A Global Dialogue around WSIS Prepcom 3

As a contribution to the United Nations World Summit on the Information Society (WSIS), the Internet Governance Project, led by Professor Derrick L. Cogburn, is supporting a web-based Global Deliberative Dialogue on Internet Governance, from 19-30 September 2005. The purpose of this Global Dialogue is to raise awareness of Internet Governance, to broaden participation in the policy debate, and to provide concrete input into the final deliberations during the Third Preparatory Meeting for the WSIS, taking place concurrently with the Global Dialogue in Geneva. more

Respondent’s Long Use of JACUZZI in Australia Prevails in Domain Name Dispute

Jacuzzi, Inc., owner of rights in the mark JACUZZI, challenged the domain name jacuzzi.net.au in this first WIPO decision involving the .au domain. The Australian respondent had used the JACUZZI name for nearly 15 years. more

IGP Asks You to Weigh in on the USG’s .xxx Intervention

Responding to the .xxx intervention by the US Commerce Department, the Internet Governance Project has produced a "STATEMENT OPPOSING POLITICAL INTERVENTION IN THE INTERNET'S CORE TECHNICAL ADMINISTRATIVE FUNCTIONS." You can view the statement here and add your name as a signatory at the bottom. Over 60 people have endorsed it. The Statement claims that "The NTIA's recent intervention in the .xxx proceeding undermines assurances" that the U.S. government's special unilateral authority over ICANN "would never be used to shape policy but was only a means of protecting the stability of the organization and its processes." The NTIA's open acknowledgment of the influence of religious groups made the intervention particularly dangerous. more

When the Defendant is a Domain Name: The Power of In Rem Proceedings Under the ACPA

A recent decision by a federal court in Virginia illustrates some interesting legal issues that arise from the global nature of the domain name system. It also highlights a powerful mechanism under the Anticybersquatting Consumer Protection Act ("ACPA") by which a plaintiff can proceed with a legal action to recover a domain name without regard to the court's personal jurisdiction over the registrant.  more

ICANN Meetings in Luxembourg

The ICANN Meetings are in full flow here in sunny Luxembourg. The venue is immense and located a cab, bus, or shuttle ride from the various hotels. So far, the big topics are the .Net finalization (focusing on the readjustment of the pricing verbiage), the USDOC root announcement, the shell registrar accreditations used in the batch pool for the purposes of getting dropped names, and the practice of registrars exploiting the 5 day add grace period to register in excess of 50000 names to watch how much web traffic they have, and returning the ones that do not at no cost... more

WIPO Recommends Uniform Registration for New gTLDs

The World Intellectual Property Organization (WIPO) has recommended the introduction of a uniform intellectual property (IP) protection mechanism designed to further curb unauthorized registration of domain names in all new generic Top-Level Domains (gTLDs). The report, "New Generic Top-Level Domains: Intellectual Property Considerations", which is available at WIPO Arbitration and Mediation Center, says that such a preventive mechanism would complement the curative relief provided by the existing Uniform Domain Name Dispute Resolution Policy (UDRP). more

New Study Revealing Behind the Scenes of Phishing Attacks

The following is an overview of the recent Honeynet Project and Research Alliance study called 'Know your Enemy:Phishing' aimed at discovering practical information on the practice of phishing. This study focuses on real world incidents based on data captured and analyzed from the UK and German Honeynet Project revealing how attackers build and use their infrastructure for Phishing based attacks. "This data has helped us to understand how phishers typically behave and some of the methods they employ to lure and trick their victims. We have learned that phishing attacks can occur very rapidly, with only limited elapsed time between the initial system intrusion and a phishing web site going online..." more

ICANN Call for Submissions of Interest for Leadership

ICANN's Nomination Committee has begun their process to nominate more members to various boards, councils and committees of ICANN. This is the process by which I was elected to the board last year. Contrary to what some people may think, these positions should not be taken to try to gain some privilege or power. These are positions of responsibility and require a lot of work for no tangible return except possibly the opportunity to meet other very interesting people. I think about my role at ICANN like I would think about jury duty. We have all benefited from the proper functioning of the Internet for the last decade. If you've benefited in the past and care about the future of the Internet, it is a great opportunity to give back to the community by applying for one of these positions. more

