Spamhaus Tells Us That Botnets Are Getting Worse

The Spamhaus Project just published a long article about the botnets they've been watching during 2014. As this chart shows, we're not making any progress. They also note that the goals of botnets have changed. While in the past they were mostly used to send spam, now they're stealing banking and financial information, engaging in click fraud, and used for DDoS and other malicious mischief. more

Dave Crocker and John Levine Discuss Current Dealings With Spam (Video)

During the M3AAWG meeting in Brussels earlier this year, Dave Crocker and John Levine were asked to step into an impromptu video studio and talk about how email has changed over the past several decades and whether we are any closer to resolving the spam problem. more

Are the TISA Trade Talks a Threat to Net Neutrality, Data Protection, or Privacy?

On December 17th a US proposal for online commerce in a major trade negotiation, the Trade in Services Agreement ("TISA") leaked. A flurry of press releases and opinion pieces claim that TISA is a threat to the Internet. The headlines are lurid: "TISA leak: EU Data Protection and Net Neutrality Threatened" and "Leaked TISA text exposes US threat to privacy, civil rights"... Because I've spent years in Geneva regularly meeting with and advising negotiators on the networked economy I have a very different perspective. more

We Are All Sony

"Nobody knows anything," screenwriter William Goldman (think "Butch Cassidy and the Sundance Kid" and "The Princess Bride") said famously of Hollywood. The same may be said of enterprise security. Word now comes that the Sony hack for which the FBI has fingered North Korea may, in fact, be the work of some laid-off and disgruntled Sony staff. But that's not clear, either. more

Did the DPRK Hack Sony?

My Twitter feed has exploded with lots of theorizing about whether or not North Korea really hacked Sony. Most commentators are saying "no", pointing to the rather flimsy public evidence. They may be right -- but they may not be. Worse yet, we may never know the truth. One thing is quite certain, though: the "leaks" to the press about the NSA having concluded it was North Korea were not unauthorized leaks; rather, they were an official statement released without a name attached. more

ICANN Targeted in Spear Phishing Attack

In an announcement on Tuesday, ICANN reports that it is investigating a recent intrusion into its systems. The agency believes a "spear phishing" attack was initiated in late November 2014. It involved email messages that were crafted to appear to come from its own domain being sent to members of its staff. more

Can Big Companies Stop Being Hacked?

The recent huge security breach at Sony caps a bad year for big companies, with breaches at Target, Apple, Home Depot, P.F.Changs, Neiman Marcus, and no doubt other companies who haven't admitted it yet. Is this the new normal? Is there any hope for our private data? I'm not sure, but here are three observations... This week Brian Krebs reported on several thousand Hypercom credit card terminals that all stopped working last Sunday. Had they all been hacked? more

The Value of Community Broadband

There are many voices calling for increased initiatives by municipalities to build and operate broadband internet infrastructure as a public utility, but until this week, very little in the way of economic analysis to fully examine whether the benefits justify the costs. A paper released this week finds that local efforts produce small economic benefits, but cause a notable increase in the size of local government. more

NetMundial Initiative Still Lacking Support Despite New Efforts

Kieren McCarthy reporting in the Register: "Plans to create a new internet governance body have grown increasingly desperate... and confusing. A conference call between the organizers of the 'NetMundial Initiative' and business organization the International Chamber of Commerce (ICC) earlier this week saw ICANN's CEO Fadi Chehade pleading with the group to withdraw their rejection of the program and join its 'coordination council'" more

Google Improving Location-Sensitive DNS Responses for Its 400B Responses-Per-Day Public DNS Service

Google announced today that its Public DNS team, in collaboration with Akamai, has reached a significant milestone improving the speed of accessing location-based Akamai hosted content. more

Business Model Canvas for SaaS Providers

As a follow up to the earlier article on the IaaS business model, here is a high level overview of the SaaS provider business model and some of the strategic options that are in there... As examples in this article I consider two hypothetical SaaS providers. The first one delivers bookkeeping software, the second one delivers a project collaboration platform. more

Google Shutting Down Engineering Office in Russia Amid Tighter Data Law

Google is closing its engineering office in Russia as a result of new law coming into force next year requiring foreign firms to store Russian users' personal data on servers located in Russia. more

Privacy, Risk and Revenue

The nation's leading organization of government, corporate and academic privacy executives -- the International Association of Privacy Professionals -- recently did what good groups do, it issued a report that validated the pursuit of the career it supports... the IAPP reminded all what has long been understood -- privacy is an important and growing risk management activity under the watchful eye (mostly) of general counsels. With $2.4 billions being spent this year and $3 billion next, it is a growth industry. more

Cloud 2015: Top Five Considerations

As 2014 winds down, cloud spending is up. That's the word from research firm IDC -- as reported by IT Jungle, cloud spending will reach over $56 billion this year and won't stop anytime soon. By 2018, predictions peg the cloud as worth $127 billion, and that's just counting "core" cloud services such as SaaS, PaaS and IaaS. Cloud-based peripherals, the Internet of Things and other cloud initiatives are also on track to make an impact; here's a quick look at top cloud considerations for the coming year. more

New .VIN Domain Names: What About Accents?

What exactly is that "reserved list of names" Fadi Chehadé refers to in his letter dated October the 22nd? If we already have an idea, we wonder if they considered protecting more than just "accents". The name of Hogan Lovells was mentioned in the last Safebrands "RINDD" and their input on this question is welcome if they are the company to be working on that list. more