Orange Bowl ICANN UDRP Case Explores Fair Use

The resale of genuine products presents particular difficulties in domain name disputes, testing the application of fair use doctrine. Several domain name disputes involving the resale of event tickets illustrate the point. I served as a panelist in one such case The Orange Bowl Committee, Inc. v. Front and Center Tickets, Inc., D2004-0947 (WIPO 2005). The decision, which issued with a dissent, explored fair use in the domain name context and addressed several related ticket resale disputes. more

Mozilla Implements TLD Whitelist for Firefox in Response to IDN Homographs Spoofing

Mozilla Foundation has announced changes to Firefox concerning Internationalized Domain Names (IDN) to deal with homograph spoofing attacks. According to the organization, "Mozilla Foundation products now only display IDNs in a whitelist of TLDs, which have policies stating what characters are permitted, and procedures for making sure that no homographic domains are registered to two different entities." Following is a statement explaining the current status of the Mozilla changes to Firefox regarding IDN... more

The Power of Google

The other night I was chatting with my wife about things and I mentioned a TV show that I saw back in the 1980's about a home-brew nuclear device in which the bomb-squad person who cuts the cliche red or green wire makes the wrong choice. So I went to Google to find the movie. I had a hard time finding it. (I eventually did - it was the 1983 show Special Bulletin.) But along the way I more than once wondered whether my memory was playing games on me. The meta-thought that came about was this... more

Working Group on Internet Governance Releases Report

The Working Group of Internet Governance has released its final report [PDF]. As I wrote this week in my Law Bytes column, the report comes on the heels of the U.S. statement that it has no intention of surrendering control of root zone file. The WGIG report developed a working definition of Internet governance that states: "Internet governance is the development and application by Governments, the private sector and civil society, in their respective roles, of shared principles, norms, rules, decision-making procedures, and programmes that shape the evolution and use of the Internet."... more

Signposts in Cyberspace: An NRC Report on the DNS and Internet Navigation

In light of the recent decision by the United States government to "maintain its historic role in authorizing changes or modifications to the authoritative root zone file" and ICANN's recent decisions to add more gTLDs (including .xxx), and to renew VeriSign as the .net registry, readers may be interested in the just-published report of the National Research Council's Computer Science and Telecommunications Board, Signposts in Cyberspace: The Domain Name System and Internet Navigation. ...a comprehensive policy-oriented examination of the Domain Name System in the broader context of Internet navigation. more

Live Nude Domain Names

ICANN announced recently that it has begun negotiations with an applicant for another 'sponsored' (non-open) top level domain, .XXX. There has been a fair amount of coverage, for and against. My initial reaction is (with the proviso that the public information to assess these things is always insufficient): .XXX seems plausible for what it is but it isn't what many probably think it is. ...that's the key to understanding this. This TLD is intended to be a trade association and is not a form of regulation. more

ICANN Approves New Domain for Adult Sites

The Board of Directors of the Internet Corporation for Assigned Names and Numbers (ICANN) has determined that the proposal for a new top level domain submitted by ICM Registry, Inc. has met the criteria established by ICANN. Accordingly, ICM Registry will now move forward into technical and commercial contractual negotiations with ICANN to generate a voluntary .xxx top-level domain (TLD). more

Crack the Code: That’s a Direct Challenge

I had quite an interesting experience recently. I was hired by a company to perform a vulnerability assessment and penetration test on their network. During the initial meeting, one of the key technical staff presented me with a challenge; He handed over the NTLM hash of the domain Administrator account and challenged me to decipher it. He explained that the complexity and length of the password would prevent me from deciphering it during the time allotted for the project. He was actually quite confident in my impending failure... more

Identity Theft: Giving Away Your Personal Information

Identity theft is apparently the "in thing" these days. By media accounts, hackers and evildoers lurk everywhere trying to steal your personal information. In the past few months, one company after another is being forced to admit customer data has been lost or stolen. In many cases, they have them come forth repeatedly over the next few weeks, or even months revising the estimated number of impacted customers. To date, I don't think any have ever lowered those numbers. ...Let's consider two events that didn't make the front page of C|Net or CNN.  more

Morgan Freeman Wins Transfer of morganfreeman.com from Cybersquatter

Perhaps Morgan Freeman never learned about the high profile domain name disputes involving celebrity names (e.g., Madonna, Bruce Springsteen and Julia Roberts), because he didn't register morganfreeman.com before it was snatched up by Mighty LLC in April 2003. After learning about Mighty LLC's (no stranger to domain name disputes) cybersquatting, Freeman filed a complaint before a WIPO arbitration panel under the Uniform Domain Name Dispute Resolution Policy... more

Road Warrior at Risk: The Dangers of Ad-Hoc Wireless Networking

Most people who have wireless Ethernet at home, or the office, connect to the wireless network by attaching to a wireless Access Point, or AP. This method of wireless networking is called "Infrastructure Mode". If you have a secure wireless network configured in "Infrastructure Mode" you are using MAC address filtering, some level of encryption, and have made some additional changes to your AP in order to prevent just anyone from using it or capturing data. ...However, for those who are not using "Infrastructure Mode", and are configured to communicate from machine to machine, or "Ad-Hoc", there are a few things you should be aware of. more

Protecting Brands from Phishers No Easy Task

Just in case you've been out of the country for the last 12 months, a new scourge is hitting the Internet and the world of email and it's called phishing. The Anti-Phishing Working Group defines phishing as identity theft "attacks using 'spoofed' e-mails and fraudulent Websites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords..." According to various experts, the incidents of phishing are rising at an alarming rate: there were 13,000 unique phishing attacks in January alone - that's a 42 percent surge over the previous month. The real problem is that phishing works. more

Innovation in DNS Business

One thing that amazed me about the ICANN community is the creativeness in finding new business models. I am not even talking about new technology like Internationalized Domain Names (IDN), the number of business models created from the vanilla DNS (actually just .com) are just mind boggling. ICANN was formed in 1999 and introduced the concept of registries and registrars model to the DNS business. With that, we witness the rise of register.com, an IPO darling in the dotcom days, in the early 2000s and subsequently overtaken by the ultra-cheap high-volume reseller model of GoDaddy. We also see new registries like .info and .biz and several others that didn't do so well. There are also after-market (aka ebay) for domain names like afternic and registry outsourcing, DNS hosting, Dynamic DNS etc. That's about what most outsiders know of DNS business models, mostly revolved around the registry-registrar-reseller model. But there are really more and I shall discuss two not-so-well-known but interesting models below. more

URLs: Ontologically Speaking

I was reading David Weinberger's reports on how the New York Times is planning on tackling its "link rot" problem where articles slip behind the pay-wall. Part of their solution appears to be to replace articles with their summaries. As usual, this got me thinking about telephony. Why don't phone calls and callers have URIs or URLs? ...Let's take addressing the endpoints first. Obviously, ENUM is one way of "Internetising" the phone number address space. more

Internet Governance: Analogue Solutions to Digital Problems

This is an overview of the booklet, "Internet Governance: Issues, Actors and Divides," recently published by DiploFoundation and the Global Knowledge Partnership. "Internet Governance is not a simple subject. Although it deals with a major symbol of the DIGITAL world, it cannot be handled with a digital - binary logic of true/false and good/bad. Instead, the subject's many subtleties and shades of meaning and perception require an ANALOGUE approach, covering a continuum of options and compromises." Update: This article was reposted with additional information and a new title. more