Where Is Cyberspace?

In my first CircleID post, I compared the cyberspace to a farmland, which has to be cultivated and developed. I ended by asking: Where is cyberspace? I have asked this same question from many people, many of whom are internet experts. They all said the cyberspace is in the computers, networks, or servers, or the Internet itself. I agree with these cyberspace ideas. In addition, my opinion is a bit different. more

Map of the Internet: The IPv4 Space of 2006

An intersecting representation of the IP Address space on a plane using a fractal mapping that preserves grouping... Section of the map also shows the blocks sold directly to corporations and governments in the 1990's before the RIRs took over allocation. more

78% of Cybersecurity Professionals Expect an Increase in DNS Threats, Yet Have Reservations

A recent survey conducted by the Neustar International Security Council confirmed the heightened interests on domain name system (DNS) security. The survey reveals that over three-quarters of cybersecurity professionals anticipate increases in DNS attacks, especially with more people shopping online amid the pandemic. Yet, close to 30% have reservations about their ability to respond to these attacks. more

Is Amazon Playing Chicken With Mailbox Providers?

It's easy to look at Amazon SES and sigh. Thousands of low-end customers sending mail from a shared IP pool? Amazon already knows that trick never works! Just one spammer will ruin the reputation of those IP addresses, resulting in ongoing delivery problems for everyone who uses the service. It is possible that Amazon can build the systems and human processes to keep spammers out; certainly sounds like they want to. more

The Villain in the ICANN-VeriSign Struggle is the U.S. Government

ICANN Board Chair Vint Cerf now works for a company whose motto is, "Do No Evil." So how could Vint and his fellow board members be engaged in a massive capitulation to the enterprise greed of dot-com operator VeriSign? The story of how the Internet community got to its current impasse over the future of the ICANN-VeriSign relationship is overly complicated but the bottom line is that we are suffering from woes created by the U.S. Government with the best of intentions over the past fifteen years. And only the government has the capacity to stop equivocating and do the right thing for all of us. The road to hell is paved with good intentions... more

Papers Now Available Publicly for W3C/IAB “Strengthening the Internet” Workshop

Want to read a wide range of views on how to strengthen the security and privacy of the Internet? Interested to hear how some of the leaders of the open standards world think we can make the Internet more secure? As I wrote about previously here on CircleID, the W3C and the Internet Architecture Board (IAB) are jointly sponsoring a workshop on "Strengthening The Internet" (STRINT) on February 28 and March 1 in London just prior to the IETF 89 meeting happening all next week. more

Internet Drug Traffic, Service Providers and Intellectual Property

You could call this Part Three in our series on Illicit Internet Pharmacy. Part One being What's Driving Spam and Domain Fraud? Illicit Drug Traffic, Part Two being Online Drug Traffic and Registrar Policy. There are a few facts I'd like to list briefly so everyone is up to speed. The largest chunk of online abuse at this time is related to illicit international drug traffic, mostly counterfeit and diverted pharmaceuticals. more

Whois Masking Considered Harmful

Whenever you register a domain name, your contact details are published in a publicly visible database called "Whois", where your contact details are instantly harvested by spambots and marketers who proceed to email and postal mail you marketing offers, deceptive "domain slamming" attempts, ads for dubious products, and perhaps even telemarketing calls. Nobody likes that, so over the years people started resorting to various tactics to protect themselves from the deluge of crap that inevitably comes with simply registering a domain name... more

Cybersecurity Tech Accord: 98% of Registrar Whois Requests Unrequited

When a brand goes so far as to ask a domain name registrar for Whois (the registration contact details) of a potentially abusive domain name, there's likely a lot at stake. Most often, the request is prompted by consumer safety concerns, such as the risk to consumers posed by a malicious site. Other times, the demand has a simple goal: to have a dialog with the registrant about the use of trademarks or other intellectual property in order to avoid extreme action. more

Visit of US House Speaker Pelosi to Taiwan Has Little Impact on Network Infrastructures

I'm writing this from Taipei, where I have lived in peace for over 10 years. Sadly I learned that during this week, intermediate-range ballistic missiles (operated by China) have flown far above the capital of Taiwan and that five of them have landed in the waters of Japan's exclusive economic zone (EEZ). This provocative live-firing drill came as a direct response from China following Pelosi's visit. more

CircleID’s Top 10 Posts of 2015

Once again it is time for CircleID's annual roundup of top ten most popular posts featured during the past year (based on overall readership). Congratulations to all the 2015 participants and best wishes in the new year. more

Report on Distribution Analysis of Internationalized Domain Names

In December 2003, the testing phase of Multilingual domains also known as Internationalized Domain Names (IDN), went live with the addition of over 350,000 multilingual domains to the .com and .net registries. As of 1st January 2004, the .com registry contained 300,409 IDN's, whereas the .net registry had 79,630 IDN's, representing around 1.25% of the total .com and .net domains. WebHosting.Info has analyzed these 380,039 IDN domains that are now live, and provided a detailed insight on trends and patterns across these domains. more

New CSC Research Finds Significant Lack of Redundancy for Enterprise DNS

As outlined in CSC's recent 2020 Domain Security Report: Forbes Global 2000 Companies, cybercriminals are disrupting organizations by attacking the protocol responsible for their online presence -- their domain name system (DNS). When a DNS is overwhelmed with traffic due to a distributed denial of service (DDoS) attack or configuration error, content and applications become inaccessible to users, affecting both revenue and reputation. more

Endpoint Rollbacks & Data Shadow Copies

Recently I was asked by a customer how they can easily set up rollback capabilities on the endpoints in their corporate network. They had seen the marketing hype by various security technology providers that their products included rollback capabilities they could utilize if/when one of their workstations or servers was infected by malware. Having gotten this question more than once, I thought it would be a good subject to share with a broader audience. more

ENUM: Mapping the E.164 Number Space into the DNS

Many communications networks are constructed for a single form of communication, and are ill suited to being used for any other form. Although the Internet is also a specialized network in terms of supporting digital communications, its relatively unique flexibility lies in its ability to digitally encode a very diverse set of communications formats, and then support their interaction over the Internet. In this way many communications networks can be mapped into an Internet application and in so doing become just another distributed application overlayed on the Internet. From this admittedly Internet-centric perspective, voice is just another Internet application. And for the growing population of Voice over IP (VoIP) users, this is indeed the case... more