A Political Analysis of SPF and Sender-ID

In my spare time when I'm not dealing with the world of e-mail, I'm a politician so now and then I put on my cynical political hat. At the FTC Authentication Summit one of the more striking disagreements was about the merits and flaws of SPF and Microsoft's Sender-ID. Some people thought they are wonderful and the sooner we all use them the better. Others thought they are deeply flawed and pose a serious risk of long-term damage to the reliability of e-mail. Why this disagreement over what one might naively think would be a technical question? more

The Digital Marketing & gTLD Strategy Congress Announces Keynote, Speakers, Initial Partnerships

The Digital Marketing & gTLD Strategy Congress has made the following announcement for the keynote, speakers, initial sponsors, partners and dates for the inaugural event taking place March 11 & 12, 2013 in New York City. more

ICANN Board: You Got It Right. Then You Got It Wrong. Now, Get It Right Again.

The ICANN Board has itself in a pretty pickle. The Governmental Advisory Committee (GAC) Consultancy with the Board in Brussels was an apparent non-starter. After hundreds of man-hours' worth of comments provided by the Intellectual Property Constituency (IPC), the Board continues to claim that it lacks sufficient information on trademark issues in order to respond to concerns. more

Phishers Exploit the Cybercrime Supply Chain Despite the Availability of Effective Countermeasures

Interisle Consulting Group today released its fourth annual Phishing Landscape report investigating where and how cybercriminals acquire naming and hosting resources for phishing. Our study shows that cybercriminals evolved their tactics for obtaining attack resources, including sharply increasing their exploitation of subdomain and gateway providers. more

IPv6 Over Satellite: Pie in the Sky?

I am writing this from the Satellite 2008 conference in Washington, D.C. As I make my way through the exhibits, I see many vendors advertising IP capabilities in their hardware products or network services. But when asked about IPv6 support, the common reply is a not so believable "it is on our roadmap" followed by a somewhat vague delivery date. Although IPv6 development has been slow across the board, it appears to be moving even more slowly in the satellite world... more

UN Cybercrime Convention: Time Is Running Out to Address Draft’s Urgent Risks to Human Rights

In two weeks, final negotiations will begin on the UN's proposed Cybercrime Convention, a document which has elicited widespread concern from civil society, industry groups, and some states due to the serious risks it poses to human rights, including privacy and freedom of expression. Since 2022, GPD and other groups, including EFF, Human Rights Watch and Privacy International, have sought to alert stakeholders within the process to the need for substantial revisions... more

Questioning the Illusion of Internet Governance

I confess, I don't get it. Much has been written about the apparent desire by the United Nations, spurred by China, Cuba, and other informationally repressive regimes, to "take control of the Internet." Oddly, the concrete focus of this battle -- now the topic of a Senate resolution! -- is a comparatively trivial if basic part of Net architecture: the domain name system. The spotlight on domain name management is largely a combination of historical accident and the unfortunate assignment of country code domains like .uk and .eu, geographically-grounded codes that give the illusion of government outposts and control in cyberspace. more

Domain Name Abuse Is a 4 Letter Word

There has been a lot of back and forth recently in the ICANN world on what constitutes domain abuse; how it should be identified and reported AND how it should be addressed. On one side of the camp, we have people advocating for taking down a domain that has any hint of misbehaviour about it, and on the other side we have those that still feel Registries and Registrars have no responsibility towards a clean domain space. (Although that side of the camp is in steady decline and moving toward the middle ground). more

Microsoft’s Size Means Malicious Cyber Actors Thrive

Last month, the Russian state-sponsored hacking group "Midnight Blizzard" gained access to the email accounts of Microsoft leadership, even exfiltrating documents and messages. The group reportedly used a simple brute-force style attack to access a forgotten test account and then exploited the permissions on that account to access the emails of employees in the cybersecurity and legal teams. more

Forgotten Principles of Internet Governance

Suddenly internet governance has become a hot topic. Words and phrases fly back and forth but minds rarely meet. We do not have discussion, we have chaos. We are not moving forwards towards a resolution. It's time to step back and review some basic principles. 1. Principle: The internet is here to serve the needs of people (and organizations of people); people are not here to serve the internet. Corollary: If internet technology does not meet the needs of users and organizations than it is technology that should be the first to flex and change. more

Why We Need to Find Solutions on Internet Governance As Soon As Possible

Internet Governance is the buzzword, especially over the past couple of years, with debates and negotiations taking place almost with the same intensity and pathos of delicate issues, such as terrorism. But Internet Governance is a delicate issue. At the beginning, there was the web that made everything better... Life was good and exciting. That was Internet 1.0. But consider Internet 2.0, currently in development. No longer an egalitarian utopia, it has become much like the rest of our society -- divided by class, geography, culture, religion and politics. And its growing fragmentation threatens us all -- because we will be asked to take sides. more

The ‘Millennium Problems’ in Brand Protection

As the brand protection industry approaches a quarter of a century in age, following the founding of pioneers Envisional and MarkMonitor in 1999, I present an overview of some of the main outstanding issues which are frequently unaddressed or are generally only partially solved by brand protection service providers. I term these the 'Millennium Problems' in reference to the set of unsolved mathematical problems published in 2000 by the Clay Mathematics Institute, and for which significant prizes were offered for solutions. more

Electronically Steerable, Flat-Panel Antennas for Satellite and Terrestrial Connectivity

What will the cost and capability of these antennas be in ten or twenty years? What would be the applications and implications of ubiquitous wireless networks? You might have some short-term guesses, like smart cities, but farther out it's science fiction -- Gaia, the Noosphere, 1984? ... Three companies, OneWeb, SpaceX and Telesat, plan to provide global, low-latency broadband Internet service using constellations of low-Earth orbit (LEO) satellites. more

IPv6 Security Myth #10: Deploying IPv6 is Too Risky

After a quick break to catch our breath (and read all those IPv6 Security Resources), it's now time to look at our tenth and final IPv6 Security Myth. In many ways this myth is the most important myth to bust. Let's take a look at why... Myth: Deploying IPv6 Makes My Network Less Secure... I can hear you asking "But what about all those security challenges we identified in the other myths?" more

Does CAN-SPAM Really Matter?

As a daily and enthusiastic reader of The New York Times, I was disappointed to read their February 1 article on CAN-SPAM entitled, "Law Barring Junk E-Mail Allows a Flood Instead" (subscription required). The theme of the article was, as the title suggests, that enacting CAN-SPAM was worse than having no laws at all. The article really missed the point on several fronts. more