Blocking a DDoS Upstream

In the first post on DDoS, I considered some mechanisms to disperse an attack across multiple edges (I actually plan to return to this topic with further thoughts in a future post). The second post considered some of the ways you can scrub DDoS traffic. This post is going to complete the basic lineup of reacting to DDoS attacks by considering how to block an attack before it hits your network -- upstream. more

Notorious Markets, Scams and Implications for Brands

On January 14, 2021, the Office of the United States Trade Representative (USTR) released its 2020 Review of Notorious Markets for Counterfeiting and Piracy (the Notorious Markets List, or NML). This publication enumerates online and physical markets that have been reported to engage in trademark, counterfeiting, and copyright infringement at scale. For the first time, the NML documents show how internet platforms play a part in bringing illicit goods into the US. more

What Is the Uniform Rapid Suspension System (URS) and What Is It Good For?

The Internet Corporation for Assigned Names and Numbers (ICANN) launched the Uniform Rapid Suspension System (URS) (2013) in anticipation of the marketing of new gTLDs that became available from November 2013. It is one of four new rights protection mechanisms (RPMs) designed to combat cybersquatting. It is not intended for legacy gTLDs, and for new TLDs, it is planned only for that class of dispute colloquially referred to as a "slam dunk." more

Jefferson Rebuffed: The United States and the Future of Internet Governance

A paper by Viktor Mayer-Schoenberger and Malte Ziewitz was recently published at John F. Kennedy School of Government, Harvard University titled, "Jefferson Rebuffed: The United States and the Future of Internet Governance". The following excerpt provides an overview of the paper: "Over the last several years, many have called for an internationalization of Internet governance in general, and Internet naming and numbering in particular. The multi-year WSIS process that culminated in November 2005 was intended to create momentum in such direction. The United States has long resisted such internationalization, fearing in particular the growing influence of China and similar nations..." more

The Internet Infrastructure in Afghanistan (Event)

Join the upcoming discussion today on the past, present and future of the Internet in Afghanistan in the context of the Middle East. Panelists will address the national and international challenges and opportunities Afghans face in the changing environment of global Internet governance and sanctions laws. more

How Can Managers Support Their Engineers Deploy IPv6?

After interacting with over 1000 network engineers during training sessions about what they think could help drive IPv6 deployment in Africa, I have come to the realisation that a three prong approach is required... Many training courses focus on the first issue, and quite logically, that's where the real work lies. I've developed such a course that has been delivered in over 45 countries, and there are lots of other great training available, both free and paid. more

URL Shorteners

If you're a twit a Twitter user, you've likely used one or another of the URL shorteners out there. Even if you're not, you may have run across a shortened URL. The first one I encountered, several years ago, was tinyurl.com, but there plenty of them, including bit.ly, tr.im, qoiob.com, tinyarrow.ws, tweak, and many others. ... What would best practices for URL shortening services look like? Some suggestions, from others as well as from me. more

The Internet Monopoly

People are increasingly becoming aware of the emerging 'internet monopoly'. Companies such as Google, Facebook, Twitter and many the other (local) social network and media sites are becoming so large and powerful that they can dictate the use of their services in such a way that people lose control over their own information and their participation in these networks. ... These digital media developments certainly did happen, but they are not founded on the 'permission-based' principles that we advocated during all those years. more

Monumental Cybersecurity Blunders

Two recent celebrated cybersecurity standards history events brought together sets of people who were intimately involved with some of the most significant network security standards work ever undertaken. These included the X.509 digital certificate standards at ITU X.509 Day, and the Secure Digital Network System (SDNS) standards at the NSA Cryptologic History Symposium 2022. more

Another Year of the Transition to IPv6

I bet that nobody believed in 1992 that thirty years later, we'd still be discussing the state of the transition to IPv6! In 1992 we were discussing what to do about the forthcoming address crunch in IPv4, and having come to terms with the inevitable prospect that the silicon industry was going to outpace the capacity of the IPv4 address pool in a couple of years, we needed to do something quickly more

Cuba’s Mobile-Internet Strategy?

This post is speculative, but I think Cuba may use satellite for 3G backhaul and, when the technologies are ready, leapfrog over 4G to 5G mobile connectivity and next-generation satellite. ETECSA began rolling out 3G connectivity for Cubans about a year ago and a few things have led me to believe they will continue... But, could they provide widespread 3G mobile? Doing so would require more base stations and more backhaul from those base stations to the Intenet. more

Trust Has Eroded Within the Cybercriminal Underground Causing a Switch to Ecommerce Platforms

New data released today indicates that trust has eroded among criminal interactions, causing a switch to ecommerce platforms and communication using Discord, which both increase user anonymization. more

Using Your domain Name in China

At Gandi, we offer over 750 TLD's right now (probably the one with the most coverage in the industry) so we often see changes in policy first hand. One of these changes was the introduction of new laws in China and regulations by the MIIT (China’s Ministry of Industry and Information Technology) in late 2017. We updated our customers on these new regulations to hopefully avoid some confusion, and I'd like to share them here as well. more

July 2010: The End of the Beginning for DNSSEC

July 15, 2010 (yesterday) marked the end of the beginning for DNSSEC, as the DNS root was cryptographically signed. For nearly two decades, security researchers, academics and Internet leaders have worked to develop and deploy Domain Name System Security Extensions (DNSSEC). DNSSEC was developed to improve the overall security of the DNS, a need which was dramatized by the discovery of the Kaminsky bug a few years ago. more

The Third Stage of the VoIP Rocket Never Fired

Ten years ago was the dawn of Voice over IP (VoIP). The pioneering Israeli company VocalTec had just released its VoIP software for PCs (it was named iPhone, BTW). Industry guru Jeff Pulver (whom I now partner with in FWD) had begun to hold his Voice on the Net (VON) shows. As the founder of VoIP startup ITXC, I was invited to give a keynote at VON in Boston. The evolution of VoIP, I opined with the requisite PowerPoint slides, will be like a three stage rocket. I was right about the first two stages and dead wrong about the third... more