Cigarette Smuggling and Cyber Security: Low-Tech Crimes Fund High-Tech Threats

You may not connect the cheap cigarettes sold under the counter (or out of a trunk, bodega or by a street vendor) with the mysterious charges on your credit card that you don't remember making or the cash that has, somehow, just disappeared from your bank account. You also may not connect that website selling cheap cigarettes made in second and third world countries with Shellshock or whatever the fashionably scary cyber-threat of the day is when you're reading this. more

Cloud Computing Can Make You More Secure

The number one concern cited for avoiding cloud computing is security. And there is a reason for that. Cloud providers have demonstrated some spectacular failures in the past, including Amazon's near total shutdown of an entire region, Dropbox's authentication snafu, and innumerous cloud providers that go belly-up. However, in the long run, cloud computing is destined to become more secure than in-house IT. I will briefly describe two dynamics in the industry that point in that direction, with substantiating evidence. more

Absolutely No Wireless Spectrum Shortage in 2010

Sure the iPhone has problems, but John Stankey of AT&T thinks restoring a $2B capex cut will fix them. It may take a little more money than that, but Glen Campbell of Merrill Lynch has confirmed he's on track. In a 50 page report that's one of the best I've read in years, Merrill destroyed the common belief that wireless has a significant spectrum shortage. more

FBI, DHS Release Technical Details on North Korea’s DDoS Botnet Infrastructure

U.S. Department of Homeland Security (DHS) and the FBI today released a technical alert based joint-effort analysis of methods behind North Korea’s cyberattacks. more

ARIN Elects First Board Member from the Caribbean

Regenie Fräser, the former Secretary General of a regional trade association, has been selected to serve a one-year term on the board of trustees of the American Registry of Internet Numbers (ARIN). Fraser's appointment makes her the first person from the Caribbean and the first non-white person to serve on the ARIN board. ARIN is one of five registries worldwide that coordinate Internet number resources. more

EU Calls For Full Privatization of ICANN, Commissioner Calls Sept 30 Moment of Truth

In a video posted on her website this morning, Viviane Reding, EU Commissioner for Information Society and Media, has called for greater transparency and accountability in Internet Governance. She outlines a new Internet Governance model which includes a fully private and accountable ICANN, accompanied by an independent judicial body, as well as a "G12 for Internet Governance" -- a multilateral forum for governments to discuss general internet governance policy and security issues... more

U. S. Government Blasts China’s Draft Domain Regulations

In an unexpected move, the two top U.S. officials charged with the Obama Administration's Internet policy have issued a joint statement severely criticizing draft Chinese domain policies. On May 16th, the State Department's Ambassador Daniel A. Sepulveda and NTIA's Assistant Secretary for Communications and Information Lawrence E. Strickling issued an official statement titled "China's Internet Domain Name Measures and the Digital Economy". more

Business Case for IPv6 - Part 1

When discussing IPv6, it is easy to forget that we are ultimately talking about an enhanced version of an existing network protocol. Sure, it brings about a number of technical advantages. But when viewed in isolation - without a business case - there really are not that many drivers that would place IPv6 on the agenda of the top decision makers looking after budgets. For IPv6 to gain serious momentum, this has to be changed. more

Internet Governance: The Issue, The Myths, The Problems, The Solutions

I have written a short paper on the topic of Internet Governance. Since it includes a number of resources, it would be easier for me to just point to a link with the document itself. Below are some selected excerpts from the document. "Several myths have been spreading around the World Summit on the Information Society (WSIS), but especially after the first Internet Governance Forum (IGF): The critical Internet resources (CIR) consist only of the IP addresses and the domain name system... There are only 13 root servers..." more

Constituencies Coalesce on IANA Transition and Enhanced ICANN Accountability Principles

It is now being broadly acknowledged that, as expressed unanimously by all GNSO constituencies at the recent ICANN London meeting, "as part of the IANA transition, the multi-stakeholder community has the opportunity and responsibility to propose meaningful accountability structures that go beyond just the IANA-specific accountability issues". In a July 22nd Keynote Address at the American Enterprise Institute, NTIA head Lawrence Strickling - whose agency must approve any IANA transition plan developed by Internet stakeholders - made this linkage an explicit element of U.S. government policy... more

A Look Back at the Pandemic and What Was Missed in the ISPs’ Broadband Performance Reports

I was looking back at industry reporting a year ago after the impact of the pandemic first hit our broadband networks. Almost every big ISP issued press releases talking about how well it had weathered the pandemic and bragged about the resiliency of its networks. It turns out that these ISP press releases largely missed the point. They are right that their networks didn't crash, but once we understood the nature of the changes in broadband traffic due to the pandemic, that wasn't a big surprise. more

Notice, Takedown, Borders, and Scale

I was on the front lines of the SOPA wars, because SOPA touched on two matters of strong personal and professional importance for me: protecting the Internet infrastructure, and protecting the economy from Internet related crime. I've continued to study this field and advise industry participants in the years since then. The 2017-02-20 paper by Annemarie Bridy entitled Notice and Takedown in the Domain Name System: ICANN's Ambivalent Drift into Online Content Regulation deserves an answer, which I shall attempt here. more

Bruce Schneier to Speak About Internet Surveillance at IETF 88 Technical Plenary Next Week

How do we harden the Internet against the kinds of pervasive monitoring and surveillance that has been in recent news? While full solutions may require political and legal actions, are there technical improvements that can be made to underlying Internet infrastructure? As discussed by IETF Chair Jari Arkko in a recent post on the IETF blog, "Plenary on Internet Hardening", the Technical Plenary at next weeks IETF 88 meeting in Vancouver, BC, Canada, will focus on this incredibly critical issue. more

U.S. Uses Domain Names As New Way to Regulate the Net

Governments have long sought ways to regulate Internet activity, whether for the purposes of taxation, content regulation, or the application of national laws. Effective regulatory measures have often proven elusive, however, since, unlike the Internet, national laws typically end at the border. Earlier this month, the United States began to move aggressively toward a new way of confronting the Internet's jurisdictional limitations - the domain name system. more

It’s Time to End Domain Name Front Running

Next week the Internet Corporation for Assigned Names and Numbers (ICANN) Board of Directors will consider adopting a 20 cent per-transaction fee that will effectively end the abusive speculating practices of domain tasting, front running and kiting. The fee will only apply when domain names are deleted excessively, a signal that they are being "tasted" by speculators. We, at Network Solutions, strongly encourage ICANN to enact this important provision as part of its budget and we have released a statement to that effect today... more