Facebook alerted users today that its engineering team on Tuesday had discovered a security issue affecting almost 50 million accounts. more
Security experts and privacy advocates see the rollout of the new 5G wireless network as a possible solution to eliminate surveillance vulnerabilities that allow spying on nearby phone calls. more
Despite headlines now at least a couple of years old, the InfoSec world is still (largely) playing lip-service to the lack of security talent and the growing skills gap. The community is apt to quote and brandish the dire figures, but unless you're actually a hiring manager striving to fill low to mid-level security positions, you're not feeling the pain -- in fact, there's a high probability many see problem as a net positive in terms of their own employment potential and compensation. more
One of the fallouts of disruptive inventions is the need for new laws to counter their unexpected consequences. As it concerned the Internet, these consequences included a new tort of registering domain names identical or confusingly similar to trademarks and service marks with the intention of taking unlawful advantage of rights owners. Prior to 2000 the only civil remedy for "cybersquatting" or "cyber piracy" was expensive and time-consuming plenary actions in courts of competent jurisdiction under national trademark laws. more
Peter Harrison has been named among four finalists to contest elections for two seats on the American Registry for Internet Numbers (ARIN) board of trustees in October 2018. ARIN is one of five Internet registries worldwide that coordinate the distribution and administration of number resources. The registry serves the United States, Canada and several territories in the Caribbean. more
So far this year I think I've attended 20+ security conferences around the world - speaking at many of them. Along the way, I got to chat with hundreds of attendees and gather their thoughts on what they hoped to achieve or learn at each of these conferences. In way too many cases I think the conference organizers have missed the mark. I'd like to offer the following thoughts and feedback to the people organizing and facilitating these conferences (especially those catering to local security professionals). more
The Internet Society today announced that it is partnering with Facebook to develop Internet Exchange Points (IXP) throughout Africa. more
At NANOG on the Road (NotR) in September of 2018, I participated in a panel on BGP security -- specifically the deployment of Route Origin Authentication (ROA), with some hints and overtones of path validation by carrying signatures in BGP updates (BGPsec). This is an area I have been working in for... 20 years? ... at this point, so I have seen the argument develop across these years many times, and in many ways. more
In a little over two weeks, precisely in 17 days (on 11 October 2018 at 16:00 UTC), ICANN will roll the Domain Name System Security Extensions (DNSSEC) root Key Signing Key (KSK). If you are a Domain Name System (DNS) and DNSSEC expert already engaged globally on the topic, you are certainly both well aware and ready for the rollover. This article is probably not for you! If however, you are out there focused on your day to day running or managing a DNS infrastructure... more
Speaking at a private event hosted by Village Global VC, tech luminary and former Google CEO Eric Schmidt predicted that the internet will split into Chinese-led and US-led versions by 2028. more
The Trump administration today announced that the U.S. will begin a new strategy to deter and respond to cyberattacks with offensive actions against foreign adversaries. more
The New York Times Co. filed a lawsuit today against the Federal Communications Commission concerning records the newspaper alleges may shed light on possible Russian participation in a public comment period before the commission rolled back Obama-era net neutrality rules. more
For the first time in recent Internet history, a new submarine cable carrying live traffic across the South Atlantic was activated, directly connecting South America to Sub-Saharan Africa. more
Last week an ICANN registrar, Namejuice, went off the air for the better part of the day -- disappearing off the internet at approximately 8:30 am, taking all domains delegated to its nameservers with it, and did not come back online until close to 11 pm ET. That was a full business day and more of complete outage for all businesses, domains, websites, and email who were using the Namejuice nameservers -- something many of them were doing. more
Brandsight recently concluded their Second Annual Domain Management Survey. Respondents to the survey were corporate domain name professionals. Of those that responded, 35% had portfolios that were between 3,000-10,000 domains and another 30% had portfolios greater than 10,000 domains. Fifty-seven percent of respondents reported that they manage domains out of the legal department, with the remaining respondents' portfolios managed out of IT, marketing and other groups. more