China Tightens Internet Control in the Name of Fighting Porn, Piracy, and Cybercrime

As the year draws to a close, China's blocking of overseas websites - including Facebook, Twitter, and thousands of other websites including my blog - is more extensive and technically more sophisticated than ever. Controls over domestic content have also been tightening. People who work for Chinese Internet companies continue to complain that they remain under heavy pressure... more

The Real Face of Cyberwar?

Anyone who reads the papers sees stories -- or hype -- about cyberwarfare. Can it happen? Has it already happened, in Estonia or Georgia? There has even been a Rand Corporation study on cyberwarfare and cyberdeterrence. I wonder, though, if real cyberwarfare might be more subtle -- perhaps a "cyber cold war"? more

.google Before Christmas

I'm a real fan of the Google Masterplan since its publication in 2005. After the introduction of its own global DNS I thought it might be a good idea to have a second look on the G-Masterplan. What I found is astonishing and shows the steps to .google. more

Just Make It Stop

In a recent discussion among mail system managers, we learned that one of the large spam filter providers now has an option to reject all mail from ESPs (e-mail service providers, outsourced bulk mailers) regardless of opt-in, opt-out, spam complaints, or anything else, just block it all. Some of the ESPs wondered what would drive people to do that... more

Opposition Mounts in Europe to Three-Strikes Proposals

Multiple reports today indicate that opposition is growing in Europe to plans for three-strikes policies that could lead to the termination of Internet access for some subscribers. In the U.K., protests are mounting over those plans in the recently introduced Digital Economy Bill. The BBC reports that thousands of people have signed a petition urging the government to reconsider its approach, while the Open Rights Group says it has seen a big spike in membership. more

Maybe Email IS Dead - Part of It, Anyway

I tend to chuckle at every new proclamation that email is dead. Google Wave won't kill it. Twitter and Facebook aren't killing it; they're using it. RSS didn't kill it. Instant messaging didn't kill it. "Push media" (remember that?) didn't kill it. AOL and Compuserve and Prodigy didn't kill it; they joined it. And before that, usenet and email lived happily side-by-side. more

Informal Working Group Publish Report On New TLDs

In an interesting move several members of the ICANN community formed an "informal" Working Group to discuss the concept of "expressions of interest" in new Top-Level Domains (TLDs). This all happened very quickly, which is more or less the opposite to how most ICANN related activities progress. ...The report, which runs to about 11 pages, is concise and seems to have covered most of the areas of interest. more

Fraudsters Using Bogus and Legitimate Recruitment Sites to Con Job-Hunters Into Laundering Money

Reported today on BBC: "Police chiefs are urging people looking for work during the recession to be alert to online scams that trick them into laundering money. The Serious Organised Crime Agency (Soca) says websites are currently being used to recruit 'money mules'. The 'mules are ordinary people who send and receive payments through their bank accounts to facilitate business." Neil Schwartzman has also informed us of a related report by RSA FraudAction Research Lab based on several months of tracking various reshipping scams engineered by online fraudsters. more

China: Is It Our Cyber Defense Red Herring?

There are thousands of articles perpetuating the claim that China is out to get us on the Internet. And yet, all these discussions are begging the question, is it China attacking? Also, are they even the "usual suspects"?
While I can point to real facts of China making active use of information warfare, cyber warfare, or whatever else you choose to call it (such as the release of 0 days being patched by Microsoft and originally reported by the Taiwanese government, search Microsoft's site), I can also point to Germany (intelligence Trojan horse), the US (The Farewell Dossier) and other countries such as North Korea (without much detail, so questioned)... more

Privacy Policies in the Real World

This weekend we took the car in for service. Instead of dropping it off at the dealership, we found a small, local garage. Prominently positioned on the counter was their Email Privacy Policy... If a little garage can provide such an understandable and readable privacy policy, how is it that so many email and internet experts fail to do the same? more

Study on Improving Internet Usability: A Framework for Domain Name Policy Evaluation

A domain name is a unique alphanumeric designation that facilitates reference to sets of numbers which actually locate a particular computer on the Internet. Domain names are a fundamental part of the Internet's user interface. Improving the usability of the Internet depends upon effective domain name policy. This study is intended to contribute to improvement in Internet usability for the end users of domain names. Benefits of more usable domain names include: higher sales, customer satisfaction and productivity, and reduced support costs. more

The Story of Conficker and the Industry Response

On November 2, 2009, Microsoft released its seventh edition of the Security and Intelligence Report (SIR). The SIR provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Using data derived from hundreds of millions of Windows computers, and some of the busiest online services on the Internet, this report also provides a detailed analysis of the threat landscape and the changing face of threats and countermeasures and includes updated data on privacy and breach notifications. The following is an excerpt from the SIR, pp 29-32, about the Conficker worm and the industry response that showed an incredible amount of collaboration across vendors. more

The Role of a Cybersecurity Czar

For years now, there have been calls for a high-level cybersecurity official, preferably reporting directly to the president. This has never happened. Indeed, there is a lot of unhappiness in some circles that President Obama has not appointed anyone as "czar" (or czarina), despite the early fanfare about the 60-day cybersecurity review. There are many reasons why nothing has happened... more

A Case for Dot-Outlet TLD

This post outlines the correct use of an outlet strategy, points out the value of such a strategy, and the advantages of executing the strategy through a new ICANN top-level domain (TLD) instead of a second-level domain name. Some companies need to signal a brand name with low prices and quality/utility, whether the strategy is for a primary or secondary corporate brand. A successful strategy has to explicitly include lower price and quality. Otherwise, with only a lower price, a brand owner would cannibalize the main brand and cause damage to brand equity. more

The New ICANN Emerges in Seoul

With the loud crashing of a traditional drum ceremony and an impromptu electric guitar performance by a young Korean whose rendition of Pachabel has been downloaded sixty million times on YouTube, the 36th meeting of ICANN was kicked off this morning (Korean time) by new CEO Rod Beckstrom and his fellow Directors and assembled one thousand or so participants. ICANN has always been about change, but the atmosphere in Seoul this week is charged with a sense of new challenges and new opportunities. more