Wal-Mart on the Domain Name War Path

Wal-Mart seems to have been particularly vigilant lately about protecting itself from third parties setting up websites critiquing Wal-Mart and its practices. ...Wal-Mart recently scored a victory in an arbitration proceeding under the Uniform Domain Name Dispute Resolution Policy ("UDRP") before the World Intellectual Property Organization ("WIPO") against Jeff Milchen, a self-proclaimed critic of Wal-Mart from Bozeman, Montana who registered the domain name "walmartfacts.biz". more

Creating a National Cybersecurity Framework: Need For New Regulation?

The Congressional Research Service (CRS) recently released a major new study examining cybersecurity. The report, "Creating a National Framework for Cybersecurity: An Analysis of Issues and Options" discusses a variety of significant public and private cybersecurity concerns. The CRS analysis lists several broad options for addressing cybersecurity weaknesses ranging from adopting standards and certification to promulgating best practices and guidelines and use of audits among other measures. more

JET Open Letter to Microsoft

We, members of the JET (Joint Engineering Team), send this open letter to request Microsoft Corporation to implement IDN (Internationalized Domain Names) standards[1] in the next version of Internet Explorer. ...IDN is a critical enabling technology that will make the Internet more useable and attractive to the majority of the Chinese, Japanese and Korean population who do not use English in their daily life. In fact, IDN is mentioned as one of the Declaration of Action of the World Summit of Information Society (WSIS). To date, IDN registration has been launched in .cn, .jp, .kr, .tw and many other European country code top level domain as well as other generic top level domain names. More than 1 million IDNs have been registered since 2000. Most of the web browsers, such as Safari, Firefox and Opera have implemented IDN standards. This means that users can use IDN in these web browsers without additional applications or plug-ins... more

IDN Parody on verisign.com

Guilllaume Rischard setup a parody on verisign.com using the IDN spoofing trick. He managed to get one registrar to register verisign.com with a cyrillic S (U+0405) (ie xn--veriign-mog.com :-) This actually started in #joiito a couple of weeks ago after the Eric published the spoofing attack paper. A joke was made that it would be funny if someone did it to verisign.com and so he did. I suppose I could rant why VeriSign should adopt the JET Guideline (or ICANN Guidelines) but this parody would send a louder message. more

What is ‘Pharming’ and Should You Be Worried?

The sky is falling! The sky is falling! ...or is it? What is this thing called "pharming"? Put simply, it's redirection of web traffic, so that the server you think you're talking to actually belongs to a criminal. For example: you think you're talking to www.examplebank.com because it says so in the browser's address bar, but actually you're connected to www.mafia-R-us.ru. This can happen in three main ways: 1. DNS Hijack: a social engineering attack on the Internet infrastructure... more

The Net-Net on Dot Net

ICANN has posted its suggested .net agreement [PDF]. The new draft puts the ICANN Board and the Names Council firmly in control of the registry's future, and represents a substantial change to the existing registry contracts. No one gave ICANN the power to do this, and it is strange that no approval by anyone -- including the US Dept of Commerce -- is being sought to make this happen. ICANN is taking the occasion of the .net rebid to restructure its entire relationship to the world. more

History of SMTP

The following excerpt is from the Free Software Magazine, March 2005 Issue, written by Kirk Strauser. To read the entire article, you may download the magazine here [PDF]. Also thanks to Yakov Shafranovich for making us aware of this publication. "Spam has existed since at least 1978, when an eager DEC sales representative sent an announcement of a product demonstration to a couple hundred recipients. The resulting outcry was sufficient to dissuade most users from repeating the experiment. This changed in the late 1990s: millions of individuals discovered the internet and signed up for inexpensive personal accounts and advertisers found a large and willing audience in this new medium." more