mobile threats and what companies and consumer can do to protect themselves. If there is one particular threat category that has been repeatedly singled out for the next great wave of threats, it has to be the mobile platform -- in particular, smartphones... The general consensus of prediction was that we're (once again) on the cusp of a pandemic threat. more

FCC Expected to Propose Regulation of Internet as Utility

Sources are reporting that Tom Wheeler, the Federal Communications Commission chairman, is widely expected this week to propose regulating Internet service similar to a public utility -- a move certain to unleash another round of intense debate and lobbying about how to ensure so-called net neutrality, or an open Internet. more

IPv6 Security Myth #3: No IPv6 NAT Means Less Security

We're back again with part 3 in this 10 part series that seeks to bust 10 of the most common IPv6 security myths. Today's myth is a doozy. This is the only myth on our list that I have seen folks raise their voices over. For whatever reason, Network Address Translation (NAT) seems to be a polarizing force in the networking world. It also plays a role in differentiating IPv4 from IPv6. more

Bringing Multistakholderism Home, .US and the Stakeholder Council

2014 will be remembered as the year of the "multistakeholder model" on the Internet. NTIA demonstrated its commitment to bottom-up, multistakeholder Internet governance by committing to complete the transfer of responsibility for various technical functions -- known as the IANA Functions -- to the multistakeholder community. NTIA called on ICANN to convene the community to develop a transition plan to accomplish this goal. more

IPv6 Security Myth #2: IPv6 Has Security Designed In

Today we continue with part 2 of the 10 part series on IPv6 Security Myths by debunking one of the myths I overhear people propagating out loud far too much: That you don't need to worry about security because IPv6 has it built into the protocol. In this post, we'll explore several of the reasons that this is in fact a myth and look at some harsh realities surrounding IPv6 security. more

IANA Transition Planning Proceeding in Fine Internet Style

Hundreds of individuals from across the Internet community have spent countless hours over the last several months crafting plans for the transition of the stewardship of the IANA functions from NTIA to the global multistakeholder community. The fruits of that labor have become highly evident within the past weeks, as two out of three components of the transition plan obtained the consensus of their communities while the third continued its intensive progress. more

Software Insecurity: The Problem with the White House Cybersecurity Proposals

The White House has announced a new proposal to fix cybersecurity. Unfortunately, the positive effects will be minor at best; the real issue is not addressed. This is a serious missed opportunity by the Obama adminstration; it will expend a lot of political capital, to no real effect... The proposals focus on two things: improvements to the Computer Fraud and Abuse Act and provisions intended to encourage information sharing. At most, these will help at the margins; they'll do little to fix the underlying problems. more

Google Unleashes Domain Name Registration Service

Kieren McCarthy reporting in the Register: "Google has launched its new domain-name management system, providing a clean and simple interface that will put it in direct competition with market leader GoDaddy." more

.brands - Nobody Said It Was Easy

I've got enormous respect and admiration for the passionate individuals who are still championing .brands for their organisations in the new Top-Level Domain (TLD) program. I have the pleasure of assisting quite a few of these on a daily basis and I'm sure their experiences aren't isolated with other applicants across the globe. Put yourself in their shoes. Delays, some stupid process called Digital Archery, GAC Advice, names collisions and negative media... more

Time to Spread the Muck, ICANN

"Money is like muck, not good except it be spread", according to English philosopher Francis Bacon. In these times when everyone is busy with the big questions surrounding the IANA transition and ICANN accountability, I thought we could quickly solve some simple questions. One of them is: What should ICANN do with all that money? What money, you might ask? more

NETmundial Initiative Lacks Backing, and ICANN Should Not Lead

A fledgling attempt to create a new global Internet governance clearinghouse has run into trouble as leading business and civil organizations said they are not yet prepared to participate in the NETmundial Initiative (NMI) championed by ICANN President Fadi Chehade. In highlighting that there remain several unanswered questions, the Internet Society (ISOC), Internet Architecture Board (IAB), and International Chamber of Commerce (ICC-BASIS) raised serious concerns... more

NTIA Reveals How It Manages the Root Zone

Kieren McCarthy reporting in the Register: "The US government has posted a step-by-step guide to how it authorizes changes to the internet's root zone -- the heart of the world's domain-name system. The 16-page slide deck published by the Department of Commerce's National Telecommunications and Information Administration (NTIA) sheds light on what has been a contentious and largely secret process for the past 15 years." more

One Year Later: Lessons Learned from the Target Breach

As the autumn leaves fall from naked trees to be trampled or encased in the winter snow, it reminds us of another year quickly gone by. Yet, for organisations that were breached and publicly scrutinised for their security lapses, it's been a long and arduous year. It was about this time last year that the news broke of Target's mega breach. Every news outlet was following the story and drip feeding readers with details, speculation and "expert opinion" on what happened, why it happened and who did it. more

Wait and See Approach on Abuse

Wait and see approach on abuse attracts ICANN Stakeholder attention: A few weeks ago I made a detailed argument as to why product safety applies to domains, just like it does to cars and high chairs. I also argued that good products equal good business or "economically advantaged" in the long run. Then I really made a strong statement, I said if we don't actively engage other Internet stakeholders -- those that interact with our products, we would eventually lose the opportunity to self-regulate. more

Breaking: U.S. Government Funding Bill Delays IANA Transition

On the evening of Tuesday, September 9th, Congressional leaders unveiled a 1,603 page, $1.01 trillion FY 2015 appropriations bill to fund the U.S. government through the end of September 2015. One provision of the omnibus bill would delay the IANA transition until after the September 30, 2015 expiration of the current contract between the NTIA and ICANN. more