Scarcity of IPv4 Addresses

My friend Kurtis writes in his blog some points he has been thinking of while discussing "when we run out of IPv4 addresses". In reality, as he points out so well, we will not run out. It will be harder to get addresses. It is also the case that unfortunately people that push for IPv6 claim IPv6 will solve all different kinds of problem. Possibly also the starvation problems in the world... more

Canada: Smart Regulation, Not De-regulation

Canada's CRTC isn't as dumb as U.S. regulators who are considering ruling that the law doesn't apply where the telcos oppose it. (Title II deregulation) Canada just decided wireless needs to follow the rules. In turn, the CRTC intends to make sure the rules are reasonable. Rather than saying "never any rules," they instead try to write sensible ones. more

IPv6 Security Myth #3: No IPv6 NAT Means Less Security

We're back again with part 3 in this 10 part series that seeks to bust 10 of the most common IPv6 security myths. Today's myth is a doozy. This is the only myth on our list that I have seen folks raise their voices over. For whatever reason, Network Address Translation (NAT) seems to be a polarizing force in the networking world. It also plays a role in differentiating IPv4 from IPv6. more

IPv6 Security Myth #1: I’m Not Running IPv6 so I Don’t Have to Worry

Now that IPv6 is being actively deployed around the world, security is more and more a growing concern. Unfortunately, there are still a large number of myths that plague the IPv6 security world. These are things that people state as fact but simply aren't true. While traveling the world, talking to the people who've already deployed IPv6, I've identified what I believe are the ten most common IPv6 security myths. more

Identity Theft of Root Name Servers, Reason Unknown

There have been a number of attacks on the root name servers over the years, and much written on the topic. (A few references are here, here and here.) Even if you don't know exactly what these servers do, you can't help but figure they're important when the US government says it is prepared to launch a military counterattack in response to cyber-attacks on them. more

Study Suggests Introduction of New gTLDs Will Cost Less than $.10 for Each Trademark Worldwide

Minds + Machines reports: "A quantitative analysis of UDRP data for all open generic Top-Level Domains (gTLDs) concludes that the introduction of new gTLDs will result in approximately 316 new cases of cybersquatting, and that the resultant cost to trademark holders, overall, will be $870,000 per year -- less than less than $.10 for each trademark registered worldwide, or about $.44 per trademark registered in the United States. The data show that cybersquatting correlates to registration volume across all open gTLDs, not to the number of gTLDs, but is more prevalent in .com." more

2009 Domain Name Year in Review

To say that it's been quite a year in the world of domain names would be an understatement. From compromised country code Top-Level Domains (ccTLD) registries, to the delay of new generic Top-Level Domains (gTLDs), some of the events of the past year have been surprising, while others could easily have been predicted. Regardless of whether you could have seen these coming, please find below my list of 2009's most important domain name events...at least, as I see them. more

The Internet of Things: When Sci-Fi Becomes Reality

In my last blog post I shared some of the general security challenges that come with the Internet of Things (IoT). In this post, I will focus on one particular security risk: distributed denial of service (DDoS) attacks. Even before the age of IoT, DDoS attacks have been turning multitudes of computers into botnets, attacking a single target and causing denial of services for the target's users. By "multitudes" we can be talking about thousands or even millions of victim devices. Now add IoT into the equation... more

ICANN Cannot Expect the DPAs to Re-Design WHOIS, but Asking for a Reprieve Makes Sense

We are on the brink of the most serious threat to the open and public Internet for decades. ICANN, under pressure from domain name registrars and EU data protection authorities, has proposed an "interim" plan that will hide critical information in WHOIS. Security, threat intelligence, and anti-abuse professionals rely on WHOIS to track down bad guys and keep the Internet as safe and secure as possible. more

IPv6 Deployment: A Very Complex Time Bomb with an Uncertain Trigger Date

I did a 2 hour interview on October 23rd with John Curran, Board Chair of ARIN the North American Regional Internet Routing Registry for the last decade. I now understand what is at stake with IPv6. Outside of a key core group of network engineers I think darn few people do understand. And not all of them agree on how the scenario plays out though virtually all say the situation is very serious. John believes that it is huge. It is as big as Y2K except no one knows a precise date by which everything has to be done... more

Another Good Decision on Internet “Gripe Sites”

I want to call your attention to another court decision that upholds the right of a consumer to create a non-commercial web site criticizing a company, using the company's name as the domain name. Lucas Nursery and Landscaping v. Grosse, 2004 WL 403213 (6th Circuit March 5, 2004). This case involves Lucas Nursery, a landscaping company in the suburbs of Detroit, Michigan, which apparently botched work done for Michelle Gross - or at least that was her opinion. But, when she established a web site to tell her story, Lucas sued her under the Anticybersquatting Consumer Protection Act ("ACPA")... more

An Outlook On The Domain Name Secondary Market

The secondary domain market has gone from one extreme to another. First, huge sums were paid for some domains, raising the expectations of domain sellers. Now, however, in many cases the corporate sector expects to pick up a domain for next to nothing in comparison with the domain's immediate sales and long-term investment potential. In my opinion, both situations are unrealistic. more

Sitefinder Writ Small

You all remember Sitefinder don't you? According to The Register, CentralNic , owner of a number of popular domains including uk.com and us.com, has added wildcard A records to .uk.com. Cue the usual round of sniping about Internet stability (with which, as you will see, I agree). The question is, given the difference in scale (.com and .net are huge; .uk.com is quite small) will anyone notice? And does it matter? Certainly CentralNic seems to think the small scale of their domains excuses or at least mitigates the Internet stability side effects of their ploy. more

Pew Internet Reports Latest Online Video Stats

According to a report released today, 69% of adult internet users, or roughly half of all U.S. adults (52%), have used the internet to watch or download video, with 18-29 year-olds leading the way. "We are seeing a surge in online video watching that is driven by a combination of broadband access, the increasing use of social networking sites, and the popularity of video-sharing sites," explains Kristen Purcell, Associate Director for Research at the Pew Research Center's Internet & American Life Project and author of the report. "To tap into these trends, untold numbers of websites now showcase online video as part of their content." more

Contributory Cybersquatting and the Impending Demise of Domain Name Proxy Services?

This case involves an alleged domain name theft. Solid Host is a web host and initial owner of the domain name solidhost.com, which it registered through eNom in 2004. Solid Host claims that in 2008, a security breach at eNom allowed an unknown interloper (Doe) to steal the domain name and move the registration to NameCheap. Doe also acquired NameCheap's "WhoisGuard" service, a domain name proxy service that masked Doe's contact information in the Whois database. Solid Host contacted Doe and sought the domain name; Doe asked for $12,000, and Solid Host took a pass... more