ICANN and Iraq: Suffering Along

I thought of ICANN yesterday when reading about the devolution of the Iraqi Governing Council, which managed to unite for just a moment to approve a constitution with about the half-life of lutetium. ICANN and the IGC: two institutions put in charge of ill-behaved constituencies and stuck in chronic failure mode. Could anything be learned by examining them at arm's length? Indeed, different as they are, their histories contain several common elements... more

DNS Amplification Attacks: Out of Sight, Out of Mind? (Part 2)

This post follows an earlier post about DNS amplification attacks being observed around the world. DNS Amplification Attacks are occurring regularly and even though they aren't generating headlines targets have to deal with floods of traffic and ISP infrastructure is needlessly stressed -- load balancers fail, network links get saturated, and servers get overloaded. And far more intense attacks can be launched at any time. more

ICANN CEO Fadi Chehade is Misleading the US Senate, Says Sen. Cruz

U.S. Sen. Ted Cruz (R-Texas) has released a statement today regarding a letter that Cruz, Sen. James Lankford (R-Okla.), and Sen. Mike Lee (R-Utah) received from Fadi Chehade, CEO of the Internet Corporation for Assigned Names and Numbers (ICANN) on Friday. more

Authorities Take Down the Mariposa Botnet

There are a number of sources talking about the takedown of the Mariposa botnet... Spanish authorities, working with researchers from Panda Labs, Defence Intelligence and a couple of other educational institutions, took down the Mariposa botnet (Mariposa is the Spanish word for "butterfly"). The Mariposa botnet is an absolutely enormous with around 12 million (!) nodes doing its bidding. It was involved in things like credit card phishing and identity fraud. more

The FBI and Scotland Yard vs. Anonymous: Security Lessons

A lot of people are fascinated by the news story that Anonymous managed to listen to a conference call between the FBI and Scotland Yard. Some of the interest is due to marvel that two such sophisticated organizations could be had, some is due to schadenfreude, and some is probably despair: if the bad guys can get at these folks, is anyone safe? more

IPv6 Momentum?

Last month, the Obama administration sponsored one of the first high-level government workshops on IPv6. At the meeting, the administration's Chief Information Officer, Vivek Kundra, announced a remarkable 2012 deadline for federal agencies to support IPv6. So with a high-level US government mandate and a recent spade of vendor and carrier IPv6 announcements (e.g. VeriSign, Hurricane Electric), is the 15 year old IPv6 migration effort finally gaining momentum? more

Political New gTLDs: One Year in Review

Once a month, at the end of the month, a snapshot of domain name registration volumes is taken according to categories of new gTLDs. Twenty categories are covered and this article covers Political new gTLDs. These snapshots allow having a global overview of which extensions increase their volume of domain names registered from a month to the other, in a period of 12 months. Below is what I noticed from January 2018 to December 2018 for domain name extensions related to politics. more

A Failed Whois Policy

ICANN's two-year effort to purportedly preserve the Whois public directory to the greatest extent possible while complying with GDPR has failed. Under the latest proposal, the Whois database, once a contractually-required directory of domain name registrants, will be gutted to the point of virtual worthlessness, as registrars, registries, academics, and hand-wringing others ignored the public interest and imposed ever-higher barriers to legitimate, GDPR-compliant access to registration data. more

Verisign Mitigates 300 Gbps DDoS Attack and Other Q2 2014 DDoS Trends

It has been another busy quarter for the team that works on our DDoS Protection Services here at Verisign. As detailed in the recent release of our Q2 2014 DDoS Trends Report, from April to June of this year, we not only saw a jump in frequency and size of attacks against our customers, we witnessed the largest DDoS attack we've ever observed and mitigated -- an attack over 300 Gbps against one of our Media and Entertainment customers. more

It’s Not Enough to Succeed. Others Must Fail.

As the last strike of the clock signals the end of 30 May 2012 there will be quiet relief from the back offices and consultants of most top-level domain name (TLD) applicants. And finally after the drama of the TAS system gremlins we have closure. Still there may yet be squeals of anguish as someone, somewhere got it wrong. A glitch in the applicant's computer, a lost bank transfer, a last minute switch of provider: all may be reasons for failure. ...as the quip attributed to Gore Vidal so aptly put it, "It's not enough to succeed. Others must fail." So lets discuss some additional points of failure. more

GNSO Council Review

The ICANN bylaws require a periodic review of ICANN structures and operations; the first of such reviews, that of the Generic Names Supporting Organization Council, is scheduled to be finalized in the next few weeks prior to the start of ICANN's annual meeting. To begin discussion on this topic, I draw your attention to a very thoughtful question posed by Joe Sims during the prior ICANN reform process... more

DDoS Attacks Increased by 2000% in Past 3 Years, Asia Generating Over Half of Recent Attacks

In the past three years, Akamai has seen 2,000% increase in the number of DDoS attack incidents investigated on behalf of its customers. The latest State of the Internet report released today by Akamai also identifies top countries from which this observed attack traffic originates, as well as the top ports targeted by these attacks. more

GDPR: Registries to Become Technical Administrators Only?

On 11 December 2017, about 25 participants from Europe and the US attended the public consultation for the brand new GDPR Domain Industry Playbook by eco (Association of the Internet Industry, based in Germany) at the representation of the German federal state Lower Saxony to the European Union in Brussels. The General Data Protection Regulation (GDPR) poses a challenge for the Registries, Registrars, Resellers and ICANN. more

Singular and Plural TLDs: A Rather Strange Decision

ICANN stated recently that it will allow similar (i.e. singular and plural) versions of the same string to co-exist for new Top-Level Domains (TLDs). This surprising decision immediately begs the question: "Will ICANN give holders of a string first refusal on the (singular or plural) version that they do not already hold during the next round of applications where only one version (singular or plural) of a string has been awarded?" more

How Spam Has Damaged Mail Forwarding - And Ways to Get Around It

Courtesy forwards have been a standard feature of e-mail systems about as long as there have been e-mail systems. A user moves or changes jobs or something, and rather than just closing the account, the mail system forwards all the mail to the user's new address. Or a user with multiple addresses forwards them all to one place to be able to read all the mail together. Since forwarding is very cheap, it's quite common for forwards to persist for many years. Unfortunately, forwarding is yet another thing that spam has screwed up. more