The Sins of the Flash

Recent news stories (based on research by Stanford student Feross Aboukhadijeh) state that an Adobe bug made it possible for remote sites to turn on a viewer's camera and microphone. That sounds bad enough, but that's not the really disturbing part. more

Protecting Intellectual Property is Good; Mandatory DNS Filtering is Bad

It has been about six months since I got together with four of my friends from the DNS world and we co-authored a white paper which explains the technical problems with mandated DNS filtering. The legislation we were responding to was S. 968, also called the PROTECT-IP act, which was introduced this year in the U. S. Senate. By all accounts we can expect a similar U. S. House of Representatives bill soon, so we've written a letter to both the House and Senate, renewing and updating our concerns. more

Google Finds Nothing is Shovel Ready, Not Even for Free Fiber Build

Google is deploying fiber at its own expense in Kansas City, Kansas and Kansas City, Missouri to demonstrate the value of one gigabit (a gigabit is a billion bits -- a lot) per second residential Internet connections and perhaps to show at&t and Verizon and the cable companies how the search giant might fight back if its growth is restricted by their restrictions or limitations. ... Whoops. Google just learned the same lesson that President Obama learned in Stimulus 1 more

Censorship, Email and Politics

Spamfiltering blocks email. This is something we all know and understand. For most people, that is everyone who doesn't manage an email server or work in the delivery field or create spamfilters, filtering is a totally unseen process. The only time the average person notices filters is when they break. The breakage could be blocking mail they shouldn't, or not blocking mail they should. more

The Human Factor in DDoS Attacks

Ripped from the headlines: A recent DDoS attack lasted an entire 60 days. In other news, a single site was attacked 218 times in Q2 alone. To those of us in the business of protecting Web infrastructure, these stories are hardly surprising. What's notable, though, is where they were reported, in The Financial, whose focus is banking and financial services, not technology. The reporters used the term "DDoS" as if it were as common as "hedge fund," something everyday business people, not just techies, grasp. It's this human element that caught my interest and got me thinking a little. more

Typosquatting Continues to Pose Dangers to Enterprises, Consumers

While typosquatting is not a new phenomenon, recent research highlights that it is being used to collect sensitive corporate information from employees and lure consumers to interact with dubious websites. ... Security consultancy Godai Group recently uncovered the use of a specific type of typosquat - a "doppelganger domain" - to collect sensitive enterprise information via email-based attacks. more

The US DOJ Rogue Internet Pharmacy Settlement: Implications for Registrars

In the wake of Google's settlement with the Department of Justice for permitting advertising by illegal online pharmacies, what are the legal implications for Domain Name Registrars and ISPs in the US and elsewhere? In short, if you're a Registrar or ISP, it's a new ballgame. Here's why it's critical for you to steer clear of criminal and civil liability by making sure your registration services aren't used by rogue online pharmacy criminals. (And, here's how to do it.) more

India - The Internet’s Next Billion

Everyone seems to be talking about how the big boom is set to happen in India for domain names, and there are significant factors to ensure that this growth happens. The internet spends and E-commerce usage is fast becoming the face of modern India, a part of everyday lifestyle. Although awareness is still the biggest barrier domain name Registrars face with consumers, there are signs of significant improvement in trust, usability and the adoption of web services. more

The Design of the Domain Name System, Part VIII - Names Outside the DNS

In previous installments we've been looking at aspects of the design of the DNS. In today's grand finale we look at the the subtle but very knotty issue of names inside and outside the DNS. In the early years of the DNS, domain names were typically resolved to A records which were used to identify a host running a service. With the notable exception of e-mail, once the host was identified, the name no longer mattered. more

Hacking Away at the Internet’s Security

The front page story of the September 13 2011 issue of the International Herald Tribune said it all: "Iranian activists feel the chill as hacker taps into e-mails." The news story relates how a hacker has "sneaked into the computer systems of a security firm on the outskirts of Amsterdam" and then "created credentials that could allow someone to spy on Internet connections that appeared to be secure." According to this news report this incident punched a hole in an online security mechanism that is trusted by hundreds of millions of Internet users all over the network. more

Inconsistencies in ICANN New TLD Application Fees

In preparation for Monday's Joint Applicant Support (JAS) Working Group call, I spent some time reviewing various documents in connection with what are ICANN's actual costs in reviewing top-level domain name applications. One thing that caught my attention was the following metric in Rod Beckstrom's most recent CEO Monthly One Page Metric Report. more

Who Wrote Those ICANN Papers, Anyway: The European Commission or the Government of Iran?

The most notable thing about the EC Papers on ICANN, which were leaked by Kieren McCarthy last week, is that they are designed to completely subordinate ICANN as an institution. We have not seen such a comprehensive attack by a government on ICANN since the World Summit on the Information Society. One can infer that this is payback for the Board's decision to not treat the EC's views, expressed in its Governmental Advisory Committee (GAC), as binding instructions rather than as nonbinding advice. more

Internet: Government Dominance or Governance?

In an age where the world has gone global in many forms and guises, the political attention is more and more focussed on national, populist issues, that arise from fear for the unknown. I can't deny it: the future undoubtedly contains many uncertainties. This usually comes with a general public that's afraid and in fear of things they cannot oversee. Thus it is easily aroused by a populist leader who feeds on this fear and throws flammable material on the already smouldering fire. In a time where leadership is called for, it seems lacking. The Internet governance discussion demands visionary leadership on a cross border level and it needs it soon. more

Making Internet Faster: Google, OpenDNS and Others Announce Joint Effort

Google, OpenDNS, content delivery networks and other operators have announced a joint effort called "The Global Internet Speedup," to "make the Internet faster". According to the group, this collaboration will be executed via an open IETF proposed standard called "edns-client-subnet" in order to help better direct content to users thereby decreasing latency, decreasing congestion, increasing transfer speeds and helping the Internet to scale faster and further. more

A New Quality gTLD Can Compete with .COM

If you choose a new generic top-level domain (gTLD), will it be able to compete with .com? A recent academic paper indicates that the answer is yes if your new gTLD is of outstanding quality. "How Quality Drives the Rise and Fall of High-Tech Products" by professors Tellus, Yin, and Niraj in the Sloan Management Review provides evidence that new products can beat out established rivals... more