The JavaScript Ecosystem

JavaScript started out as a simple extension for the browser but has become so much more. In part, this is true in building on rich concepts going back to Lisp. Along the way, it has challenged the givens of programming and given us a high-performance flexible language along with rich libraries and rich tools. We're just beginning to discover the possibilities. more

More than 85% of Top 500 Most Highly-Trafficked Websites Vulnerable

Over the last 5 years, hacktivists have continued the practice of redirecting well-known domain names to politically motivated websites utilizing tactics such as SQL injection attacks and social engineering schemes to gain access to domain management accounts -- and that, in and of itself, is not surprising. But what IS surprising is the fact that less than 15% of the 500 most highly trafficked domains in the world are utilizing Registry Locking. more

Study Finds Some 4000 Domains Expired After Being Won in Court, Some Disputed Again by Same Company

According to a recent study on trends of disputed domain names, companies could save millions on legal costs by being more proactive about registering the names first. "The results indicate more than $220 million was spent on reclaiming domain names from third parties through the Uniform Domain Name Dispute Resolution Policy (UDRP)," says Corporation Service Company (CSC). "If brand owners had registered these domain names proactively, it would have only cost them $1.1 million (£600K), yielding a cost savings of $219 million." more

Russians Not So Eager to Embrace Cyrillic Domain Names

Clifford J. Levy of the New York Times reports: "[Russian] computer users are worried that Cyrillic domains will give rise to a hermetic Russian Web, a sort of cyberghetto, and that the push for Cyrillic amounts to a plot by the security services to restrict access to the Internet. Russian companies are also resisting Cyrillic Web addresses, complaining about costs and threats to online security." more

Bashbleed - A Nasty Reminder Never to Forget Security 101

After the botched burglary at the Watergate Apartments, every scam and scandal that hit the headlines became a 'gate' -- Irangate, Contragate, you name it. The Heartbleed bug is possibly the closest thing to Watergate that this generation of computer security had seen till the past few days -- an exploit in a component that is "just there" -- something you utterly rely on to be there and perform its duties, and give very little thought to how secure (or rather, insecure) it might be. So, fittingly, every such catastrophic bug in an ubiquitous component is now a 'bleed'. more

Russian-Speaking MoneyTaker Group Suspected of Stealing $10M From Companies in Russia, UK and US

According to report today, Russian-speaking hackers called MoneyTaker, are suspected of stealing nearly $10m by removing overdraft limits on debit cards and taking money from cash machines. more

Two More Crypto Holes

If you work in computer security, your Twitter feed and/or Inbox has just exploded with stories about not just one but two new holes in cryptographic protcols. One affects WiFi; the other affects RSA key pair generation by certain chips. How serious are these? I'm not going to go through the technical details. For KRACK, Matthew Green did an excellent blog post; for the other, full details are not yet available. There are also good articles on each of them. What's more interesting are the implications. more

Are We Attending the Right ICANN Meeting?

I have no idea who wrote that wonderful piece, Time for Reformation of the Internet, posted by Susan Crawford. (It wasn't me - I never use the word "netizen".) Elliot Noss of Tucows wrote a partial rebuttal, I must be attending the wrong ICANN meetings. Elliot's company, Tucows, has been a leader in registrar innovation and competition. And Tucows has constantly been among the most imaginative, progressive, responsible, and socially engaged companies engaged in these debates. ...But the points made by Time for Reformation of the Internet go far beyond registries and registrars. more

Does ICANN’s New Proposed Budget Harm Competition?

Despite the stated commitment to meeting their obligations to the government, ICANN's proposed budget may potentially breach the MoU. Specifically, the MoU commits ICANN to "perform as an organization founded on the principles of competition..." However, an alliance of at least 50 Registrars claims that the new Registrar fee structure contained in the proposed budget would significantly harm competition.  more

To Flat or To Cap?

I don't think it's a surprise to anyone, but it's the Christmas season again and doubtless a large number of television sets will be sold as part of the annual retail festivities. But these days the devices for sale in the shops are not just televisions: today's television is perhaps better described as a media computer with a very large display. Sure, the device can tune in to radio transmissions and display them... but the device also is equipped with either a WiFi or an Ethernet jack, or both. This alone sounds like a relatively innocuous addition to the television, but it's providing to be a highly disruptive change in the traditional Internet market space. more

The End of the (IPv4) World is Nigher!

Funny how some topics seem sit on a quiet back burner for years, and then all of a sudden become matters of relatively intense attention. Over the past few weeks we've seen a number of pronouncements on the imminent exhaustion of the IP version 4 address pools. Not only have some of the Regional Internet Registries (RIRs) and some national registry bodies made public statements on the topic, we've now seen ICANN also make its pronouncement on this topic... Why the sudden uptake of interest in this topic? I suspect that a small part of this may be my fault! more

On Comcast and Net Neutrality: Shouting Fire in a Theater

The Comcast traffic shaping case has stirred up passionate debate. Net neutrality proponents are calling for Comcast's head on a platter. The common argument is that Comcast's policy may stifle innovation and competition. If a service provider is allowed to exercise unregulated discretion in how it treats subscriber traffic, it is a slippery slope toward anti-competitive practices. Net neutrality says keep your hands off. Some are preaching net neutrality as if it were an inalienable human right like freedom of speech... more

ICANN: WHOIS Back to Rathole #0

ICANN's GNSO council had WHOIS on its agenda for today. The options on the table: (1) Accepting the outcome of years of policy development processes; (2) rejecting that outcome (again?), but calling for some kind of fact-gathering to feed into future policy work, in order to keep the space occupied; (3) acknowledging that there is broad dissent in the Internet community, and calling for a sunset on the WHOIS clauses in current agreements, as these clauses are not backed by community consensus any more. Not very surprisingly, motions (1) and (3) failed; (2) was accepted; all that after lengthy discussion, with lots of procedural bells and whistles. more

Search Engines and Registrars Getting Creative with Whois Database?

One of the best sources of information about sites on the web is the Whois database. A trio of patent applications from Go Daddy, published last week at the US Patent and Trademark Office, explores whether adding additional information to the Whois database might help reduce spam, phishing, and other fraudulent practices and improve search engine results. The patent filings from Go Daddy would add reputation information to the published Whois data to let others use it for a number of reasons, including enabling search engines incorporate it into their ranking mechanisms. ...The patent application from Google focuses upon fighting web spam using a wide range of data, including that associated with domain names. ...We can't really be certain that Google is presently using this information, but there are some indications that they may be... more

New gTLD Fees Threaten the Diversity of the Name Space

The great promise of the new gTLD programme is not that it will spawn dozens of .COM clones, but rather that it will lead to the creation of a global constellation of unique names embraced by specific interest groups. As an ICANN community, our challenge now is to ensure that the policy framework we've created to manage new gTLDs advances that vision by not penalising the very sorts of domains that the programme was designed to encourage. more