Limitations of Carrier Grade NAT, and Some Workarounds

Qtel, the largest carrier in Qatar (and nearly the only Internet provider) appears to connect all their users (~600K) to the Internet through just one or a very few public IPv4 addresses. 82.148.97.69 was their single public address in 2006-2007. How can network address translation (NAT) put all those users through just one IP address? more

An Internet Security Operations Viewpoint of IGF

The Internet Governance Forum (IGF) is an annual UN conference on Internet governance which was held this year in Rio de Janeiro, Brazil. The topics discussed range from human rights online to providing Internet access in developing countries. A somewhat secondary topic of conversation is Internet security and cyber-crime mostly limited to policy and legislative efforts. Techies and Internet security industry don't have much to do there, but I have a few updates for us from the conference. more

Nation Scale Internet Filtering—Do’s and Don’ts

If a national government wants to prevent certain kinds of Internet communication inside its borders, the costs can be extreme and success will never be more than partial. VPN and tunnel technologies will keep improving as long as there is demand, and filtering or blocking out every such technology will be a never-ending game of one-upmanship. Everyone knows and will always know that determined Internet users will find a way to get to what they want, but sometimes the symbolic message is more important than the operational results. more

DNSSEC Ready Set Go! But, Wait, Are You Ready?

The year 2010 is turning out to be the "year of DNSSEC" from Registry implementations, Registrar implementations, ISP support, to the Root being signed this summer. Because we are dealing with such critical infrastructure, it is important to not lose sight of careful implementations. more

The Christmas Goat and IPv6 (Year 2)

Last year the municipality of Gavle asked my company if we could help them load share the streaming pictures of the famous Christmas goat in Gävle. I accepted the invitation and set up a separate domain. My own interest in this was of course to track the usage of IPv6 and validation of DNSSEC from the visitors of the site. more

8 Security Considerations for IPv6 Deployment

Feb. 3, 2011, came and went without much fanfare, but it was a milestone for Internet stakeholders, whether they knew it or not. On that Thursday, the last available IPv4 addresses were allocated by the Internet Assigned Numbers Authority (IANA). Though some Regional Internet Registries (RIRs) have a reasonable inventory of IP addresses that could last another year or two, the days of "new" IPv4 address allocations are largely over. more

The Internet’s Gilded Age

The rise of the Internet has heralded rapid changes in our society. The opportunities presented by a capable and ubiquitous communications system and a global transportation network have taken some corporations from the multinational to the status of truly global mega-corporation. Good examples of these new corporations include Google, Apple, Amazon, Microsoft and Facebook. There are a handful of large-scale winners in this space and many losers. But this is not the first time we've witnessed a period of rapid technological and social change. more

Cyber-Spin: How the Internet Gets Framed as Dangerous

At the beginning of this year, a set of powerhouse organizations in cybersecurity (CSO Magazine, Deloitte, Carnegie Mellon's CERT program, and the U.S. Secret Service) released the results of a survey of 523 business and government executives, professionals and consultants in the ICT management field. The reaction generated by this survey provides an unusually clear illustration of how cyber-security discourse has become willfully detached from facts. more

Increasing the Strength of the Zone Signing Key for the Root Zone

One of the most interesting and important changes to the internet's domain name system (DNS) has been the introduction of the DNS Security Extensions (DNSSEC). These protocol extensions are designed to provide origin authentication for DNS data. In other words, when DNS data is digitally signed using DNSSEC, authenticity can be validated and any modifications detected. more

Survey: Cloud Computing ‘No Hype’, But Fear of Security and Control Slowing Adoption

Contrary to conventional wisdom, the vast majority of business and IT executives report that cloud computing is a viable technology option that can improve a company's bottom-line results according to a new global survey conducted by an independent market research firm. However, despite growing evidence that cloud-based systems have the potential to lower costs, the majority of companies report no plans to integrate cloud computing in the next 12 months... more

Verizon to Stop Issuing New Public IPv4 Addresses

Verizon has announced that starting June 30, 2017, it will stop issuing new Public Static IPv4 addresses due to a shortage of available addresses. more

UDRP Does Not Apply To Bad Faith Domain Name Renewals: Part II

The first part of this article offered background examination on why Uniform Dispute Resolution Policy (UDRP) fails to apply to domain name renewals. Here, in the second part of this two part series, we will examine UDRP further by reviewing cases involving the renewal of domain name registrations. more

Alternatives for .COM ? (Part 1)

There are plenty of new domain names and if .COM never had any real identity or true meaning, it is quite possible that new gTLDs may bring new ideas to those who want to acquire a global identity without focusing on a country, a niche market, a specific industry, a community or just anything which does not cover "the world". I made a list of these new domain names with potential to replace .COM and I believe that the alternatives might be in the list down below. more

Future of Internet Navigation and DNS: The NAS Study

The National Academy of Sciences (NAS) has been studying the issue of Internet navigation and the DNS. The study was undertaken at the request of Congress to "provide analysis and advice for consideration by agencies of the U.S. Government, interested international institutions, and other stakeholders." In addition to examining technological issues, the study is also considering "relevant legal, economic, political, and social issues...because technologies related to the DNS and Internet navigation do not operate in isolation, but must be deployed within a complex and challenging national and international context."  more

The Standards Paywalls Fall: Everyone Benefits

Yesterday -- in a unanimous decision of the US Federal Court of Appeals for the DC Circuit (CADC) in ASTM v. Public.Resource.Org --- some of the worst standards paywalls came tumbling down. The court definitively determined that where governmental authorities incorporate private organisation technical standards into law by reference, non-commercial dissemination of those standards "constitutes fair use and cannot support liability for copyright infringement." more