The Cybersecurity Act of 2009

Four senators (Rockefeller, Bayh, Nelson, and Snowe) have recently introduced S.773, the Cybersecurity Act of 2009. While there are some good parts to the bill, many of the substantive provisions are poorly thought out at best. The bill attempts to solve non-problems, and to assume that research results can be commanded into being by virtue of an act of Congress. Beyond that, there are parts of the bill whose purpose is mysterious, or whose content bears no relation to its title. more

Stop! Don’t Forward That E-mail!

Forwarding e-mail is so easy that it must be legal, right? Not everyone thinks so. Ned Snow at the University of Arkansas recently wrote A Copyright Conundrum: Protecting Email Privacy that argues that forwarding violates the sender's copyright rights, so it's not. The article is quite clever and is (as best I can tell, not being a legal historian) well researched, even if you agree with me that its conclusions are a bunch of codswallop... more

An Interview With Richard Whitt, Google’s Washington Telecom and Media Counsel

I recently had the opportunity to interview, Richard Whitt, Google's Washington Telecom and Media Counsel, who will be one of the keynote speakers at the upcoming Emerging Communications Conference (eComm 2009) being held on March 3-5 at the San Francisco Airport Marriott. The following is the transcript of our phone conversation and the audio recording of the interview. more

3 Most Scary Attacks that Leaked Personally Identifiable Information (PII) of Millions of Users

Cybercriminals are increasingly targeting Personally Identifiable Information (PII). The reason being "data is the new gold" in this digital world, and the more sensitive some data is, the more value it has. There is no more sensitive data than personally identifiable information because it contains enough information to identify you digitally. Examples of personally identifiable information include name, email, contact number, address, social security number, tax file number, banking or financial information, and more such data that helps identify you. more

What’s Going on in China’s Domain Name Industry?

Recently, there has been a lot of noise about China tightening control of the new top-level domains and how it could severely damper domain name registrations in China and one should make preparation for the worst. Initially, I tried to stay out of this as I know all the players behind this. But given that at least 3 people have emailed me asking what's going on, I decided to clear the air here. more

SpaceX’s Starlink Satellite Internet Service Has Received 500K Preorders, Says the Company

SpaceX on Tuesday disclosed that it has received 500,000 preorders for its Starlink satellite internet service and that it anticipates no technical problems meeting the demand. more

Measuring Abuse: How Much COVID-Related Abuse Is There, Really?

Like measuring COVID's impact, so too measuring the impact of COVID-related abuse on the Internet is difficult, there are those that would foolishly dismiss the danger entirely, others over-state the problem, perhaps to prompt sales of tools and services. The amount and type of abuse varies from network to network, and to declare everything is fine based on one world-view you believe to be ubiquitous, or that the sky is falling based upon another, extrapolated to 'everybody else' is simply poor analysis. more

XXX Saga Continues

Sex and the internet. Put the two together and you are bound to find an interesting story. While the saga surrounding sex.com took a new twist in the last couple of days, with the current owners going dotbomb, the .xxx story also took an interesting turn... For several years ICM and ICANN tangoed. more

The .DOCTOR Quarantine

ICANN should reconsider its decision to quarantine .DOCTOR, given that it's not even sick. In an utterly surprising move, ICANN staff and the Board's New gTLD Program Committee ("NGPC") recently informed the applicants for .DOCTOR that it has singled out the gTLD as a test case for controlling content and limiting speech on the Internet. In the epitome of top-down policy making, ICANN issued an edict that it will implement nearly year-old advice from the Government Advisory Committee ("GAC") differently from all other similarly situated gTLDs and in contravention of subsequent GAC advice. more

What Is “1net” to Me

APNIC is a signatory to the Montevideo Statement, a declaration from members of the Internet technical community about the current state of Internet technical coordination, cooperation and governance. The statement conveys in particular an agreement on "the need for ongoing effort to address Internet Governance challenges", and a commitment to "catalyze community-wide efforts towards the evolution of global multi-stakeholder Internet cooperation". Last week during ICANN 48 in Buenos Aires, there were numerous discussions about the Montevideo Statement... more

Verisign Gets .COM Forever, But ICANN Gets a Lobbyist

A press release on the ICANN web site says that ICANN and Verisign have agreed to settle all pending lawsuits, and there’s a new .COM agreement, all tentative but if history is any guide, nothing short of DOC action is going to stop it. The good news is that VeriSign has agreed not to make unilateral changes like Sitefinder. They have to give prior notice to ICANN for any material change in the operation of the registry, and if ICANN has any concerns there’s a lengthy process full of expert panels and Consensus and the like to decide whether they can do it. more

GG, IM, and JE: Welcome (officially) to ISO3166, Good Bye GB

I am often asked how to get a ccTLD by folks just coming in to the domain industry. There is RFC1591 as a start for reading material on the subject matter, and then there is ICP-1. I defer them to IANA, who defers to ICANN, who in turn defers to ISO and the ISO3166-1 list being the definitive list, and then you have to factor in some of the "reserved code elements" from their decoding table to normalize 3166 against the list of IANA Country Codes for ccTLD delegations like .EU. How does one get their ccTLD into the ISO list? The ISO in turn (likely due to the masses that contact them hoping to list their country) defer the criteria for what it is to be a 'country' for being on the 3166-1 list, and partially defer to the United Nations. more

Blockchain’s Two-Flavored Appeal

A recent story in Medium describes yet again quite well why blockchains don't solve any real problems: Blockchain is not only crappy technology but a bad vision for the future. So what is their irresistible appeal? Bitcoins remind me of a story from the late chair of the Princeton University astronomy department. In 1950 Immanuel Velikovsky published Worlds in Collision, a controversial best-selling book that claimed that 3500 years ago Venus and Mars swooped near the earth... more

Hunting Unicorns: Myths and Realities of the Net Neutrality Debate

In many ways, the emotionally charged debate on Network Neutrality (NN) has been a lot like hunting Unicorns. While hunting the mythical horse could be filled with adrenalin, emotion, and likely be quite entertaining, the prize would ultimately prove to be elusive. As a myth, entertaining; but when myths become reality, then all bets are off. The Network Neutrality public and private debate has been filled with more emotion than rational discussion, and in its wake a number of myths have become accepted as reality. Unfortunately, public policy, consumer broadband services, and service provider business survival hang in the balance. more

The Case Against DNSSEC

I was talking to my good friend Verner Entwhistle the other day when he suddenly turned to me and said "I don't think we need DNSSEC". Sharp intake of breath. Transpired after a long and involved discussion his case boiled down to four points: 1. SSL provides known and trusted security, DNSSEC is superfluous, 2. DNSSEC is complex and potentially prone to errors, 3. DNSSEC makes DoS attacks worse, 4. DNSSEC does not solve the last mile problem. Let's take them one at a time... more