At the ARIN Meeting

I have been attending the American Registry for Internet Numbers (ARIN) meeting in Toronto. ARIN is one of the RIRs, i.e., the Internet address registry and policy making authority for North America. Although I have observed and participated on RIR lists for some time and interacted with RIR representatives at ICANN, WSIS and IGF, this is the first time I have been able to attend a meeting. I'm glad I did. more

Quintessential and Other Acts of Bad Faith in Acquiring Domain Names

There are two essential differences between the Uniform Dispute Resolution Policy (UDRP) and the Anti-Cybersquatting Consumer Protection Act (ACPA), one procedural and one substantive. The procedural difference is quite minor, a mere quirk that Panels adopted by consensus in the early days of the UDRP and deserves no more than a footnote. Under the UDRP, complainants have standing on proof that they have trademark rights when they file their complaints... more

P2P as a New Spam Medium, Moving From PoC to Full Operations

Spam on P2P networks used to be mainly with advertising inside downloaded movies and pictures (mainly pornographic in nature), as well as by hiding viruses and other malware in downloaded warez and most any other file type (from zip archives to movie files). Further, P2P networks were in the past used for harvesting by spammers. Today, P2P has become a direct to customer spamvertizing medium. This has been an ongoing change for a while. As we speak, it is moving from a proof of concept trial to a full spread of spam, day in, day out... more

IPv6… the Year NAT-Enforced IPv4 Dam Showed Seepage

We don't give enough credit to people who will sacrifice themselves trying to plug the IPv4 dam with some NAT-putty. They even dream of a NAT66 filled afterlife. The growing IPv6 traffic trickle was given evidence at the recent RIPE 57 meeting in Dubai in a number of presentations, including a most edifying Google presentation. Noteworthy to see France with a 0.65% IPv6 penetration... more

Dot-XXX and Tiered/Differential Pricing: Permitted?

As folks will recall, there was a big debate about tiered/differential pricing in the .biz/info/org contracts. Eventually those contracts were amended to prevent that. However, if folks read the .XXX proposed contractv [PDF], Appendix S, Part 2, under "delegated authority" (page 66 of the PDF), appears to give the Registry Operator total control to make policy regarding pricing. Thus, it would appear they are in a position to re-price domains that later become successful... more

Does gTLD Registration Volume Measure Success?

For some time, the measure of success of a TLD was volume of registrations, or strictly speaking, Domains Under Management (DUMs). Who better than .com to validate the truth of that metric? More recently, this same metric has been applied to new gTLDs, especially those who achieve volume quickly, by whatever means necessary. These gTLDs are fawned over, written about, and effectively set up as the standard for other gTLDs to aspire to. But I'd like to challenge that notion. more

The Web is Dead: What This Means to ICANN, New gTLD Program and the Domain Industry

While we are spending years figuring out how to create the perfect generic Top-Level Domain (gTLD) launch and guidebook, the Internet is moving along at an extraordinary pace without any care about ICANN policy-making. The fact of the matter is ICANN is a ghost to the ordinary person or Internet company. You can not imagine how many times I had to explain what ICANN is, what ICANN does and why ICANN is important. more

Researchers Use Social Graphs to Detect Spammers, Attackers

A project named S-GPS or Spammer Global Positioning System, by Microsoft researchers uses spammer identification rather than spam identification to identify zombie-based spammers. more

‘Spam King’ Sanford Wallace Sentenced to 2.5 Years In Prison

The 47 year old Las Vegas man known as the "Spam King" has been sentenced to 2.5 years in federal prison for sending over half-million spam messages to Facebook users resulting in over 27 million spam messages sent through social networking company's servers. He pleaded guilty last year to one count of fraud. more

Mitigating Harm Caused by the ICANN “Draw”

The gTLD Prioritization "Draw" was a mistake. But its negative impact can still be mitigated. The best course of action follows directly from information that can be gleaned from available data. Let us start with the latest piece of intelligence: who "played" in the "Draw"? 1766 of 1917 applications had a lottery ticket. This is much worse than expected. Very few abstained. Even the purely defensive applicants saw no other choice but to "play". more

Phishing: An Interesting Twist on a Common Scam

After Two Security Assessments I Must Be Secure, Right? Imagine you are the CIO of a national financial institution and you've recently deployed a state of the art online transaction service for your customers. To make sure your company's network perimeter is secure, you executed two external security assessments and penetration tests. When the final report came in, your company was given a clean bill of health. At first, you felt relieved, and confident in your security measures. Shortly thereafter, your relief turned to concern. ...Given you're skepticism, you decide to get one more opinion. ...And the results were less than pleasing. more

Yemen’s Submarine Cable Repairs Hindered by Political Dispute

Repair efforts for three crucial submarine internet cables damaged in the Red Sea are being obstructed by political disputes over access to Yemeni waters. more

EFF Resigns from World Wide Web Consortium (W3C) over EME Decision

In an open letter to the World Wide Web Consortium (W3C), the Electronic Frontier Foundation (EFF) announced on Tuesday that it is resigning from World Wide Web Consortium (W3C) in response to the organization publishing Encrypted Media Extensions (EME) as a standard. more

Market Forces Should Control Registry Services?

Sonia Arrison, a director of the Center for Technology Studies at the California-based non-profit Pacific Research Institute, writes an interesting op-ed piece in the Internet news publication CNET News.com. She argues that the job of privatizing the domain name system should be completed and that market forces should control registry services such as SiteFinder deployed by VeriSign for about three weeks in September...While not a position I would agree with, as I would prefer more government control and additional regulation, it is definitely insightful and well written. She makes some interesting quotes... more

Spanish Police Raid the Offices of .cat gTLD Registry

The offices of the .cat gTLD registry Fundació puntCAT were raided by the Spanish police this morning. The company reported the incident via a series of tweets as the raid was being carried out. more