HTTPS Interceptions Are Much More Frequent Than Previously Thought

I have written about the problems with the "little green lock" shown by browsers to indicate a web page (or site) is secure. In that article, I consider the problem of freely available certificates, and a hole in the way browsers load pages. In March of 2017, another paper was published documenting another problem with the "green lock" paradigm - the impact of HTTPS interception. more

Why Government Agencies Use Ugly, Difficult to Use Scanned PDFs - There’s More Than Meets the Eye

Sometimes, a government agency will post a PDF that doesn't contain searchable text. Most often, it's a scan of a printout. Why? Don't the NSA, the Department of Justice, etc., know how to convert Word (or whatever) directly to PDF? It turns out that they know more than some of their critics do. The reason? With a piece of paper, you know much more about what you're actually disclosing. more

What Happens If Two Applications for a New gTLD Are a City and a Family Name?

When applying for a new gTLD, what happens if two applications for the same extension are a city and a family name? Which one wins? Let's imagine that a person whose family name is "Marseille" applied for the .MARSEILLE new gTLD in the next round of the ICANN new gTLD program. What if there was a .MARSEILLE new gTLD too but as the name of the French city? more

Have We Reached Peak Use of DNSSEC?

The story about securing the DNS has a rich and, in Internet terms, protracted history. The original problem statement was simple: how can you tell if the answer you get from your query to the DNS system is 'genuine' or not? The DNS alone can't help here. You ask a question and get an answer. You are trusting that the DNS has not lied to you, but that trust is not always justified. more

IPv6 Deployment Around the World: A New Digital Divide?

Alain Durand, Principal Technologist at ICANN, visited Georgia Institute of Technology last week for a talk on the global adoption of Internet Protocol version 6 (IPv6). The Internet Governance Project organized the talk in cooperation with Atlanta's Technology Development Center (ATDC) and the Institute for Information Security and Privacy. Durand, who was involved in the IPv6 standardization efforts at IETF back in the early to mid-1990s, offered a clear eyed assessment of the protocol's critical flaw... more

Google Now a Target for Regulation

The time was - way back around the turn of the century - when all Internet companies believed that the Internet should be free from government regulation. I lobbied along with Google and Amazon to that end (there were no Twitter and Facebook then); we were successful over the objection of traditional telcos who wanted the protection of regulation. The FCC under both Democrats and Republicans agreed to forbear from regulating the Internet the way they regulate the telephone network; the Internet flourished, to put it mildly. more

Nation Scale Internet Filtering—Do’s and Don’ts

If a national government wants to prevent certain kinds of Internet communication inside its borders, the costs can be extreme and success will never be more than partial. VPN and tunnel technologies will keep improving as long as there is demand, and filtering or blocking out every such technology will be a never-ending game of one-upmanship. Everyone knows and will always know that determined Internet users will find a way to get to what they want, but sometimes the symbolic message is more important than the operational results. more

Does ICANN’s UDRP Preserve Free Speech and Allow Room for Criticism?

The phenomenal growth of the Internet has resulted in a proliferation of domain names. The explosion of '.com' registrations coincided with an increase in domain name disputes, and with it the legal branch of intellectual property devolved into virtual mayhem. ICANN's Uniform Domain-Name Dispute-Resolution Policy (UDRP) was created... The UDRP was brought into force in October 1999, and it can be said that it has contributed handily to the resolution of domain name disputes. However, deeper investigation into the UDRP paints a different picture. more

Breaking the Mold: Reclassifying Over a Billion .XYZ Domains for Alternative Uses

Three years ago, my team and I launched .xyz with the mission of bringing competition, choice, and innovation on the internet. .xyz was probably the only domain extension that had no built-in meaning, included very few domains priced at a premium, and relied on low margins and high volume. We brought with it the message that .xyz was for every website, everywhere. And instead of targeting one vertical, we connected with the next generation of internet users... more

Why Did’t the Internet Zap Singapore’s Straits Times Newspaper?

US papers employed 56,900 full-time journalists in 1990, the year Tim Berners Lee began testing his World Wide Web software, and they employed 32,900 in 2015. The disruption of the newspaper business began 22 years ago, when Craig Newmark launched his classified ad site, Craigslist. (Note that Newmark now generously supports investigative journalism and fact-checking organizations). Newspapers have adapted to the Internet by adding digital editions, but they generate less ad revenue than print editions have lost. more

Digital Geneva Convention: Multilateral Treaty, Multistakeholder Implementation

Microsoft's call for a Digital Geneva Convention, outlined in Smith's blog post, has attracted the attention of the digital policy community. Only two years ago, it would have been unthinkable for an Internet company to invite governments to adopt a digital convention. Microsoft has crossed this Rubicon in global digital politics by proposing a Digital Geneva Convention which should 'commit governments to avoiding cyber-attacks that target the private sector or critical infrastructure or the use of hacking to steal intellectual property'. more

5G (and Telecom) vs. The Internet

5G sounds like the successor to 4G cellular telephony, and indeed that is the intent. While the progression from 2G to 3G, to 4G and now 5G seems simple, the story is more nuanced. At CES last month I had a chance to learn more about 5G (not to be confused with the 5Ghz WiFi) as well as another standard, ATSC 3.0 which is supposed to be the next standard for broadcast TV. more

Ask Not What ICANN Can Do for You, But What You Can Do for ICANN

In recent weeks, you may have seen several articles asking that "ICANN", the Internet Corporation for Assigned Names and Numbers, move more expeditiously to open up the next application window for new gTLDs. As one commenter wrote "Ask a Board member or ICANN staff when they expect the next application window to open, and they will inevitably suggest 2020 -- another three years away. more

Let’s Face Facts: We Need a New Industrial Internet

The Internet is a great success and an abject failure. We need a new and better one. Let me explain why. We are about to enter an era when online services are about to become embedded into pretty much every activity in life. We will become extremely dependent on the safe and secure functioning of the underlying infrastructure. Whole new industries are waiting to be born as intelligent machines, widespread robotics, and miniaturized sensors are everywhere. more

China Sets Up $14.6 Billion Internet Investment Fund

China's government has established a 100 billion yuan (US$14.5 billion) state fund to invest, nurture and support internet companies and spearhead the country's technological innovations and economic transformation into the so-called 'Internet Plus' era. more