Broadband Routers and Botnets: Being Proactive

In this post I'd like to discuss the threat widely circulated insecure broadband routers pose today. We have touched on it before. Today, yet another public report of a vulnerable DSL modem type was posted to bugtraq, this time about a potential WIRELESS flaw with broadband routers being insecure at Deutsche Telekom. I haven't verified this one myself but it refers to "Deutsche Telekom Speedport w700v broadband router"... more

DNS Inventor Impressed With Innovative Effort Behind .LUXE TLD to Integrate DNS With Blockchain

The company running the new .LUXE top-level domain (TLD) recently issued an update on its progress with the innovative effort to tie the TLD with blockchain. more

Our Vision for Advancing and Growing the Domain Industry

ICANN 54 is upon us, and to commemorate it, we've got www.dublin.pub loaded up with friendly places to network, take advantage of the city's comedy and music scene, and possibly even enjoy a pint. With so many issues to discuss and address this week, a .PUB address wouldn't be the appropriate destination for the entire conference, but for a microsite discussing the cultural and social opportunities that Dublin has to offer, we happen to think it's perfect, especially in the place that gave the world the Irish pub. more

Permanent Denial-of-Service Attacks on the Rise, Incidents Involve Hardware-Damaging Assaults

Also known loosely as "phlashing" in some circles, Permanent Denial-of-Service (PDoS) is an increasing popular form of cyberattack that damages a system so badly that it requires replacement or reinstallation of hardware. more

IETF Looking at Technical Changes to Raise the Bar for Monitoring

During a speech last week at the Internet Governance Forum in Bali, Jari Arkko, IETF's chair, re-emphasized it's efforts to ramp up online security in light of recent revelations of mass internet surveillance. "Perhaps the notion that internet is by default insecure needs to change," Arkko said. Significant technical fixes "just might be possible." more

Another Try at Proof-of-Work e-Postage Email

Another paper from the Fifth Workshop on the Economics of Information Security, (WEIS 2006) is Proof of Work can Work by Debin Liu and L, Jean Camp of Indiana University. Proof of work (p-o-w) systems are a variation on e-postage that uses computation rather than money. A mail sender solves a lengthy computational problem and presents the result with the message. The problem takes long enough that the sender can only do a modest number per time period, and so cannot send a lot of messages, thereby preventing spamming. But on a net full of zombies, proof of work doesn't work. more

New TLD Public Comments: Jumping-to-Conclusions?

Having been involved in the whole TLD issue since its inception, back in the ancient history of the mid-1990's, one would think that nothing would surprise me anymore. As it turns out, however, watching the comments on ICANN's public comment list with respect to the new sTLD proposals, I find that I'm taken-back by some of the kinds of comments I'm seeing. more

Internet Society Releases Paper on “What Really Matters About the Internet”

Internet Society has released a paper today highlighting the importance of understanding what is important and unchanging about the Internet. more

Chinese Alternate Root as a New Beginning and Real Internet Governance

I suppose not many have been listening to Paul Vixie or surfing from China, I have done both. The Chinese "alternate root" has been going on for a while. China is creating an alternate root, which it can control while using the Chinese language. I doubt I need to tell any of you about ICANN, VeriSign, Internet Governance, alternate roots or the history of these issues. Everyone else will. Unlike most of my colleagues, I hold a different opinion on the subject and have for some time. China launches an alternate root? It's about time they do, too! more

A Closer Look at Why Russia Wants an Independent Internet

Actually practical and not necessarily a problem. The Security Council of the Russian Federation, headed by Vladimir Putin, has ordered the "government to develop an independent internet infrastructure for BRICS nations, which would continue to work in the event of global internet malfunctions." RT believes "this system would be used by countries of the BRICS bloc - Brazil, Russia, India, China and South Africa." Expect dramatic claims about Russia's plan for an alternate root for the BRICs and not under Western control. more

Site Finder: The Technical, Legal & Privacy Concerns

It is openly admitted , in the same Implementation PDF file, that all accesses to the Site Finder service are monitored and archived. A further worry for users is the privacy policy and terms of service posted on the Site Finder service. Not only does the simple act of mistyping a URL implicitly cause you, the end user, to accept VeriSign's Terms of Service and Privacy Policy without the chance to review and accept or decline either, but critical information as described above is not disclosed in either policy (as of this writing). The Privacy Policy clearly states... more

Universal Acceptance of New Top-Level Domains Reloaded

One challenge for all new top-level domains (TLDs) is the so-called Universal Acceptance. Universal Acceptance is a phenomenon as old as TLDs exist and may strike at many occasions... The effect when universal acceptance hits you is that you cannot send or receive email, get error messages or even worse when it looks like everything works but it does not and you do not even get a notification. more

DotConnectAfrica Trust Response to John Jeffrey’s ICANN Legal Blog Posting

The attention of DotConnectAfrica Trust (DCA Trust) has been drawn to a recent blog posting by John Jeffrey, the ICANN General Counsel and Company Secretary, who wrote to clarify what he termed as "misinformation and erroneous reporting that have framed parts of the discussion" regarding the recent DCA vs. ICANN IRP Final Declaration. As we can't see a way of making comments on his blog, DCA Trust as a directly affected party, will respond to the issues Mr. Jeffrey has advanced... more

Closer Look at Domain Name Transfer Policy and the Hijacking of Panix.com

Given the recent panix.com hijacking, I will give an outline of the current ICANN transfers process for gtlds. In the case of panix.com, evidence so far indicates that a third party that holds an account with a reseller of Melbourne IT, fraudulently initiated the transfer. The third party appears to have used stolen credit cards to establish this account and pay for the transfer. That reseller is analyzing its logs and cooperating with law enforcement. more

Canada Emerging at the Forefront of LTE

Canada has made impressive progress in mobile broadband deployment in recent months. This is partly due to operators needing to arrest falls in revenue from mobile voice services by buttressing their data capabilities, as also by the stimulus to the market introduced through the auction of Advanced Wireless Services spectrum in 2008. This auction overhauled the wireless market, introducing a number of smaller players which have added to the competitive mix as well as furthered the development of LTE. more