The Insecurity of Ambiguous Standards

Why are networks so insecure? One reason is we don't take network security seriously. We just don't think of the network as a serious target of attack. Or we think of security as a problem "over there," something that exists in the application realm, that needs to be solved by application developers. Or we think the consequences of a network security breach as "well, they can DDoS us, and then we can figure out how to move load around, so if we build with resilience (enough redundancy)... more

The Internet is Interconnection

There's a scene in the Steven Soderbergh movie, Traffic, where the widow of a drug dealer brings a doll to the Columbian drug kingpin. "The doll is stuffed with cocaine. Big deal, we've been doing that for years," he says dismissively. "No," she answers, "the doll is cocaine." The whole toy is a heat-treated, compression-molded block of cocaine, undetectable to sniffing dogs. The drug lord becomes very interested. The Internet is like that doll... more

Define “Spam”

In my consulting and working with clients, I rarely use the word spam. There are so many different definitions of spam, I have no way to know if my clients understand what I am saying, so I avoid the term as much as humanly possible. An example of some of the few definitions of spam I've seen used over the years... more

Why ICANN Nairobi Security Concerns May Be a Blessing in Disguise

There is a questionmark over ICANN's upcoming meeting in Nairobi, Kenya again. This time it has more bite than the usual xenophobia: the COO has published a US Department of State report that lists the conference centre itself as a specific threat from a Somalian insurgency group, Al-Shabaab. In response, a number of Internet companies have already announced they are pulling their people. more

ICANN at Large Shanghais The At-Large Conversation

On October 28, as ICANN met in Shanghai, China for its regular board meeting, ICANN at Large held a lengthy meeting to address user concerns, particularly the disenfranchisement of the At-Large by ICANN, and the At-Large's self-organizing in response. The meeting was chaired by YJ Park, one of our Executive Panel Members, and was well attended. Attendees included ... more

Broadband Anywhere: The New Trend Bringing Connectivity to Campers and Remote Locations

A new broadband trend has quietly entered the market. Both Starlink and T-Mobile are advertising broadband that can be used practically anywhere and are aiming new products at campers, hikers, and others that go to remote locations. According to T-Mobile, this is a huge market, with 15 million households taking RV trips yearly and 59 million people camping. more

NTIA Asks for Input from Organizations That Have Implemented IPv6

National Telecommunications and Information Administration (NTIA) released a stement today seeking input as part of its efforts to increase IPv6 adoption. more

Losing and Reclaiming Domain Names

For registrants who are not trademark owners losing their domain names can be an irretrievable loss; and for trademark owners, perhaps not irretrievable but fraught with uncertainties of recovery. ICANN attempted to solve the problem of inadvertent lapses of registration in the Expired Registration Recovery Policy (ERRP) and its companion the Expired Domain Name Deletion Policy (EDNDP), implemented in 2013. more

The Worm and the Wiretap

According to recent news reports, the administration wants new laws to require that all communications systems contain "back doors" in their cryptosystems, ways for law enforcement and intelligence agencies to be able to read messages even though they're encrypted. By chance, there have also been articles on the Stuxnet computer worm, a very sophisticated piece of malware that many people are attributing to an arm of some government. The latter story shows why cryptographic back doors, known generically as "key escrow", are a bad idea. more

US Tech Firm Cloudflare Accused of Providing Cybersecurity Services to Foreign Terrorist Groups

Leading American tech firm Cloudflare has been accused of providing cybersecurity services to at least seven designated foreign terrorist organizations and militant groups including Taliban, al-Shabab and Hamas. more

Alleged Power Grab: Is Internet Governance Hanging by a Thread?

The Internet Governance Forum in Bali is not without excitement as usual. There is a rumour about a power grab by the technical community. If the "power grab" is true, then I am assuming that this is a response to threats of institutional frameworks governing or interfering with the current status quo. Personally, I feel that this is anti thesis to "enhanced cooperation". If for some reason, ICANN or the US Government is behind the scenes in instigating this move, then I would suggest that it is very bad strategy and will cause more damage than harm to the current status quo. more

Eugene Kaspersky: World Needs International Agreements On Cyber-Weapons

Eugene Kaspersky has warned global leaders that the world needs international agreements about cyber-weapons in the same way as it needs agreements about nuclear or biological weaponry. The chairman and chief executive officer of Kaspersky Lab, warned delegates at CeBIT Australia that cyber-warfare and terrorism was the number one internet threat facing the world today. He said the Stuxnet industrial virus had demonstrated that cyber-weapons were capable of damaging physical infrastructure, and were "a thousand times cheaper" to develop than conventional weaponry. more

Starlink Backhaul for Rural Community WiFi: A Game Changer in Kenya?

Starlink launched maritime service in July 2022, and by January 2023 Elcome International LLC, a maritime technology solution provider since 1970, had installed multi-antenna Starlink Maritime arrays on two super yachts with more than 100 passengers and crew. Elcome launched its Starlink maritime service in May 2024 and now has over 3,000 terminals under management. more

Microsoft Warns Extortion Drives Majority of Attacks Amid AI Escalation, Identity Collapse, and Global Fragmentation

Microsoft's latest Digital Defense Report reveals how cybercriminals and nation-states are rapidly adopting AI to enhance attacks. With identity-based threats soaring, the company urges urgent modernization of security systems and global cooperation. more

The ICANN New Generic TLD Process (Las Vegas Edition)

I have not submitted any comments on ICANN's new gTLD process, mostly because many other people have said more diplomatically what I think, but I thought I could blog about it. My main concern from the beginning was that the process should allow any serious candidate to run with a reasonable chance to be able to actually start running a gTLD. This includes small and medium sized communities and startup companies with little seed money. This also includes registry models that may not favour mass registrations. For all these, the current model is flawed. more