The Darkening Web: Is there Light at the end of the Tunnel?

In his book "The Darkening Web: The War for Cyberspace" (Penguin Books, New York 2017), Alexander Klimburg, an Austrian-American academic, gives "Internet Dreamers" a "Wake Up Call". He tells us the background-story why people start to be "anxious about the future of the Internet", as the recent ISOC Global Internet Report "Paths to Our Digital Future" has recognized. Klimburg refers to Alphabets CEO Erich Schmidt, who once said that "the Internet is the first thing that humanity has built that humanity does not understand". more

Cablecos Continue to Gain Telcom Market Share; Now at 15% and Growing

In a report released today by the research group, TeleGeography, Executive Director, John Dinsdale says, "traditional telcos have been losing substantial market share while leading cablecos have succeeded in transforming their businesses to the point where almost 40% of their revenues now come from telecoms. Comcast, Time Warner Cable and Liberty Global all now feature in the top 15 ranking of broadband internet service providers, and telecoms remains an engine for growth for many cablecos around the world." more

Protecting the Internet: Certified Attachments and Reverse Firewalls?

In many respects the internet is going to hell in a hand basket. Spam, phishing, DNS poisoning, DDoS attacks, viruses, worms, and the like make the net a sick place. It is bad enough that bad folks are doing this. But it is worse that just about every user computer on the net offers a nice fertile place for such ill behavior to be secretly planted and operated as a zombie under the control of a distant and unknown zombie farmer. ...Some of us are coming to the converse point of view that the net is being endangered by the masses of ill-protected machines operated by users. more

Network Neutrality is the Wrong Fight!

We shouldn't settle for network neutrality. It's a poor substitute for what we had and much less than what we need. Let me explain. There are two topics to discuss. The first is "common carriage," a centuries old legal concept that applied to the US telecom industry throughout most of the 20th century. The second involves communications protocols. Both topics are complex, so I will cover only what's needed to understand why we shouldn't accept network neutrality and why, at a minimum, we should fight for enforcement of existing common carriage rules. more

Measuring the Use of DNSSEC

The canonical specification of the DNS that is normally cited are the pair of quite venerable RFCs, RFC 1034, "Domain names - concepts and facilities", and RFC 1035, "Domain names - implementation and specification", both published in November 1987. However, these two specification documents are just the tip of a rather large iceberg. One compendium of all the RFCs that touch upon the DNS lists some 292 RFCs. more

Donuts to Acquire Afilias

Donuts and Afilias announced today that Donuts is acquiring Afilias in a deal that is expected to close in December 2020 for an undisclosed amount. The combined entities will support over 25 million domain names spanning well over 400 TLDs. The deal will not include certain Afilias businesses, such as the mobile software and registrar businesses, which will remain with Afilias' original group of investors. more

Temporary Restraining Order Issued Against Domainer’s Use of “mylennar.com”

Companies sometimes find that opportunistic purchasers of domain names (often referred to as "domainers"), will purchase a domain name quite similar to that of the company, and establish a site at the URL loaded with revenue-generating sponsored ads. To accomplish these purposes, domainers seem to prefer the services of companies like HitFarm and Domain Sponsor. A web user types in the confusingly similar URL and is bombarded with pop-up ads and sponsored links to goods and services, often competitive to the company whose name or trademark is being appropriated in the URL... more

The Coding of Online Brand Protection

Moore's law postulates that the number of transistors in an integrated circuit will double every two years. That law has given us smartphones and other devices with astonishingly diverse capabilities at ever lower costs. However, while it does not encompass online brand infringement, many trademark managers feel that their task is likewise expanding at exponential speed and imposing escalating costs. Potential cybersquatting based in the more than one thousand new generic top level domains is only one new source of anxiety. While the jury is still out on the level of harmful cybersquatting and the efficacy of the new Rights Protection Mechanisms (RPMs) for new gTLDs, that ICANN program is hardly the only challenge. more

Understanding the Threat Landscape: Indicators of Compromise (IOCs)

I previously provided a brief overview of how Verisign iDefense characterizes threat actors and their motivations through adversarial analysis. Not only do security professionals need to be aware of the kinds of actors they are up against, but they should also be aware of the tactical data fundamentals associated with cyber-attacks most commonly referred to as indicators of compromise (IOCs). Understanding the different types of tactical IOCs can allow for quick detection of a breach... more

Study Finds Spammers Use P2P Harvesting to Spam Millions

A recent study conducted by Blue Security reports how Internet users can unknowingly expose their contacts' emails addresses to Spammers while sharing files, music, games and DVDs over Peer-to-Peer (P2P) networks. The study has uncovered hundreds of incidents where files containing email addresses were made accessible in P2P networks. more

Mitigating DNS Abuse and Safeguarding the Internet

The internet is a beacon of global connectivity and information, but it has also become a battleground where malicious actors exploit vulnerabilities for various immoral purposes. Domain Name System (DNS) abuse stands has proven a constant in the internet threat landscape, posing risk to the overall digital trust. more

The Highest Threat TLDs - Part 1

A domain name consists of two main elements: the second-level domain name to the left of the dot - often consisting of a brand name or relevant keywords - and the domain extension or top-level domain (TLD) to the right of the dot. Domain names form the key elements of the readable web addresses allowing users to access pages on the internet and also allowing the construction of email addresses. more

How Big Is the Domain Business?

When you're standing close to ICANN, the domain business may seem pretty big, but when you stand farther away, not so much. Verisign's revenues are about $1 billion/year. The .COM and .NET top-level domains together have about 150M names. The next biggest gTLDS are .ORG with 25M and .INFO with 12M. The biggest new TLDs are TOP with 2.9M and .XYZ with 1.8M, with both bloated by firesale prices. The rest are smaller, mostly much smaller. more

Valuing IP Addresses

The prospect of exhaustion of the IPv4 address space is not a surprise. We've been anticipating this situation since at least 1990. But it's a "lumpy" form of exhaustion. It's not the case that the scarcity pressures for IP addresses are evidently to the same level in every part of the Internet. It's not the case that every single address is being used by an active device. A couple of decades ago we thought that an address utilisation ratio of 10% (where, for example, a block of 256 addresses would be used in a network with some 25 addressed devices) was a great achievement.  more

In Rem Domain Name Proceeding: Sometimes “may” Means “must”

Investools, Inc. recently filed an in rem domain name proceeding against a Canadian entity that registered the domain names investtools.com and investtool.com. In rem domain name proceedings are provided for under the Anticybersquatting Consumer Protection Act ("ACPA"), 15 U.S.C. 1125(d), and are a handy way for a trademark owner to acquire a domain name from a cybersquatter when the cybersquatter can't be found e.g., is located outside the U.S. ...The ACPA requires that a plaintiff demonstrate four things to establish in rem jurisdiction over a domain name... more