Ethiopia Shows That Congress Is Right to Be Worried About UN Control of the Internet

Today a key committee in the US Congress approved a resolution opposing United Nations "control over the Internet." While some in the Internet community have dismissed the bipartisan effort as mere political grandstanding, recent actions by some UN Member States show that lawmakers have good reason to be worried. Last month, UN voting member Ethiopia made it a crime -- punishable by 15 years in prison - to make calls over the Internet.  more

Why Mexico Lost Fight Over Mexico.com Domain Name

In a recent decision, a World Intellectual Property Organization (WIPO) domain name arbitration panel dismissed a complaint filed by the Mexican Tourist Board (MTB) against Latin America Telecom (LAT) concerning the domain name "mexico.com." The panel went so far as to find that the complaint was brought in "bad faith" and made a finding of attempted "Reverse Domain Name Hijacking" against the MTB. ...In its complaint, the MTB argued that LAT had registered the domain name in "bad faith" in order to sell it for a profit at a later date. more

Are the Broadband Stats We Are Seeing Somehow Overinflated? What Did the Pandemic Hide?

The growth of broadband customers has looked spectacular over the past year during the pandemic. It's easy to chalk up higher broadband customers nationwide to the need for households to be connected during the pandemic. But as I look back on what's happened during the last year, I can't help but wonder if the broadband stats we are seeing are somehow overinflated. more

Clueless About Cloud Computing

The European Union's cloud computing strategy couldn't come at a better time as the region lags behind the rest of the world when it comes to cloud computing usage. The EU announced its cloud computing strategy last month and is optimistic it will create new jobs and help boost a struggling economy. An information campaign is necessary if the EU is to overturn the misunderstanding and general lack of knowledge about the cloud. more

VeriSign’s New Security Seal Too Trusting?

On November 4, 2003, VeriSign announced a new "trust enhancing" seal which they built using Macromedia's Flash technology...While there are problems inherent to VeriSign's approach that call into question their understanding of "The Value of Trust," there are ways they could have made this particular implementation less trivially spoofable. The flaws I demonstrate on this page are flaws in the concept and the execution rather than anything inherently flawed in Flash. Overall this kind of graphical "trustmark" is extremely easy to forge just by recreating the artwork. But in this case, you don't even have to do that. The seal can still be called directly off the VeriSign servers, yet it is easily modified, without recreating artwork, and without doing anything untoward with VeriSign's servers! more

IETF Reaches Broad Consensus to Upgrade Internet Security Protocols Amid Pervasive Surveillance

Internet security has been a primary focus this week for more than 1100 engineers and technologists from around the world gathered at the 88th meeting of the Internet Engineering Task Force (IETF). Participants are rethinking approaches to security across a wide range of technical areas. more

91.3% of Malware Use DNS as a Key Capability

Nearly 92 percent of malware use DNS to gain command and control, exfiltrate data or redirect traffic, according to Cisco's 2016 Annual Security Report. It warns that DNS is often a security "blind spot" as security teams and DNS experts typically work in different IT groups within a company and don't interact frequently. more

How Rampant is Cyber & Typo Squatting? Just Ask WIPO After Reviewing Wipo.com!

How prevalent is cybersquatting and typosquatting? Take a look at www.wipo.com, and then compare it with the World Intellectual Property Organization's web site www.wipo.org. Ironically, the WIPO Arbitration and Mediation Center handles a majority of the UDRP domain dispute arbitrations internationally. The very organization which is invested with the authority by ICANN to resolve cybersquatting and typosquatting disputes internationally under the UDRP is, by all appearances, being squatted. Here are two apparent typosquatters... more

ICANN DNS Resolver Symposium – the Session Had Several Interesting Presentations That I Would Like to Comment On

ICANN hosted a Resolver Operator Forum in mid-December, and the session had several interesting presentations that I would like to comment on here... The first presentation in this forum was from Paul Mockapetris. He pointed to the original academic published paper, Development of the Domain Name System, by Paul Mockapetris and Kevin Dunlap, published in the proceedings of ACM SIGCOMM’88. The paper noted that by 1983 it was obvious that the shared HOSTS.TXT file was not a scalable solution... more

Registrant Freedom Day

After almost four years, ICANN has announced that they have adopted a new domain name transfer policy that make it much easier for domain name registrants to do business with the ICANN accredited Registrar of their choosing. Highlights from this new policy include; streamlined definition of responsibilities as it relates to the management of the domain name. Under the new policy, only the Administrative Contact or Registrant can authorize a domain name transfer to a new service provider... more

Results of ICANN’s Special Meeting

As a follow up to ICANN's Special Meeting of the Board on February 18, 2004, previously reported here on CircleID, the following resolution was reached on the WLS Negotiations with VeriSign: "During this Board Meeting, the Board authorized the public posting of the 26 January 2004 letter setting forth the results of the negotiations and asked that this matter be placed on the Board's agenda for the publicly-held Board Meeting for 6 March 2004 in Rome, Italy." more

GAC Communiqués and Community Activity on DNS Abuse

This blog post and the associated report aim to provide an overview of DNS Abuse 1related issues the Governmental Advisory Committee (GAC), part of the ICANN multi-stakeholder model, has identified. We also summarize the relevant community activity taking place to address these areas of interest and highlight remaining gaps. From 2016 to June 2023, the GAC referenced four primary categories of activity related to DNS Abuse. more

Yahoo Addresses a Security Problem by Breaking Every Mailing List in the World

DMARC is what one might call an emerging e-mail security scheme. It's emerging pretty fast, since many of the largest mail systems in the world have already implemented it, including Gmail, Hotmail/MSN/Outlook, Comcast, and Yahoo. DMARC lets a domain owner make assertions about mail that has their domain in the address on the 'From:' line. It lets the owner assert that mail will have a DKIM signature with the same domain, or an envelope return (bounce) address in the same domain that will pass SPF validation. more

Sources Confirm Google Streaming Over 1.2 Billion Videos Per Day

Source from Google have recently confirmed total number of YouTube video streams are above 1.2 billion per day worldwide according to Michael Arrington at TechCrunch. Previously reported numbers by comScore and other third party services appear to have been fairly under-estimated.  more

Here’s Looking at You…

Much has been said in recent weeks about various forms of cyber spying. The United States has accused the Chinese of cyber espionage and stealing industrial secrets. A former contractor to the United States' NSA, Edward Snowden, has accused various US intelligence agencies of systematic examination of activity on various popular social network services... These days cloud services may be all the vogue, but there is also an emerging understanding that once your data heads into one of these clouds, then it's no longer necessarily entirely your data; it may have become somebody else's data too... more