Exploiting the Firewall Beachhead: A History of Backdoors Into Critical Infrastructure

There is no network security technology more ubiquitous than the firewall. With nearly three decades of deployment history and a growing myriad of corporate and industrial compliance policies mandating its use, no matter how irrelevant you may think a firewall is in preventing today's spectrum of cyber threats, any breached corporation found without the technology can expect to be hung, drawn, and quartered by both shareholders and industry experts alike. more

Increasing the Strength of the Zone Signing Key for the Root Zone, Part 2

A few months ago I published a blog post about Verisign's plans to increase the strength of the Zone Signing Key (ZSK) for the root zone. I'm pleased to provide this update that we have started the process to pre-publish a 2048-bit ZSK in the root zone for the first time on Sept. 20. Following that, we will publish root zones with the larger key on Oct. 1, 2016. more

Making the Most of the Cloud: Four Top Tips

Cloud computing is on the rise. International Data Corp. predicts a $195 billion future for public cloud services in just four years. That total is for worldwide spending in 2020 - more than twice the projection for 2016 spending ($96.5 billion). As a result, companies are flocking to both large-scale and niche providers to empower cloud adoption and increase IT efficacy. The problem? Without proper management and oversight, cloud solutions can end up underperforming, hampering IT growth or limiting ROI. more

The Great Telco Quality Transformation

The telecoms industry has two fundamental issues whose resolution is a multi-decade business and technology transformation effort. This re-engineering programme turns the current "quantities with quality" model into a "quantities of quality" one. Those who prosper will have to overcome a powerfully entrenched incumbent "bandwidth" paradigm, whereby incentives are initially strongly against investing in the inevitable and irresistible future. more

SEO and New dot Brand gTLDs

According to a recent study carried out by Custora in the USA, search engines -- paid and organic -- represent close to 50% of e-commerce orders, compared to 20% for direct entry. A dot brand domain has the potential to boost direct entry, as it can be more memorable than traditional domains. Can dot brand domains also be part of a consistent search engine strategy? more

US Senators in Letter to Yahoo Say Late Hack Disclosure “Unacceptable”

"A group of Democratic U.S. senators on Tuesday demanded Yahoo Inc (YHOO.O) to explain why hackers' theft of user information for half a billion accounts two years ago only came to light last week and lambasted its handling of the breach as "unacceptable," reports Dustin Volz from Washington in Reuters. more

What Trump and Clinton Said About Cybersecurity in the First US Presidential Debate

The Internet and tech got very little mention last night during the first of three presidential debatest. The only notable exception was cybersecurity where moderator Lester Holt asked: "Our institutions are under cyber attack, and our secrets are being stolen. So my question is, who's behind it? And how do we fight it?" The following are the responses provided to the question by the two candidates. more

IANA Transition Must Move Forward, Says Google Senior VP and General Counsel

"Preserving a Free and Open Internet," is the title of a post published today by Kent Walker, Google's SVP and General Counsel. more

Filing Cybersquatting Complaints With No Actionable Claims

I noted in last week's essay three kinds of cybersquatting complaints typically filed under ICANN'S Uniform Domain Name Dispute Resolution Policy (UDRP). The third (utterly meritless) kind are also filed in federal court under the Anticybersquatting Consumer Protection Act (ACPA). While sanctions for reverse domain name hijacking are available in both regimes, the UDRP's is toothless and the ACPA's a potent remedy. more

Observation from Seminar on IANA Function Stewardship Transition Held by CAICT

On August 16 of 2016, the US Government announced its intention to transit the stewardship of the Internet Assigned Numbers Authority (IANA) function to the multistakeholder community upon the expiration of the IANA function Contract as of October 1 of 2016, barring any significant impediment... This announcement attracts the close attention of Internet community around the world and also in China. more

IP Address Information Misused by Authorities Says EFF, Not Enough to Justify Police Raids

"Law Enforcement, Courts Need to Better Understand IP Addresses, Stop Misuse," says EFF in whitepaper released on Thursday. more

Benefits and Challenges of Multiple Domain Names in a Single UDRP Complaint

How many domain names can be included in a single complaint under the Uniform Domain Name Dispute Resolution Policy (UDRP)? Neither the UDRP policy nor its corresponding rules directly address this issue, although the rules state that a "complaint may relate to more than one domain name, provided that the domain names are registered by the same domain-name holder." more

Cybersecurity Regime for Satellites and other Space Assets Urgently Required, Warn Researchers

"A radical review of cybersecurity in space is needed to avoid potentially catastrophic attacks," warn researchers at the International Security Department of UK-based thinktank, Chatham House. more

Domain Name Association Supports IANA Transition, Petitions Congress to Move Forward

I recently sent a letter to congressional leaders including Speaker of the House Paul Ryan; House Minority Leader Nancy Pelosi; Senate Majority Leader Mitch McConnell and Senate Minority Leader Harry Reid expressing the Domain Name Association's support of the U.S. Administration's planned transition of the Internet Assigned Numbers Authority (IANA) to the global multi-stakeholder community under the stewardship of the Internet Corporation for Assigned Names and Numbers (ICANN). more

Yahoo to Confirm Massive Data Breach, Several Hundred Million Users Exposed

"Yahoo is expected to confirm a massive data breach, impacting hundreds of millions of users," reports Kara Swisher today in Recode. more