Lessons Behind the Microsoft 3322.org Takedown

The Microsoft action against 3322.org, a Chinese company, started with the news that computers were infected during the production phase. Stepping away from the controversy surrounding the approach, there are important lessons that cyber security officials and upper management, deciding on the level of and budget for cyber security in organisations should learn and take into account. I'm writing this contribution from a premise: China uses the fact that most IT devices are built in China to its advantage. Allow me to start with an account from personal memory to set the stage. more

Report On National Online Cybercrime and Online Threats Reporting Centres

Today I released a report on 'National cyber crime and online threats reporting centres. A study into national and international cooperation'. Mitigating online threats and the subsequent enforcing of violations of laws often involves many different organisations and countries. Many countries are presently engaged in erecting national centres aimed at reporting cyber crime, spam or botnet mitigation. more

Calling Africa: ICANN’s New Approach to Africa Is a Welcome and Significant Opportunity

The announcement last month of a new approach by the Internet Corporation for Assigned Names and Numbers (ICANN) to Africa is welcome, and significant for a number of reasons. Africa must participate in ICANN's activities to help shape its policies, and benefit from the domain name industry (estimated at $2 billion in 2008), where it lags behind other regions, given the few African registrars, and that there are no generic top-level domain names (gTLDs) registries that are African. more

Is It Time for a Breakthrough in Securing Cyberspace?

This year in July gen. Keith Alexander, director of the National Security Agency and head of the US Cyber Command participated at DefCon, the hackers conference in Las Vegas. In his address, gen. Alexander said, among other things, "This is the world's best cybersecurity community. In this room right here is the talent our nation needs to secure cyberspace."... As someone, who is regularly meeting the top Russian cyber folks, I already know (unofficially, of course) how the words of gen. Alexander were met in Moscow. more

Why Saving the NomCom Means Saving ICANN Itself

ICANN's 2012 Nominating Committee (NomCom) selections are out. After a yearlong process, the NomCom has selected new members for the ICANN Board (3 seats), the GNSO and ccNSO Councils (1 seat each) and ALAC (2 positions). For those unfamiliar with it, the NomCom is in theory independent of other ICANN bodies such as the Board and exists to help fill leadership positions on them. more

Problems With Defining Jurisdiction on the Internet

The term "jurisdiction" has various definitions in law, but for our purposes here we can say it is the power of some legal body to exercise its authority over a person or subject matter or territory. In the Internet today, it is territory that gives rise to many major issues. As in real estate, what matters in jurisdiction is "location, location, location". When the Internet and trademark rights began to intersect, it quickly became apparent that traditional concepts of the jurisdiction of courts and legislatures would be seriously strained by situations where a registrant in one country could use a registrar in a second country to register a domain name in yet a third country. more

Metrics of Major Standards Bodies

In a recent CircleID posting related to the ITU-T, the demise of that body over the years and the underlying causes were described. Among other questions, it raises the question of where has the industry technical collaborative activity gone. The short answer is just about everywhere else. This was exemplified by a recently compiled spreadsheet of some 200 different cloud forums prepared by the ITU-T's own cloud coordination group. more

“Do’s and Don’ts”: Commenting on New gTLD Applications

regarding the new gTLD applications and, unfortunately, I have been largely disappointed with the substance of most of them. Too many of the earliest comments express concern over the possibility of having more adult-related extensions. Okay, we hear you... Also, with all due respect to the supporters of Dadotart's application, I appreciate the display of loyalty to this particular applicant but if I have to read another comment from an "impassioned supporter" of the .ART application, I will bang my head on my desk. more

Google Fiber: Technology Innovation Or Revenue Assurance?

Google's announcement of its 'Fiberhoods' throughout Kansas City is yet another example of the thought leadership and innovation being brought forward by the popular advertising company. But what does this move say about the state of Internet access in America? more

IPv6: Don’t Forget About Your Switches!

When preparing a network for IPv6, I often hear network administrators say that their switches are agnostic and that there is no need to worry about them. Not so fast. Yes, LAN switches function mainly at layer 2 by forwarding Ethernet frames regardless of whether the packet inside is IPv4 or IPv6 (or even something else!) However, there are some functions on a switch that operate at layer 3 or higher. more

ITU’s Landmark Decisions

The ITU, through its Council acting as the executive body of the Member States, made a "landmark decision" to make available to the public "the main [WCIT] conference preparatory document" and to establish a publicly accessible page "where all stakeholders can express their opinions" on the preparatory document or other WCIT-related matters. more

The RIRs in a Post-IPv4 world: Is the End of IP Address Policy Making Nigh?

IANA's IPv4 pool was officially exhausted in early 2011; Regional Internet Registries (RIRs) are gradually eating through their remaining IPv4 reserves and, although there will always be a trickle of recycled IPv4 addresses coming through as businesses go bust or ISPs move entirely to IPv6, the bulk of RIR IPv4 activity in future will be maintenance of existing allocation records... While IPv6 is definitely the way of the future for the Internet, the sheer size of the IPv6 address pool, combined with simplified allocation policies that have deliberately reduced barriers to entry, means there are very few organizations that can't get IPv6 directly from the RIRs these days. more

Silly Bing

Bing is Microsoft's newish search engine, whose name I am reliably informed stands for Bing Is Not Google. A couple of months ago, as an experiment, I put up a one page link farm at wild.web.sp.am. As should be apparent after about three seconds of clicking on the links there, each page has links to 12 other pages, with the page's host name made of three names, like http://aaron.louise.celia.web.sp.am. The pages are generated by a small perl script and a database of a thousand first names. more

Google’s Secret Strategy With the Kansas City Fiber Project

I have long been perplexed at how Google plans to make a profit with their Kansas City Fiber project. Originally the project was touted as an altruistic move by Google to really understand the underlying costs of deploying fiber in a large municipality. But as anyone who has been in the trenches can tell you, it is not the technology that determines the cost of a fiber deployment, but the tyranny of the take-up. more

ICANN Shows Safe Decisions Aren’t Always the Right Decisions

When ICANN selected Deloitte and IBM to provide technical database administration services for a key part of its new gTLD program, it became quickly clear that the choice was not made on whose proposals scored highest, but rather it was based on which partner presented the least perceived business risk but at a much higher than necessary cost. I know this because I wrote a response to the original RFP and as a result am pretty familiar with what the original specification required. more