Why Foldering Adds Very Little Security

I keep hearing stories of people using "foldering" for covert communications. Foldering is the process of composing a message for another party, but instead of sending it as an email, you leave it in the Drafts folder. The other party then logs in to the same email account and reads the message; they can then reply via the same technique. Foldering has been used for a long time, most famously by then-CIA director David Petraeus and his biographer/lover Paula Broadwell. Why is foldering used? more

Ready or Not… Here Come the IRC-Controlled SIP/VoIP Attack Bots and Botnets!

A story... ZZZ Telemarketing (not a real name) is locked in a heated fight with their bitter rival, YYY Telemarketing (also not a real name), to win a very large lead generation contract with Customer X. Customer X has decided to run a test pitting the two companies against each other for a week to see who can generate the most leads. The ZZZ CEO has said to his staff that it is "do or die" for the company. If they fail to win the contract, they will have to shut down -- they need to do "whatever it takes" to win over YYY. A ZZZ staffer discovers that part of why YYY has consistently underbid them is because they are using SIP trunks to reduce their PSTN connection costs. But the staffer also discovers that YYY is using very cheap voice service providers who run over the public Internet with no security... more

New TLDs: Can You Say .Never?

ICANN continues at its snail's pace on introduction of new top-level domains. At the Montreal meeting, staff sprung this RFP for new sponsored TLDs. As if "a few" and "sponsored" weren't limitation enough, it further narrowed the applicant pool to those who had applied unsuccessfully as sponsored TLDs in November 2000. more

Mishandling the Registrar Contract Negotiations

By publishing a draft Registrar Accreditation Agreement (RAA) for public comment before it has been agreed on by both parties, has ICANN dealt the bottom-up multi-stakeholder model a blow? ICANN Staff and the registrars have been negotiating a new version of the RAA for the past 18 months following requests by Law Enforcement Agencies (LEA) such as Interpol for greater consumer protection. With both ICANN and registrars working hard, by early this year agreement had been reached on 11.5 of the 12 LEA "asks". A deal looked close. more

ICANN DNS Resolver Symposium – the Session Had Several Interesting Presentations That I Would Like to Comment On

ICANN hosted a Resolver Operator Forum in mid-December, and the session had several interesting presentations that I would like to comment on here... The first presentation in this forum was from Paul Mockapetris. He pointed to the original academic published paper, Development of the Domain Name System, by Paul Mockapetris and Kevin Dunlap, published in the proceedings of ACM SIGCOMM’88. The paper noted that by 1983 it was obvious that the shared HOSTS.TXT file was not a scalable solution... more

Spamhaus Appeal: They Win on Substance

The Seventh Circuit has issued its opinion in the continuing saga of E360 Insight vs. the Spamhaus Project. While it is not a complete victory for Spamhaus, they did about as well as anyone could have hoped for under the circumstances. E360 won on the procedural issue, while Spamhaus won on the substance. The procedural issue was whether the default judgement against Spamhaus was properly granted last September. The court session was so odd that the appeals decision quotes several pages of the transcript. more

Banning 5G Equipment is a Foolish Strategy

It has become popular today around Washington and the venues of its coerced allies to issue threats to ban telecommunications equipment from certain countries - especially equipment intended for 5G use. The guise is vague assertions of "national security." It is an old tactic dating back to the turn of the last century and recurrent for decades. A combination of treaty instruments and collaborative industry standards activity several decades ago largely put an end to the banning tactic - significantly benefitting the entire world. more

Project dotVinum for .WINE Domain Names

This article is a feedback on the sensitive .WINE dotVinum project which aims to create an extension for the wine community on Internet. Questions to Be Answered: Protection of rights at an international level: how to protect trademarks? Funding: who has the financial capacity to invest in such a project?... more

WIPO Cybersquatting Report Ignores Real UDRP Trends

The World Intellectual Property Organization (WIPO) asserted on Monday that new gTLDs from ICANN would unleash a global crime wave. This dire warning was bolstered by an astonishing statistic: a whopping eight per cent (8%) increase in UDRP complaints from 2007 to 2008! But WIPO's press release tells only a very little of the truth. Astonishingly, the UDRP system actually works pretty well... more

French Acquire the .Best New gTLD - Interview with the New Owner

This is an interview with Cyril Fremont, the first French entrepreneur to have acquired a new generic Top-Level Domain (gTLD). We long waited for innovation in the new gTLD industry and reading between the lines of this interview, one will understand that the reason behind this acquisition is "not" to sell domain names - the way registries do it in 2018. If ".Best" domains remain open to all here, this registry is planning to create innovative projects that will be launched in the near future with some possibly big surprises. more

How Fast is Internet Traffic Growing?

It depends on whose numbers you like. Andrew Odlyzko claims it's up 50-60% over last year, a slower rate of growth than we've seen in recent years. Odlyzko's method is flawed, however, as he only looks at public data, and there is good reason to believed that more and more traffic is moving off the public Internet and its public exchange points to private peering centers. Nemertes collects at least some data on private exchanges and claims a growth rate somewhere between 50-100%. more

Pentagon Gave Control of 175M Dormant IP Addresses to Florida Company Right Before Trump’s Departure

The US Department of Defense gave a small unknown Florida company control to millions of its dormant IP addresses, minutes before President Trump left office. According to reports, the unknown Florida company, Global Resource Systems LLC, initially obtained control of 56 million Pentagon-owned IP addresses on January 20 and later increased to near 175 million IP addresses. more

Thoughts on ICANN Turning Down .XXX

Yesterday, ICANN took a decision to not approve the .xxx in the top-level domain zone. The application was proposed by the ICM Registry. ...My explanation for my vote is as follows: "I think there should be more new TLDs. Many more. I believe my vote was not on the controversial issue about content (and ICANN should not deal with content), but on the simple issue if the agreement is good to be accepted. I also wrote on April 22nd in my blog that ICM at least are trying to prevent harmful content reaching our children. I prefer that, than just saying, ".xxx is bad, abolish it". OK, we did that. Now what?" more

Universal Acceptance – Making the Internet Work for Everyone

Back in 2014, to foster innovation and to better the choice in domain names, ICANN introduced new generic top-level domains through its New gTLD Program. It was a monumental move that enabled businesses, individuals, and communities across the globe to mark their presence on the Internet. Allowing users to be present digitally in their chosen language (non-ASCII characters and scripts) gave opportunities to local businesses, civil societies, and governments to better serve their communities. more

Why Comcast will Vehemently Fight a DOJ Investigation

If your company becomes a huge dominate market player in both broadband and content delivery, scrutiny will come your way, like it or not. Comcast (NASDAQ: CMCSA) has been so successful in building both a content and delivery system to such a mass audience; it's beginning to look like former monopolies which grew unwanted investigations and break-ups in the 1980's. Remember AT&T and the DOJ anti-trust decision to split the monopoly into smaller regional companies? more