Typosquatted Domain Names Pose Plenty of Risk But Surprisingly Little Malware

A recent study took an in-depth look at the scale and the risk of domain name typosquatting -- the practice of registering mis-spellings of popular domain names in an attempt to profit from typing mistakes. "Applying every possible one-character typo to the domain names of Facebook, Google, Twitter, Microsoft, Apple and Sophos," Paul Ducklin, Sophos' Asia Pacific head of technology collected HTTP data and browser screenshots from 1502 web sites and 14,495 URLs. In this report, Ducklin analyses the data revealing unexpected results within the typosquatting ecosystem. more

Thailand’s Blacklist of Newly Banned Websites Leaked

Whistleblower website WikiLeaks has released the list of newly blacklisted websites by Thailand's Ministry of Information and Communication Technology (MICT). The list was leaked by advisory board member CJ Hinke, director of Freedom Against Censorship Thailand, according the WikiLeaks website. From WikiLeaks' announcement: "The 1,203 blocked websites are located in Australia, Brazil, Canada, Czech Republic, France, Germany, Hong Kong, Hungary, India, Ireland, Israel, Italy, Japan, Mexico, The Netherlands, New Zealand, Poland, Russia, South Korea, Spain, Sweden and Vietnam..." more

Actions Required by Developing Economies Against Spam

My OECD paper on spam problems in developing economies is now linked from the OECD Anti-Spam Toolkit page, as part of section 8 of the Anti-Spam Toolkit (Outreach). This ZDNet article provides a reasonably good summary of my paper as well. I welcome comments and suggestions from CircleID readers. "Spam is a much more serious issue in developing countries as it is a heavy drain on resources that are scarcer and costlier in developing countries than elsewhere..." more

Cloud Is the New Mainframe

Cloud computing, from a business and management perspective, has a great deal in common with mainframe computing. Mainframes are powerful, expensive and centralized pieces of computing equipment. This is in line with their role as infrastructure for mission-critical applications. For these types of applications, mainframes can be fairly efficient, even though they tend to need large teams of support specialists... Cloud computing is a new style of computing... more

The Single-Letter Domain Trademark Game

Patent practitioners are familiar with the long-honored practice of engaging in standards-setting activities with the aim of having the standard ultimately require the use of one's proprietary technology. This practice is no longer limited to patents, but has become the game the whole family can play. While most standards-setting organizations have caught on, and have implemented IP disclosure policies, ICANN has not done so... As some are aware, the question of making single-character domain names available has been a perennial topic of discussion within ICANN, championed by a few who have quietly been engaged in some interesting advocacy within the USPTO along a parallel track. more

IETF Reaches Broad Consensus to Upgrade Internet Security Protocols Amid Pervasive Surveillance

Internet security has been a primary focus this week for more than 1100 engineers and technologists from around the world gathered at the 88th meeting of the Internet Engineering Task Force (IETF). Participants are rethinking approaches to security across a wide range of technical areas. more

Gmail Now Supports Internationalized Domain Names

If your first language isn't English and you don't use the Latin character set you can and will run into barriers. While Internationalized Domain Names (IDNs) i.e. domain names where either the left of the dot, the right of the dot or the entire string is in characters other than Latin ones, do exist and have existed for a number of years not all services work well with them. more

Why I Want a .PAYPAL New gTLD

I use Paypal, and I am quite satisfied with how it helps me with my business: it is still a little hard to use, and I don't use all functions of the tool, but it is not so expensive, it is fast and efficient, and Paypal does not send so many emails. In one word, Paypal rocks... The only problem that I have with Paypal is the number of fake emails that I receive. Of course, I easily identify them as they come in and luckily, G Suite (Gmail) does an excellent job at blocking all spam and phishing. more

2014 Domain Name Year in Review

It's hard to believe that another year has come and gone and that I'm now publishing my 5th Annual Domain Name Year in Review. It's sort of fun to look back 5 years ago to see how much things have changed, especially as focus has shifted to issues related to the launch and use of new gTLDs. Of course, much has stayed the same too. Concerns related to domain name security and domain portfolio management are still important. more

How Does the Acceptance of All Domain Names in Open-Source Software Look in 2021?

A recent study carried out by Governance Primer on behalf of the Universal Acceptance Steering Group (UASG) identified trends in the acceptance of all domain names in software hosted at Github, the largest open-source repository globally. This research builds on top of previous efforts aimed at identifying the underlying issues that result in problems when different applications need to handle Internationalized Domain Names (IDNs) and new gTLDs, particularly when it comes to email addresses. more

Moving Beyond Telephone Numbers - The Need for a Secure, Ubiquitous Application-Layer Identifier

Do "smart" parking meters really need phone numbers? Does every "smart meter" installed by electric utilities need a telephone number? Does every new car with a built-in navigation system need a phone number? Does every Amazon Kindle (and similar e-readers) really need its own phone number? In the absence of an alternative identifier, the answer seems to be a resounding "yes" to all of the above. more

NTIA Holding Workshop on IPv6

The National Telecommunications and Information Administration (NTIA) is hosting a workshop today discussing the state of IPv6 in the U.S. and its impact on the industry, government, and the Internet economy. The moderators for the workshop are Aneesh Chopra, Chief Technology Officer of the United States and Vivek Kundra, Chief Information Officer of the United States. Participants include... more

Person to Person Security and Privacy Infringement

IT security strategies invariably focus on maintaining impenetrable fortresses around computers and network systems. Firewalls, virtual private networks and anti-virus programs are the tools IT engineers use to create their digital security. Sophisticated defense systems can be very effective at keeping the obvious attackers at bay, yet they often create a false sense of security because the real attacks, the kind that inflict irreparable damage on a system or network, avoid the obvious routes into the secure fortress. more

Domain Names Are Fading From User View

The internet has changed and evolved ever since it's ancestors first came to life in the late 1960's. Some technology fades away and is forgotten; other aspects continue but are overlaid, like geological sediments, so that they are now longer visible but are still present under the surface. The Domain Name System - both the technology of DNS and the deployed naming hierarchy we all use - are among those aspects of the internet that, although they feel solid and immutable, are slowly changing underneath our feet. more

Why Does A Technical Manager Function As A Regulator?

Unlike ICANN, the National Telecommunications and Information Administration (NTIA) responded graciously, promptly and substantively to inquiries from the Center for Regulatory Effectiveness (CRE) regarding governance of the internet. CRE sent a letter to NTIA in mid-March asking about public access to documents prepared by ICANN under Memorandum of Understanding (MOU) with NTIA. NTIA provided a quick and clear response to CRE's questions. NTIA also reiterated its commitment to achieving transparency and accountability in ICANN's processes. NTIA's response to CRE, although clear and comprehensive, raised a number of important questions about ICANN and their governance of the internet. more