Spam Arrest’s Sender Agreement Fails Because Email Marketer’s Employees Lacked Authority

People hate receiving spam, but most people stopped obsessing about spam a decade ago or more. In the interim, anti-spam filters have improved dramatically. Still, some anti-spammers hate spam so passionately -- or, perhaps, hope to put a little coin in their pockets -- that we still see a steady stream of lawsuits against email marketers. For the most part, those lawsuits don't win; in the past half-decade, repeat anti-spam plaintiffs have rarely won in court. more

New gTLDs: Is Internationalism the Solution?

Are international strings such as "club" and "rugby" the key to launch a successful TLD in Round 2 of the ICANN new gTLD program? Are "International TLDs" the key to a successful Registry? That is quite possible as the results of the recent .CLUB launching show that it generated lots of interest in a short period of time. The .CLUB registry is now number 3 on the list of most registered domain names with 37,806 domains registered and .EMAIL is in position 6. more

Selling DONA Snake Oil at the ITU

A venerable old ITU tradition got underway today. Its Telecommunication Standardization body, known as the ITU-T, gathered, as it has done every four years for much of the past 100 years in a conclave of nations, to contemplate what they should be doing at their Geneva intergovernmental standards meetings for the next four years. The gathering is called the WTSA... Old intergovernmental institutional habits still continue, so the participants are gathered in a remote location in Tunisia called Hammamet. more

Stopping SOPA’s Anti-Circumvention

The House's Stop Online Piracy Act is in Judiciary Committee Markup today. As numerous protests, open letters, and advocacy campaigns across the Web, this is a seriously flawed bill. Sen. Ron Wyden and Rep. Darrell Issa's proposed OPEN Act points out, by contrast, some of the procedural problems. Here, I analyze just one of the problematic provisions of SOPA: a new"anticircumvention" provision more

CENTR Statement on IDN Homograph Attacks

Recently a proof of concept attack was announced on the Internet that demonstrated how a web address could be constructed that looked in some web browsers identical to that of a well known website. This technique could be used to trick a user into going to a website that they did not plan on visiting, and possibly provide sensitive information to a third party. As a result of this demonstration, there has been a number of voices calling for web browsers to disable or remove support for IDNs by default. ...CENTR, a group of many of the world's domain registries - representing over 98% of domain registrations worldwide - believes such strong reactions are heavily detrimental... more

Australian Government Issues New Guidelines to Address 5G Security Concerns in Smart Cities

The Australian Signals Directorate (ASD) has issued a new set of guidelines warning about the security risks posed by the use of 5G technology in so-called Smart Cities. The ASD's concerns align with those of the Five Eyes security alliance, which has warned that the interconnected nature of a fully connected city makes it vulnerable to cyberattacks. more

Sweden’s Internet Traffic Drops by a Third as New Anti-Piracy Law Kicks In

April 1st was the start of a new anti-piracy law in Sweden where, according to traffic data, an immediate and significant drop (over 30%) occurred in the nation's overall Internet traffic. Reported today by Royal Pingdom: "The combined traffic passing through Sweden's Internet Exchange Points usually peaks around 160 Gbit/s, but on Wednesday it peaked at around 110 Gbit/s. That's a huge drop in traffic, and is presumably a direct result of less file sharing taking place. ... Another interesting observation is that there was more traffic than usual during the last days before the law took effect. Were people hoarding films and music? On Tuesday (the day before the law went live) traffic peaked at nearly 200 GBit/s, roughly 25% above normal levels." more

Google Announces DNSSEC Support for Public DNS Service

Google today announced that its "Public DNS" service is now performing DNSSEC validation. Yunhong Gu, Team Lead for Google Public DNS, in post today wrote: "We launched Google Public DNS three years ago to help make the Internet faster and more secure.Today, we are taking a major step towards this security goal: we now fully support DNSSEC (Domain Name System Security Extensions) validation on our Google Public DNS resolvers." more

Yet Another Unfortunate CAN SPAM Case

The case Melaleuca v. Hansen has been moving slowly through Idaho federal court since 2007. On Sept 30 the court decided in favor of the defendants. Although the outcome is probably correct, the court's decision perpetuates the misreading of CAN SPAM from the infamous Gordon case that makes it in practice impossible to win a CAN SPAM case in the 9th Circuit. more

Cloud Leak Exposes at least 14 Million Verizon Subscribers, Phone Numbers and Account PINs Included

A Verizon partner is reported to have exposed millions of Verizon customer accounts due to a misconfigured cloud-based file. more

Setting the Record Straight - Myths vs. Facts about .com

Over the past several weeks, there has been significant discussion about Verisign and its management of the .com top-level domain (TLD) registry. Much of this discussion has been distorted by factual inaccuracies, a misunderstanding of core technical concepts, and misinterpretations regarding pricing, competition, and market dynamics in the domain name industry. more

UK Government Planning on New Laws for IoT Devices Including a Mandatory Security Labelling Scheme

The UK government on Wednesday announced plans to introduce new laws for internet connected devices to better enforce the inclusion of basic cybersecurity features into IoT devices. more

Dell Loses Key Customer Support Domain Name for a Month, Site Exposed to Questionable Content

The website designated by Dell Inc. to help customers recover from malicious software and other computer maladies may have been hijacked for a few weeks this summer by people who specialize in deploying said malware, reports Brian Krebs in KrebsOnSecurity. more

Proving Common Law Rights Predating Domain Name Registration

The trademark rights required for standing under paragraph 4(a)(i) of the Uniform Dispute Resolution Policy (UDRP) refer to both registered and unregistered rights. Complainants with registered trademarks satisfy the requirement by submitting their certificates of registration. However, and not surprisingly, complainants with unregistered trademarks have to demonstrate that the alleged marks qualify as such, which requires that complainants prove both secondary meaning of the marks and their distinctiveness prior to the registration of the domain name. more

Over 75% of All Top-Level Domains (TLDs) Now Signed With DNSSEC

As I was entering in data for the weekly DNSSEC Deployment Maps, I was struck by the fact that we are now at the point where 617 of the 795 top-level domains (TLDs) are now signed with DNSSEC. You can see this easily at Rick Lamb's DNSSEC statistics site...Now, granted, most of that amazing growth in the chart is because all of the "new generic TLDs" (newgTLDs) are required to be signed with DNSSEC, but we are still seeing solid growth around the world. more