The Growing Threat of Cybersquatting in the Banking and Finance Sector

The apparent cyber heist of of $81 million from the Bangladesh central bank's U.S. account may cause some people to question the security of online banking. While the online theft prompted SWIFT - a cooperative owned by 3,000 financial institutions around the world -- to make sure banks are following recommended security practices, the incident also could have ramifications for banking customers worldwide. more

“Do’s and Don’ts”: Commenting on New gTLD Applications

regarding the new gTLD applications and, unfortunately, I have been largely disappointed with the substance of most of them. Too many of the earliest comments express concern over the possibility of having more adult-related extensions. Okay, we hear you... Also, with all due respect to the supporters of Dadotart's application, I appreciate the display of loyalty to this particular applicant but if I have to read another comment from an "impassioned supporter" of the .ART application, I will bang my head on my desk. more

A Royal Opinion on Carrier Grade NATs

There are still a number of countries who have Queen Elizabeth as their titular head of state. My country, Australia, is one of those countries. It's difficult to understand what exactly her role is these days in the context of Australian governmental matters, and I suspect even in the United Kingdom many folk share my constitutional uncertainty... In the United Kingdom every year the Queen reads a speech prepared by the government of the day, which details the legislative measures that are being proposed by the government for the coming year. Earlier this month the Queen's speech included the following statement in her speech. more

Maintaining Security and Stability in the Internet Ecosystem

DDoS attacks, phishing scams and malware. We battle these dark forces every day - and every day they get more sophisticated. But what worries me isn't just keeping up with them, it is keeping up with the sheer volume of devices and data that these forces can enlist in an attack. That's why we as an industry need to come together and share best practices - at the ICANN community, at the IETF and elsewhere - so collectively we are ready for the future. more

China Temporarily Cuts Itself Off from the Global Internet

China briefly disconnected from much of the global internet for over an hour on Wednesday, following a disruption traced to the country's "Great Firewall." According to activist group Great Firewall Report, the outage began at 12:34 a.m. Beijing time and lasted until 1:48 a.m. on August 20. more

ICANN Cancels .CORP, .HOME, and .MAIL TLDs Indefintley Due to Collision Concerns

ICANN has announced that it has indefinitely deferred the delegations of the new TLDs .CORP, .HOME, and .MAIL due to the high-risk nature of the strings. The domains name system overseer has determined the said TLDs can cause name collisions, the overlap of private and public namespaces which may result in unintended and harmful results. more

IPv6 Percolates, IPv4 Regurgitates

APNIC happened to be the first Regional Internet Registry to meet in the IANA post IPv4 era. While discussions and proposals on how to divvy up the last 'slash 8' into tinier blocks are to be expected, it was rather unreal to see the energy spent divining how the RIR's would share IPv4 space that would eventually be returned to IANA and then regurgitated. A timewarp with the exhaustion clock turning backwards? more

Edge Computing, Fog Computing, IoT, and Securing Them All

The oft used term "the Internet of Things" (IoT) has expanded to encapsulate practically any device (or "thing") with some modicum of compute power that in turn can connect to another device that may or may not be connected to the Internet. ... The information security community -- in fact, the InfoSec industry at large -- has struggled and mostly failed to secure the "IoT". This does not bode well for the next evolutionary advancement of networked compute technology. more

Wireless Broadband vs Fixed Broadband - The Story Continues

This never-ending story is used by opportunistic telcos and their lobbyists to confuse the issue in order to gain regulatory or political advantage. The debate is now raging again in the USA. In an attempt to talk down their monopolistic position in the market the three telcos - and this time in particular, Comcast - are claiming that real competition does in fact exist in the American broadband market, citing competition from the mobile 4G LTE services as an example. more

Does ICANN’s UDRP Preserve Free Speech and Allow Room for Criticism?

The phenomenal growth of the Internet has resulted in a proliferation of domain names. The explosion of '.com' registrations coincided with an increase in domain name disputes, and with it the legal branch of intellectual property devolved into virtual mayhem. ICANN's Uniform Domain-Name Dispute-Resolution Policy (UDRP) was created... The UDRP was brought into force in October 1999, and it can be said that it has contributed handily to the resolution of domain name disputes. However, deeper investigation into the UDRP paints a different picture. more

WordPress Announces New .BLOG TLD, to be Available This Year

Automattic, the parent company of the popular blogging platform WordPress, today announced plans to make the new .blog TLD available for registration this year. Earlier this year, the company secured the rights to oversee and operate the registration of the highly contested new generic TLD. more

Examples of Where ICANN Can Be More Accountable

During the "GNSO Discussion with the CEO" at the recent ICANN meeting in Durban, I stated that ICANN talks a lot about the importance of supporting the public interest, but in reality the organization's first priority is protecting itself and therefore it avoids accountability and works very hard at transferring risks to others. In response to my comments, ICANN CEO Fadi Chehadé asked me to provide him examples of where ICANN can be more accountable. Copied below is my response letter to Chehadé, which provides seven examples. more

Running DNSBLs in an IPv6 World

DNS blacklists for IPv4 addresses are now nearly 15 years old, and DNSBL operators have gathered a great deal of expertise running them. Over the next decade or two mail will probably move to IPv6. How will running IPv6 DNSBLs differ from IPv4? There aren't any significant IPv6 DNSBLs yet since there isn't significant unwanted IPv6 mail traffic yet (or significant wanted traffic, for that matter), but we can make some extrapolations from the IPv4 experience. more

The Sad State of WHOIS, and Why Criminals Love It

I'm not even sure how to begin this post, but let me tell you -- my head explodes when I try to contact WHOIS "contacts" about criminal activity - FAIL. I think ICANN wants to do the right thing here, and has stated on multiple occasions that inaccurate WHOIS data is reason for registrar termination. That's a Good Thing... more

Report and Analysis of Public Comments Submitted to ICANN on the .COM Pricing Provisions (Part I)

ICANN's call for Public Comment on Proposed Amendment 3 to the .com Registry Agreement yielded 9,040 public comments during the six-week comment period that ran from January 3, 2020 to February 14, 2020. The public response was amongst the most robust if not the most robust, that ICANN has ever received. To put this in context, the last several Public Comment periods received under 20 comments apiece. more