Namecoin Decentralized DNS Research

The holidays open up a block of time to catch up on "I meant to read that" bookmarks, RSS feeds, and all the favorited and forgotten tweets. I made it through 50 before a NormanShark blog post kicked off a research project. The analysts found a malware sample which was using .bit domains in their communications infrastructure, but .bit ... what is that? .bit is a TLD operating outside of ICANN. Some would say they are TLD squatting, but I leave that opinion up to the reader. more

July 2010: The End of the Beginning for DNSSEC

July 15, 2010 (yesterday) marked the end of the beginning for DNSSEC, as the DNS root was cryptographically signed. For nearly two decades, security researchers, academics and Internet leaders have worked to develop and deploy Domain Name System Security Extensions (DNSSEC). DNSSEC was developed to improve the overall security of the DNS, a need which was dramatized by the discovery of the Kaminsky bug a few years ago. more

Bell Canada Discloses Loss of 1.9 Million Email Addresses to Hacker, Says No Relation to WannaCry

Bell Canada, nation’s largest telecommunications company, disclosed late on Monday the illegal access of Bell customer information by an anonymous hacker. more

It Is Payback Time! - Government of Sweden on Internet Governance

Today is a wonderful day for us working with Internet Governance that do believe in an Open Internet and multi stakeholder model for its governance. FTTH Council is having its annual meeting in Stockholm, Sweden, and the IT Minister, Anna-Karin Hatt, made an opening speech that was among the strongest I have heard from any country. Yes, any country. And I do not even know if any organization have said such strong things. more

DNS Privacy at IETF 104

From time to time the IETF seriously grapples with its role with respect to technology relating to users' privacy. Should the IETF publish standard specifications of technologies that facilitate third-party eavesdropping on communications or should it refrain from working on such technologies? Should the IETF take further steps and publish standard specifications of technologies that directly impede various forms of third party eavesdropping on communications? more

Does gTLD Registration Volume Measure Success?

For some time, the measure of success of a TLD was volume of registrations, or strictly speaking, Domains Under Management (DUMs). Who better than .com to validate the truth of that metric? More recently, this same metric has been applied to new gTLDs, especially those who achieve volume quickly, by whatever means necessary. These gTLDs are fawned over, written about, and effectively set up as the standard for other gTLDs to aspire to. But I'd like to challenge that notion. more

You Just Signed a Registry Contract With ICANN. What Are Your Plans?

Back on February 4, 2013, I wrote a CircleID post entitled 'How the registrar Cash Flow Model Could Collapse with New ICANN gTLDs.' My key point back then was this: new gTLD applicants need to be mindful of how the cash flow policies of their registry (and of their back-end service provider) could impact whether their TLD is actively promoted by ICANN registrars... registries have historically assumed near-zero risk. This is going to change. more

Edge Computing, Fog Computing, IoT, and Securing Them All

The oft used term "the Internet of Things" (IoT) has expanded to encapsulate practically any device (or "thing") with some modicum of compute power that in turn can connect to another device that may or may not be connected to the Internet. ... The information security community -- in fact, the InfoSec industry at large -- has struggled and mostly failed to secure the "IoT". This does not bode well for the next evolutionary advancement of networked compute technology. more

The Internet Monopoly

People are increasingly becoming aware of the emerging 'internet monopoly'. Companies such as Google, Facebook, Twitter and many the other (local) social network and media sites are becoming so large and powerful that they can dictate the use of their services in such a way that people lose control over their own information and their participation in these networks. ... These digital media developments certainly did happen, but they are not founded on the 'permission-based' principles that we advocated during all those years. more

Why New TLDs Don’t Change a Thing

I have a heard a lot lately about ICANN unanimously voting in favor or relaxing top level domain rules and had a few people come to me and ask 'how does that affect what you do?' The short answer is, it won't; at least not for a long time and here is why... There might be some huge potential gain if all shoe companies got .shoes and branded it, but someone would have to manage it and each would have to spend money to brand .shoes to consumers. Adidas gets adidas.shoes but spends nothing to brand it and lets Nike pay to brand .shoes and Reebok to brand it as well and leech. So instead of cartel like behavior (which is hard to maintain), we fall back into .com more

The Path to DNS Privacy

The DNS is normally a relatively open protocol that smears its data (which is your data and mine too!) far and wide. Little wonder that the DNS is used in many ways, not just as a mundane name resolution protocol, but as a data channel for surveillance and as a common means of implementing various forms of content access control. But all this is poised to change. more

Bigger, Faster, Better (and Cheaper!)

Let's take a second to look back some 50 years to the world of 1972 and the technology and telecommunications environment at that time. The world of 1972 was one populated by a relatively small collection of massive (and eye-wateringly expensive) mainframe computers that were tended by a set of computer operators working around the clock and directed by specialized programmers, trained in the obscure symbol set used by the job control systems on these computers. more

Lessons from the O2 Network Outage: The Real Cost of Manual Processes

More than 30 million people lost their data connectivity on December 6, 2018, in the United Kingdom as O2's network suffered from a nationwide service outage. Based on several reports, the incident was caused by a human error at Ericsson, the telecoms supplier responsible for operating certain parts of the O2 network. To compensate for the downtime and tarnished reputation, the O2 management is now reportedly seeking damages of up to a hundred million pounds from Ericsson. more

A Postitive Look at DENIC’s .Net Bid

The outcome of the .Net rebid process will involve the security, stability and diversity of management of the Internet's critical infrastructure. As well, the rebid process introduces competitive forces that will flow through to users in the form of cost savings and improved service levels. DENIC has submitted a bid that is consistent with the goals and interests of the Internet community and is the only proponent that has done so. Let us consider the following factors and assess the alignment of the bids with the goals and interests for the Internet community. more

ICANN and the Data Quality Act: Part VI

This is the sixth part of a multi-part series reported by ICANNfocus. This part focuses on ICANN's Strategic Plan. Read previous parts: Part I, Part II, Part III, Part IV, Part V. "The requirement that ICANN develop a Strategic Plan offers an important opportunity for achieving meaningful reform of the organization. The Strategic Plan is one of the key new ICANN duties contained in the most recent amendment to their Memorandum of Understanding (MOU) with the Department of Commerce. The MOU specifies in considerable detail the elements that ICANN is to include in the Plan including issues ranging from executive compensation to mechanisms for ICANN accountability..." more