Picking Domain Names by Search Results

There is a definite advantage to knowing what users look for when typing in domain names that they think should work. This article from Government Computer News shows an excellent example in .gov. "600,000 visitors a year to FirstGov try to find the federal government's Web site by typing USA.gov into their browser", so they switched from firstgov.gov to usa.gov. It wasn't mentioned in the article, but firstgov.gov redirects automatically; this is more intelligence than I normally expect from US government web sites. more

Web Server Botnets and Server Farms as Attack Platforms

Are file inclusion vulnerabilitiess equivalent to remote code execution? Are servers (both Linux and Windows) now the lower hanging fruit rather than desktop systems? In the February edition of the Virus Bulletin magazine, we (Kfir Damari, Noam Rathaus and Gadi Evron (me) of Beyond Security) wrote an article on cross platform web server malware and their massive use as botnets, spam bots and generally as attack platforms. Web security papers deal mostly with secure coding and application security. In this paper we describe how these are taken to the next level with live attacks and operational problems service providers deal with daily. more

Trench Warfare in the Age of The Laser-Guided Missile

The historical development of spam fighting is allowing computer-aware criminals to take the upper hand in the fight against what has now evolved into a completely technologically and organizationally merged threat to public safety. If we do not change our strategic approach immediately, the battle, indeed even the war may be all but lost... Of late, much has been said in the popular and computer press about a vector that is annoying, but hardly critical in nature: 'Image spam'. Spammers have jumped on the new technology of 'image-only' payloads, which morph one pixel per message, rendering them unique, and traditional check-sum blocking strategies ineffective... Fortunately this fraudulent stock-touting scheme leaves a paper trail that has allowed for some successful prosecutions in the latter half of the year. Stock spamming, while popular at present time is likely to decline as legal actions increase... more

Europeans Moderate GAC Principles, But…

A U.S.-led Task Force in ICANN's Governmental Advisory Committee (GAC) released version 3 of its "Whois Principles" in preparation for the ICANN meeting in Brazil, where it will be debated and finalized. European countries pushed back against U.S. Government efforts to stop ICANN from respecting privacy concerns in its handling of domain name registrant contact data... more

ISOC-NY Panel: The Future of WHOIS Policy (Webcast)

The Metropolitan NY Chapter of the Internet Society continued its popular series of public events at the Jefferson Market library in Greenwich Village with a panel discussion on WHOIS policy, moderated by Danny Younger. This is a contentious issue, involving tradeoffs between privacy, anonymity, and accountability. more

JPA Agreement: Will it Change the Problems With the UDRP?

It was rather interesting to read this new agreement between the USDoC and ICANN talking about the mechanisms, methods and procedures necessary to effect the transition of Internet domain name and addressing system (DNS) to the private sector. What was more interesting though was to read in this very agreement the following: "...the Department continues to support the work of ICANN as the coordinator for the technical functions related to the management of the Internet DNS". OK, let's be honest! Technical? more

The GNSO Review

The London School of Economics review of the GNSO was recently released by ICANN. ...The review is refreshing. But first, a pause: Do you know what the GNSO is or what it does? Do ICANN's processes seem difficult to understand? I bet (unless you've been going to ICANN meetings) you don't know much about this. And the focus of the report on the impenetrability of ICANN's work is refreshing and very useful. more

Making DKIM More Useful with Domain Assurance Email

The IETF DKIM working group has been making considerable progress, and now has a close-to-final draft. DKIM will let domains sign their mail so if you get a message from fred@furble.net, the furble.net mail system can sign it so you can be sure it really truly is from furble.net. But unless you already happen to be familiar with furble.net, this doesn't give you any help deciding whether you want the message. This is where the new Domain Assurance Council (DAC) comes in... more

VeriSign Director Charged with Securities Fraud

Bloomberg is reporting that Gregory Reyes is facing criminal and civil charges in relation to securities fraud. Reuters and the Mercury News also have coverage. "Former Brocade Communications Systems Inc. Chief Executive Officer Gregory Reyes became the first CEO charged in the U.S. probe of the backdating of stock option grants to create lucrative employee pay packages." more

Phishing Moving to the Web Channel

Today we received one of the first phish attempts to be made as a web spam (comment spam/blog spam) attempt. I wasn't convinced, and thought that perhaps it was a way to gather and verify RELEVANT online identities. Someone put me straight. It's phishing. I've often in the past had run-ins with the good folks in the anti virus realm back between 1996 and 2005 who thought Trojan horses and then spyware were not part of their business. Years later the AV business people ruled it is part of their business and ran to catch up. Same with botnets. more

Another Day in Court for CFIT vs. VeriSign and ICANN

The CFIT vs. VeriSign et. al. lawsuit had another day in court today. ...The key point coming out of a hearing today (Friday, June 09, 2006) in front of U.S. District Court Judge Ronald Whyte in San Jose, California is that the arguments made by CFIT against the .com deal between ICANN and VeriSign will continue. ...There was one moment of some drama. After lawyers for VeriSign and ICANN both argued that the 7 percent price increases without the need for justification would not be a violation of anti-trust law, Judge Whyte asked the lawyer for ICANN if it would be an anti-trust violation if VeriSign had been granted an annual 100 percent increase. The lawyer said, "no." Other lawyers for other matters sitting in the audience seemed to shift uneasily... more

How Much Money Do Spammers Make?

News reports say that high profile Ryan Pitylak was fined $10 million by the Texas Attorney General. A few days ago, he paid a $1M settlement to Microsoft. Since it had been widely reported that he'd made between $3M and $4M during his spamming career, that seemed like a pretty good deal for him. As I commented to the San Antonio Express, this new fine is more in line with what he did, and at least relieves him of all his ill-gotten gains... more

Royal Cat Loses ICANN UDRP Action

This is serious. I'm not joking. You can look it up. Morgan Stanley brought a UDRP action involving the domain name 'mymorganstaleyplatinum.com' against a registrant identified as "Meow ("Respondent"), Baroness Penelope Cat of Nash DCB, Ashbed Barn, Boraston Track, Tenbury Wells, Worcestershire WR15 8LQ, GB." The decision summarizes the response... more

Jefferson Rebuffed: The United States and the Future of Internet Governance

A paper by Viktor Mayer-Schoenberger and Malte Ziewitz was recently published at John F. Kennedy School of Government, Harvard University titled, "Jefferson Rebuffed: The United States and the Future of Internet Governance". The following excerpt provides an overview of the paper: "Over the last several years, many have called for an internationalization of Internet governance in general, and Internet naming and numbering in particular. The multi-year WSIS process that culminated in November 2005 was intended to create momentum in such direction. The United States has long resisted such internationalization, fearing in particular the growing influence of China and similar nations..." more

Black Frog: Next Generation Botnet, No Generation Spam Fighting

Black Frog -- a new effort to continue the SO-CALLED Blue Security fight against spammers. A botnet, a crime, a stupid idea that I wish would have worked -- News items on Black Frog. Blue Frog by Blue Security was a good effort. Why? Because they wanted to "get spammers back". They withstood tremendous DDoS attacks and abuse reports, getting kicked from ISP after ISP. ...The road to hell is filled with good intentions. Theirs was golden, but they got to hell, quite literally, non-the-less. ...When Blue Security went down, some of us made a bet as to when two bored guys sitting and planning their millions in some café would show up, with Blue Security's business plan minus the DDoS factor. Well -- they just did. more