Friction-Free Commerce, Spam-Free Future

I'm sitting here at the Inbox conference on e-mail, and listening to an encouraging, plays-nicely-with-other-children talk from Ryan Hamlin, GM of anti-spam technology and strategy at Microsoft. Over the past couple of months, with evidence abounding at this conference, a number of big industry players have been getting together to fight spam. Most significantly, Microsoft, Yahoo! and AOL - plus a bunch of (other) ISPs are getting together behind a single standard for "Sender ID " - (actually, server authentication) name not yet determined... more

UN Global Forum on Internet Governance

More than 200 leaders from government, business and civil society attended the Global Forum on Internet Governance, held on 25 and 26 March 2004 and organized by the United Nations Information and Communication Technologies (ICT) Task Force. The forum, held at United Nations Headquarters in New York, was intended, according to a UN press release, "to contribute to worldwide consultations to prepare the ground to a future Working Group on Internet Governance to be established by Secretary-General Kofi Annan, which is to report to the second phase of the World Summit on the Information Society (Tunis, 2005)". more

IP or NAT IP: Mostly IP

There seems to be a heated debate on this site about NAT (network-address translation). What came as a surprise to me is that a lot of the arguments seem to reside in ideological point of views which obscure the real issues at hand -- IP addressing, IP security -- and have little to do with NAT's actual merits or drawbacks. more

The Small, But Limitless World of .kids.us

Erica Wass is the editor and contributing author of the recently published book, "Addressing the World: National Identity and Internet Country Code Domains", (Rowman & Littlefield, October 2003). This book is an edited collection of original essays by domain name administrators, academics, journalists and lawyers that examine the connections between various cultures and the use and regulation of their country code domain names. This is the second part of a three-part series. "Congress and the President of the United States believed so much in the idea that the Internet needed a "safe zone" for children that they passed a law designating such a space. One year after its passage I sought to examine the development of the .kids.us name space. I found an initiative that has yet to live up to its potential, but has a limitless, albeit difficult future ahead." more

Lights Going Out on the Internet? Not Just Yet

In his article titled, "End of Life Announcement", John Walker (author of the Speak Freely application) makes a few arguments about Network Address Translation (NAT) that are simply not true: "There are powerful forces, including government, large media organisations, and music publishers who think this situation is just fine. In essence, every time a user--they love the word "consumer"--goes behind a NAT box, a site which was formerly a peer to their own sites goes dark, no longer accessible to others on the Internet, while their privileged sites remain. The lights are going out all over the Internet. ...It is irresponsible to encourage people to buy into a technology which will soon cease to work." more

Security by Obscurity?

Ah yes, 'Security by obscurity': "Many people believe that 'security through obscurity' is flawed because... secrets are hard to keep." I'm glad the guys guarding the A Root Servers are up on the latest security trends. Of course, you could hide the A Root Servers at the heart of the Minotaur's maze, but they're still going to be "right over there" in cyberspace, at 198.41.0.29 more

Market Forces Should Control Registry Services?

Sonia Arrison, a director of the Center for Technology Studies at the California-based non-profit Pacific Research Institute, writes an interesting op-ed piece in the Internet news publication CNET News.com. She argues that the job of privatizing the domain name system should be completed and that market forces should control registry services such as SiteFinder deployed by VeriSign for about three weeks in September...While not a position I would agree with, as I would prefer more government control and additional regulation, it is definitely insightful and well written. She makes some interesting quotes... more

Blacklisting Under Wrong Assumptions

If you analyze the relay of spam- and malware-containing email circulating on the Internet purely through your mail server logs (running the Unix command "tail"), a large proportion seem to come from Asia Pacific hosts, especially those from mainland China. Therefore, many less-experienced systems administrators have simply blocked the access from subnets of Chinese or Asian origin, effectively destroying the fabric of the Internet -- messaging. If administrators took pains to analyze these supposedly Asian spam messages by analyzing the full Internet headers, they would have realized that the Asian servers were merely used by the real spammers as open relays, or perhaps as zombie hosts previously infected with the mass mailing worms through the exploitation of operating system vulnerabilities.  more

An Unsanctioned Whois Database

Mark Jeftovic of easyDNS Technologies Inc. has posted an item on ICANN's "GNSO" registrars' mailing list titled "unsanctioned Whois concepts". In that item he suggests that the control and actual publication of contact information about a domain be put into the zone file itself, a file maintained by the registrant (purchasor) of the domain name. more

Reaction to VeriSign’s New 36-Hour Deadline

ICANN today has made a formal demand stating: "Given the magnitude of the issues that have been raised, and their potential impact on the security and stability of the Internet, the DNS and the .com and .net top level domains, VeriSign must suspend the changes to the .com and .net top-level domains introduced on 15 September 2003 by 6:00 PM PDT on 4 October 2003. Failure to comply with this demand by that time will leave ICANN with no choice but to seek promptly to enforce VeriSign's contractual obligations." What follows is a collection of commentaries made around the net and by experts in response to today's announcement...
 more

SiteFinder Is Leaking Data

I just discovered that VeriSign's SiteFinder Web site is leaking data submitted in Web forms to its marketing analysis partner, Omniture. Forms can easily contain personal information such as an email address. For the problem to occur, a Web form must use the GET method. This data spill problem occurs if a Web page anywhere on the Internet submits a Web form to an action URL with a misspelled or expired domain name. Because of VeriSign's recent controversial changes to the DNS system, this form data is submitted to the SiteFinder Web site.  more

Is the Internet Dying?

There are indications that the Internet, at least the Internet as we know it today, is dying. I am always amazed, and appalled, when I fire up a packet monitor and watch the continuous flow of useless junk that arrives at my demarcation routers' interfaces. That background traffic has increased to the point where it makes noticeable lines on my MRTG graphs. And I have little reason for optimism that this increase will cease. Quite the contrary, I find more reason to be pessimistic and believe that this background noise will become a Niagara-like roar that drowns the usability of the Internet. And the net has very long memory... more

Analyzing The Inbox of a Spammer’s Domain

Consider this scenario: you need a domain name for your site so you go to your favorite domain registrar's website and upon a quick search find that your third choice is actually available! You quickly pull your credit card and register the name. Everything is good and you can't wait to have your new domain start pointing to your site and represent your official email address. But not so fast -- some of the recent events are revealing that, these days, when you are registering a domain name there is one more critical thing you need to do: check under the hood! more

RIR Gainers and Leakers: How Policy Choices Shape the Future of the IPv4 Ecosystem

Diverging policies and fee structures among Regional Internet Registries are reshaping the global IPv4 market. RIPE has emerged as a liquidity hub, while others leak resources, risking long-term instability and financial fragility. more

A Threat to Europe’s Digital Human Rights Stewardship

In a contemporary era when the human rights, democracy, and the rule of law are under attack, Europe has asserted itself as the leading global digital steward for maintaining those values. However, doing so through its Digital Sovereignty initiatives is significantly dependent on the ability to produce timely technical standards that underpin the implementing legislation. more