Blockchain Domains and What They Could Mean for Online Scams and Brand Protection

Blockchain domain names, domains that are stored on blockchain or cryptocurrency exchanges, are part of a growing, unregulated, and decentralized internet. Right now, blockchain domains are used mostly by cryptocurrency users, but they are growing in popularity - the Ethereum name service reported over 2.2 million .eth domain name registrations in 2022. At the same time, crypto scams are also exploding, reaching a total of $3.5 billion in losses in 2022. more

IPv4 Address Exhaustion and a Trading Market

There are discussions starting within the Regional Internet Registries (RIRs) about the creation of trading market in IPv4 addresses as we approach the inevitable exhaustion of unallocated addresses. The view being put forward is basically "this is likely to happen anyway and by discussing it now, we can ensure it happens in an orderly way". When I first heard this idea I was a bit surprised. The RIRs are policy based bodies and so a shift to a trading market appears to be an abandonment of that policy base. However I have been partly corrected on that. more

Recent COPA Ruling Shedding Light on Usefulness of XXX as Voluntary Self Regulatory Vehicle?

ICM Registry applauds the decision yesterday of Judge Lowell Reed of the United States District Court for the Eastern District of Pennsylvania in ACLU v. Gonzales to permanently enjoin enforcement of the Child Online Protection Act ("COPA"). Praising Judge Reed's meticulously documented opinion, ICM Registry President Stuart Lawley said, "This continues the unbroken chain of court decisions in the U.S. upholding free expression on the Internet, and it underscores the superiority of voluntary measures that empower users to select content compared with government regulations." Lawley concluded, "Now, more than ever, it underscores the need for ICANN to approve the proposal for a voluntary .xxx domain as another alternative to government regulation." more

What is ‘Pharming’ and Should You Be Worried?

The sky is falling! The sky is falling! ...or is it? What is this thing called "pharming"? Put simply, it's redirection of web traffic, so that the server you think you're talking to actually belongs to a criminal. For example: you think you're talking to www.examplebank.com because it says so in the browser's address bar, but actually you're connected to www.mafia-R-us.ru. This can happen in three main ways: 1. DNS Hijack: a social engineering attack on the Internet infrastructure... more

I Never Signed Up for This! Privacy Implications of Email Tracking

What happens when you open an email and allow it to display embedded images and pixels? You may expect the sender to learn that you've read the email, and which device you used to read it. But in a new paper we find that privacy risks of email tracking extend far beyond senders knowing when emails are viewed. Opening an email can trigger requests to tens of third parties, and many of these requests contain your email address. more

The Dark Internet

I consult on communication issues for Neustar, an Internet infrastructure company. As most CircleIDers know, Neustar works behind the scenes to ensure the smooth operation of many critical systems like DNS, .us and .biz, local number portability and digital rights management. One of the cool things about working for them is the chance to attend the events they sponsor. Last week Neustar held a security briefing for senior federal IT personnel focused on Cybersecurity and Domain Name System Security Extensions (DNSSEC)... more

Breaking the Internet HOWTO: The Unintended Consequences of Governmental Actions

"Breaking the Internet" is really hard to do. The network of networks is decentralized, resilient and has no Single Point Of Failure. That was the paradigm of the first few decades of Internet history, and most people involved in Internet Governance still carry that model around in their heads. Unfortunately, that is changing and changing rapidly due to misguided government intervention. more

Slippery Territory: IOC and Red Cross in the New gTLD Program

We know from life: There is no rule without exception. The problem is, exceptions create space for interpretations and have the risk to undermine the rule. Take Article 19 of the International Covenant on Political and Civil Rights from 1966. Article 19, paragraphs 1 and 2 define the individual right to freedom of expression. Paragraph 3 adds some exceptions where this right can be restricted to protect, inter alia, national security and public order. This is an understandable justification for a restriction, but it opens the door for misuse... more

African Peering and Interconnection Forum (AfPIF) Streaming Live This Week From Dakar, Senegal

The 5th African Peering and Interconnection Forum (AfPIF) gets underway today, August 26, 2014, in Dakar, Senegal, with a packed agenda full of sessions focused on the future of peering and interconnection in Africa. There are sessions targeted at Internet Service Providers (ISPs), Internet Exchange Points (IXPs), infrastructure providers, content creators and policy makers and regulators. The event goes through Thursday, August 28, 2014. more

Is IPv6 a Boon to Criminals and Foe to the FBI?

Declan McCullagh recently opined that the "FBI [and the] DEA warn [that] IPv6 could shield criminals from police." His post was picked-up relatively widely in the past few days, with the headlines adding more hyperbole along the way. So just how real is this threat? Let's take a look. more

A Look Back at the World of IP Addressing in 2018: What Changed and What to Expect

Time for another annual roundup from the world of IP addresses. Let's see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself. Back in around 1992 the IETF gazed into the crystal ball and tried to understand how the internet was going to evolve and what demands that would place on the addressing system as part of the "IP Next Generation" study. more

Something’s Cooking at IETF with Email Authentication

A few months ago, Ted Hardie (AD of Applications for the IETF) informed the MARID WG in the closure announcement as follows: "Given the importance of the world-wide email and DNS systems, it is critical that IETF-sponsored experimental proposals likely to see broad deployment contain no mechanisms that would have deleterious effects on the overall system. The Area Directors intend, therefore, to request that the experimental proposals be reviewed by a focused technology directorate..." more

Phishing Attacks Targeting Executives Now Top Cybersecurity Insurance Claims, Says AIG

A new report published by the insurance giant, AIG, claims phishing attacks via email, often targeted at senior executives, has overtaken ransomware. more

Data on Cuba’s SNET and a Few Suggestions for ETECSA

I've written several posts on Cuba's user-deployed street networks (SNET), the largest of which is SNET in Havana. (SNET was originally built by the gaming community, but the range of services has grown substantially). My posts and journalist's accounts like this one describe SNET, but a new paper presents SNET measurement data as well as descriptive material. more

What’s in a Name?

What's the difference between .local and .here? Or between .onion and .apple? All four of these labels are capable of being represented in the Internet's Domain Name System as a generic Top Level Domains (gTLDs), but only two of these are in fact delegated names. The other two, .local and .onion not only don't exist in the delegated name space, but by virtue of a registration in the IANA's Special Use Domain Name registry, these names cannot exist in the conventional delegated domain name space. more