Trench Warfare in the Age of The Laser-Guided Missile

The historical development of spam fighting is allowing computer-aware criminals to take the upper hand in the fight against what has now evolved into a completely technologically and organizationally merged threat to public safety. If we do not change our strategic approach immediately, the battle, indeed even the war may be all but lost... Of late, much has been said in the popular and computer press about a vector that is annoying, but hardly critical in nature: 'Image spam'. Spammers have jumped on the new technology of 'image-only' payloads, which morph one pixel per message, rendering them unique, and traditional check-sum blocking strategies ineffective... Fortunately this fraudulent stock-touting scheme leaves a paper trail that has allowed for some successful prosecutions in the latter half of the year. Stock spamming, while popular at present time is likely to decline as legal actions increase... more

Taking Back the DNS

Most new domain names are malicious. I am stunned by the simplicity and truth of that observation. Every day lots of new names are added to the global DNS, and most of them belong to scammers, spammers, e-criminals, and speculators. The DNS industry has a lot of highly capable and competitive registrars and registries who have made it possible to reserve or create a new name in just seconds, and to create millions of them per day. Domains are cheap, domains are plentiful, and as a result most of them are dreck or worse. more

WiMAX vs. WiFi

In fact WiFi (technically standard 802.11) and WiMAX (802.16) don't compete for broadband users or applications today. That's partly because WiFi is widely deployed and WiMAX is still largely an unfulfilled promise and partly because the two protocols were designed for very different situations. However, if WiMAX is eventually widely deployed, there will be competition between them as last mile technologies. Some people describe the difference between WiFi and WiMAX as analogous to the difference between a cordless phone and a mobile phone... more

Port 25 Blocking, or Fix SMTP and Leave Port 25 Alone for the Sake of Spam?

Larry Seltzer wrote an interesting article for eWeek, on port 25 blocking, the reasons why it was being advocated, and how it would stop spam. This quoted an excellent paper by Joe St.Sauver, that raised several technically valid and true corollaries that have to be kept in mind when blocking port 25 -- "cough syrup for lung cancer" would be a key phrase... Now, George Ou has just posted an article on ZDNET that disagrees with Larry's article, makes several points that are commonly cited when criticizing port 25 blocking, but then puts forward the astonishing, and completely wrong, suggestion, that worldwide SPF records are going to be a cure all for this problem. Here is my reply to him... more

Freedom of Expression Part 3: Child Pornography, Manga, Anime, Obscene Publication

At the 44th Session of the Human Rights Council, we heard how 1 billion children in 2019 who were subjected to various forms of violence and the need for more action to protect children according to the Special Rapporteur. The United Nations Committee on the Rights of the Child released Guidelines on the implementation of the international treaty that bans child pornography, proposing to expand its interpretation to include bans on drawings and stories that sexually depict minors. more

Sex.com Settles Monumental Case Against VeriSign/Network Solutions

Sex.com announced today a final settlement with VeriSign (formerly Network Solutions, Inc.), concluding a six-year legal fight that set several important precedents for the future of the Internet. After the Ninth Circuit Court of Appeals granted Sex.Com a sweeping victory that held VeriSign/Network Solutions, Inc. (collectively "VeriSign") strictly responsible for mishandling the famous domain name, Sex.Com and VeriSign have settled Sex.Com's lawsuit against VeriSign. more

Network Solutions Responds to Front Running Accusations

Following a post on the DomainState forum today, a number news and blogs have criticized Network Solutions for front running domain names that customers try to register. (See for instance today's report on DomainNameNews). Jonathon Nevett, Vice President of Policy at Network Solutions, has offered the following in response to the news break... more

North Dakota Judge Gets it Wrong

Ever been prosecuted for tracking spam? Running a traceroute? Doing a zone transfer? Asking a public internet server for public information that it is configured to provide upon demand? No? Well, David Ritz has. And amazingly, he lost the case. Here are just a few of the gems that the court has the audacity to call "conclusions of law." Read them while you go donate to David's legal defense fund... more

DHCP for IPv4 vs. IPv6 - What You Need to Know

Dynamic Host Configuration Protocol (DHCP) is a protocol intended to enable machines (servers, game consols, etc) wishing to be "online" the ability to request Internet Protocol information from a DHCP server automatically. ... In this article we will begin to outline some of the fundamental differences between DHCPv4 and DHCPv6, explore historical uses of DHCPv4 and how those concepts will adapt/change in IPv6. more

Competition to Regional Internet Registries (RIR) for Post-Allocation Services?

Is it time for a split between allocation and services for Internet number resources as was the case for domain name resources? Back in 1996, Network Solutions had essentially four different government granted monopolies... In 1997, Network Solutions "spun" off the 3rd and 4th monopoly into a non-stock corporation known as American Registry for Internet Numbers (ARIN) which has continued the monopoly for its region after spinning off several other Regional Internet Registers (RIR) which are in themselves monopolies. more

Explaining China’s IPv9

Recently, the news that China is adopting IPv9 is making rounds on the Internet. While some of them write off as an April Fool's joke (in July?) like RFC 1606, other wonders if there are more than meets its eyes. But most of them wonders what is this IPv9 and how does it actually works. And some of the English translated article are so badly done that it is impossible to get any useful technical information except that 'It is developed and supported by Chinese government!' more

Nation of Cameroon Typo-Squats the Entire .com Space

The .cm (Cameroon) ccTLD operators have discovered that since their TLD is simply one omitted letter away from .com, that there is a gold mine in the typo traffic that comes their way. Accordingly, Cameroon has now wild-carded its ccTLD and is monetizing the traffic. The upshot is that, if the Neiman Marcus / Dotster lawsuit over 27 domain names was properly characterized as "massive", then the Cameroonians are now going well beyond massive... more

China’s Censorship Blowback

I'm not sure what the Chinese government is thinking, or whether certain parts of certain ministries and party apparatus have gotten completely out of control. Until recently, it had seemed to me that the Chinese government was managing its censorship system with surprising success... But this month, something shifted. It's unclear whether the shift is long-lasting or just temporary madness until the PRC's 60th anniversary on October 1st. more

Top Public DNS Resolvers Compared

At ThousandEyes, we've always been curious about the performance of various public DNS resolvers -- especially since Google threw their hat in the ring back in 2009. We satisfied our curiosity this week, so we thought we'd share the results. Here's how we did it. more

Cloud Computing Types: Public Cloud, Hybrid Cloud, Private Cloud

It's no secret that I don't very much like this whole private cloud or internal cloud concept... on the basis that while advanced virtualisation technologies are valuable to businesses they are a severe short sell of what cloud computing is ultimately capable of. The electricity grid took over from the on-site generators very quickly and I expect cloud computing to do the same with respect to private servers, racks and datacenters... more