Phish or Fair?

It shouldn't be a big surprise to hear that phishing is a big problem for banks. Criminals send email pretending to be a bank, and set up web sites that look a lot like a bank. One reason that phishing is possible is that e-mail has no built in security, so that if a mail message comes in purporting to be from, say, accounts@bankofamerica.com, there's no easy way to tell whether the message is really from bankofamerica.com, or from a crook. more

Phishing: A Look Into the E-Crime Landscape

At the recent Anti-Phishing Working Group meeting in San Francisco, Rod Rasmussen and I published our latest APWG Global Phishing Survey. Phishing is a distinct kind of e-crime, one that's possible to measure and analyze in depth. Our report is a look at how criminals act and react, and what the implications are for the domain name industry. more

Judges Grants Stay in Kentucky Domain Seizure Case

A Court of Appeals in Kentucky has granted a motion to delay a forfeiture hearing that will determine the fate of 141 domain names related to online gambling and poker sites. The Interactive Media Entertainment and Gaming Association (iMEGA), an Internet trade association based in Washington, D.C., asked the three-panel appeals courts to grant a stay so that the appeals court could consider iMEGA's petition to have the lower court seizure ruling overturned. more

Do We Need The New Top-level Domains?

After a long and exhaustive process it was finally decided by ICANN to introduce seven new top level domains in December. Well, they are not really introduced yet because the United States Government has the final word and they have not approved of them yet. Did you understand what I just wrote - the United States Government decides what names you can have on the Internet? more

CENTR Unveils Key Principles for Internet Policy Ahead of 2024 EU Elections

This follows a general meeting on November 14, 2023, and comes ahead of the 2024 EU elections. The initiative outlines strategies for protecting Europe's digital future in the coming decade, especially considering potential strategic shifts in the next legislative term. more

Verisign Dodges a Bullet, Gets to Keep .COM Pricing

According to a filing with the SEC, the Department of Commerce renewed the .COM agreement for six more years. The renewal was held up until the last minute (the old agreement expired yesterday) due to antitrust concerns, specifically about pricing. The main change in the new agreement is that Verisign is no longer allowed to increase the price above the existing $7.85... more

Net Neutrality Again!

I had hoped to take a longer break from the theme of Net Neutrality, but a piece on Om Malik's blog by Daniel Berninger seems to be screaming for a reply. Berninger hails from Tier 1 Research; his credentials show a close association with Jeff Pulver's Free World Dialup, and hence a piece that is sympathetic to the 'Save the Internet' movement. His legalistically styled piece attempts to suggest that, in the absence of conformance to network neutrality principles, telephone companies will lose their common carrier status and therefore should lose their access to low cost rights-of-way. Good try, Dan... more

The Russian Anti-Satellite Demonstration – a Month Later

On November 15, Russia demonstrated its ability to destroy an orbiting satellite, Cosmo 1408, by hitting it with a direct-ascent rocket. In an earlier post, I noted the anti-satellite demonstration and speculated on why Russia may have done it and why the Chinese had not condemned it. In this post, I’ll look at the evolution of the resulting debris cloud and say more about the possible motivation.  more

ICANN And The DOC Can’t

The former contract with ICANN and the US Department of Commerce (DOC) was due to expire on September 30, 2002. In the statement announcing the renewal, the DOC acknowledged that ICANN was the subject of many complaints from many sectors of the Internet community. Some of these complaints had been presented to the US Congress during a hearing held in June 2002 by a Senate Subcommittee. At the hearing, a General Accounting Office (GAO) spokesperson, Peter Guerrero, testified, noting not only that ICANN had failed in its mandate, but that the U.S. Department of Commerce was also at fault in failing to properly oversee ICANN activities. He explains... more

The EARN IT Act: The Wrong Solution to a Complex Problem

The EARN IT Act was reintroduced into Congress last Monday, with the promise that it would end Internet platforms' "blanket immunity" for "tens of millions of photos and videos" of child sexual abuse that they allow to circulate online. With the bill already scheduled for hearing in committee, it's on track to be passed quickly. And why shouldn't it be, if its sponsors' claims about it are true? Perhaps because they're not true. more

Google Energy - Are You Surprised?

Just when you thought Nexus One was the biggest thing coming out of Google this week, we now get word about Google Energy. Well, Nexus One is a big deal, but I say that wearing my telecom analyst hat. Switching to my smart grid hat, Google Energy is something else altogether... As big as that is -- and will be -- Google Energy has all kinds of implications for smart grid. For starters, more

Now Available - A Trend Chart Tracking DNSSEC Validation Globally

How can we track the amount of DNSSEC validation happening globally? Is there a way we can see the trend over time to (we hope!) see validation rise? At the recent excellent DNSSEC Workshop at ICANN 50 in London Geoff Huston let me know that his APNIC Labs team has now created this exact type of trend chart. more

The Spontaneous Development of the Domain Name Market

If we traveled back in time, we would discover that unauthorized squatting on someone else's property is an ancient tort, but in cyberspace, it dates from the mid-1990s. Its emergence brought together governments and intellectual property stakeholders to demand a rights protection mechanism devised to deal with this new form of squatting. In 1999 the World Intellectual Property Organization (WIPO) completed its work on a proposal for an online rights protection mechanism which ICANN crafted into the Uniform Domain Name Dispute Resolution Policy (UDRP). more

Old Cloud vs. New Cloud

Images of clouds have been used when discussing networks for quite some time. When traditional telecoms companies were selling point-to-point circuits a drawing of a cloud was sometimes used. The cloud symbol helped indicate the provider?s domain of responsibility, effectively hid the internal complexity of the network and focused on the end user. This was all fine when the product offered was an end-to-end circuit. more

Biden’s National Cybersecurity Strategy Suggests Increased Website Security, Customer Protection

Phishing attacks have been rising over the past couple of years. Reports show that there was a 345 percent increase in phishing attacks between 2020 and 2021. In 2022, the number of advanced phishing attacks rose by 356 percent. Behind these alarming numbers, however, is an even uglier picture of digital fraud: a difficult-to-quantify prevalence of fake or spoof websites. more