Global Payments Breach Confirmation

This morning, Global Payments held a conference call with investors and analysts covering their earlier breach announcement and projected earnings. Global Payments had also released an update advisory yesterday stating that "the company believes that the affected portion of its processing system is confined to North America and less than 1,500,000 card numbers have been exported" and that only Track 2 card data may have been stolen. more

Wither WHOIS!: A New Look At An Old System

No, that title is not a typo. The WHOIS service and the underlying protocol are a relic of another Internet age and need to be replaced. At the recent ICANN 43 conference in Costa Rica, WHOIS was on just about every meeting agenda because of two reasons. First, the Security and Stability Advisory Committee put out SAC 051 which called for a replacement WHOIS protocol and at ICANN 43, there was a panel discussion on such a replacement. The second reason was the draft report from the WHOIS Policy Review Team. more

There Are at Least 10 Million DNS Resolvers on the Internet Today

In a blog post on the ICANN website, Joe Abley writes: "Resolvers are servers on the Internet which use the Domain Name System (DNS) protocol to retrieve information from authoritative servers and return answers to end-user applications... So, all in all, how many resolvers are there? Given that anybody can run one, it seems like a difficult thing to measure. It turns out, however, that all resolvers that talk directly to authoritative servers on the Internet leave a trail, and with a little data crunching we can come up with a number." more

Conflict of Interest Mingled Into ICANN’s DNA, Says Insider

"ICANN ethical conflicts are worse than they seem," says Beau Brendler, chairman of the North American Internet user advisory committee to ICANN (NARALO), in an op-ed post published today. Brendler writes: "Whatever might be said about outgoing ICANN CEO Rod Beckstrom, Internet users worldwide should be thanking him. Last week in Costa Rica, at the organization's 43rd meeting, Beckstrom blew a harsh blast of cold Arctic reality into the room about the board's conflicts of interest. more

Slippery Territory: IOC and Red Cross in the New gTLD Program

We know from life: There is no rule without exception. The problem is, exceptions create space for interpretations and have the risk to undermine the rule. Take Article 19 of the International Covenant on Political and Civil Rights from 1966. Article 19, paragraphs 1 and 2 define the individual right to freedom of expression. Paragraph 3 adds some exceptions where this right can be restricted to protect, inter alia, national security and public order. This is an understandable justification for a restriction, but it opens the door for misuse... more

Internet Accounting for 4.7% of U.S. Economy

The Internet is contributing more to the American economy than the entire federal government, according to a new study by the Boston Consulting Group. The Internet accounted for $684 billion, or 4.7% of all U.S. economic activity in 2010, according to latest report released by Boston Consulting Group. more

Growth in IPv6-Capable DNS Infrastructure

In our last post on CircleID we showed encouraging growth in the number of IPv6-enabled networks. But announcing an IPv6 prefix is only one of the first steps a network operator should take when deploying IPv6. For a full IPv6 deployment, IPv6 needs to be enabled on network infrastructure and made available to end users. One key piece of infrastructure for which we can measure IPv6 capabilities are DNS resolvers. more

News International Caught Deleting Email Evidence

Knowing how long to store your company email can be confusing. For some industries and public companies there are laws dictating how long emails should be kept, but for other companies it is more discretionary. A document retention policy can help with this. Deciding which emails to keep and for how long - and then most importantly, sticking to your policy - will be looked on more favourably should you find yourself justifying missing email evidence to a judge. more

All Quiet on the Virtual Front: Why Domain Investors’ Fear of the Feds is Irrational

When a sniper ends the life of soldier Paul Bäumer in Remarque's "All Quiet on the Western Front," a laconic situation report from the frontlines recounts an unusually quiet day. In the grand scheme of things, nothing worth reporting has happened. Reading David Kravets' recent article in Wired brought this upsetting ending to mind. U.S. authorities taking down individual domains based on copyright infringement charges is the online equivalent of Remarque's allied snipers: picking off the occasional domain - for better or worse - has little effect on the overall situation. more

Good Study by UCSD on Economic Realities of Spam and Profit Motives

I recently had a chance to read a report titled, "Show Me the Money: Characterizing Spam-advertised Revenue" produced as a joint effort from the University of California, San Diego (UCSD), International Computer Science Institute, and UC Berkeley by Chris Kanich, Nicholas Weaver, Damon McCoy, Tristan Halvorson, Christian Kreibich, Kirill Levchenko, Vern Paxson, Geoffrey M. Voelker and Stefan Savage. I also had a chance to hear Chris Kanich speak about the topic - Show Me The Money! This post contains my notes with some photos taken from that report. more

The Top 3 Emerging Threats on the Internet

Last week at RSA, Bruce Schneier gave a talk on the top 3 emerging threats on the Internet. Whereas we in the security field usually talk about spam, malware and cyber crime, he talked about three meta-trends that all have the potential to be more dangerous than the cybercriminals. Here are my notes. more

Nominet to Apply for .Wales and .Cymru Top-Level Domains

In the run up to the launch of new TLDs there were a lot of rumours about which organisations would apply for which strings. Detractors might pick holes in the entire project, but it's very hard to argue against the merits of new TLDs specifically in the context of cultural linguistic communities that fall outside the realm of ccTLDs (country code top level domains). The case of Catalonia and .cat is probably the best one and has been vaunted as the poster child for new TLDs in some circles. more

Feds Ask for DNSChanger Deadline Extension As Millions of PCs Could Be Cut Off from the Web

Brian Krebs reporting in Krebs on Security: "Millions of computers infected with the stealthy and tenacious DNSChanger Trojan may be spared a planned disconnection from the Internet early next month if a New York court approves a new request by the U.S. government. Meanwhile, six men accused of managing and profiting from the huge collection of hacked PCs are expected to soon be extradited from their native Estonia to face charges in the United States." more

Spectrum Crisis: Wireless Auctions Preferred Method

Talk, conjecture and analysis have predicted a wireless spectrum crisis for years. The official word seems to project a culmination of dropped calls, slow loading of data, downright network access denials as impending by 2015. If so, then we should look at the current argument about how that additional spectrum can be disseminated to wireless carriers in a fair and balanced fashion. more

MegaBust’s MegaQuestions Cloud the Net’s Future

Mid-January 2012 marked a major inflection point for digital copyright policy in the United States... Yet no one involved with Congressional interaction on either side of the issue believes it has been sidetracked for long, and "Hollywood" and "Silicon Valley" are both plotting their next moves in this high-stakes game to further define the responsibilities and potential liabilities... The resolution of this dispute will determine the ability of Internet services to move to "the cloud"... more