Mitigating the Increasing Risks of an Insecure Internet of Things

The emergence and proliferation of Internet of Things (IoT) devices on industrial, enterprise, and home networks brings with it unprecedented risk. The potential magnitude of this risk was made concrete in October 2016, when insecure Internet-connected cameras launched a distributed denial of service (DDoS) attack on Dyn, a provider of DNS service for many large online service providers (e.g., Twitter, Reddit). Although this incident caused large-scale disruption, it is noteworthy that the attack involved only a few hundred thousand endpoints... more

American National Broadband Plan Good First Step

The National Broadband Plan that the FCC will present on 17 March will set the USA on a completely different telecoms path. This plan will hopefully show Congress that it is worthwhile making the legislative changes that will deliver the social and economic benefits of a national broadband infrastructure. more

Packet Loss: How the Internet Enforces Speed Limits

There's been a lot of controversy over the FCC's new Network Neutrality rules. Apart from the really big issues -- should there be such rules at all? Is reclassification the right way to accomplish it? -- one particular point has caught the eye of network engineers everywhere: the statement that packet loss should be published as a performance metric, with the consequent implication that ISPs should strive to achieve as low a value as possible. more

MicroID: A Microformat for Claiming Ownership

This morning I learned about MicroIDs from Doc Searls. Jeremy Miller has proposed MicroIDs as a microformat that "allows anyone to simply claim verifiable ownership over their own pages and content hosted anywhere." A MicroID is a hash of two hashed values. The first is a verified communication ID. The second is the URI of the site that the content will be published on. You end up with a unique, long string of gibberish that can be put in the header of a Web page or even wrapped around one part of a page... more

The Addressing System for the Next (Wireless) Internet

I gave a talk yesterday at Northwestern called A DNS in the Air. My idea is that, in order to scale, the emerging wireless Internet needs something analogous to the domain name system (DNS) -- the infrastructure that allows you to reach sites across the Net. Billions of mobile phones, and even more billions of connected sensors and other wireless devices will completely overwhelm our current spectrum management regime. AT&T Wireless estimates we will need between 250 and 600 TIMES the current wireless capacity in 2018, less than a decade from now. more

The Report on “Securing Cyberspace for the 44th Presidency”

A report "Securing Cyberspace for the 44th Presidency" has just been released. While I don't agree with everything it says (and in fact I strongly disagree with some parts of it), I regard it as required reading for anyone interested in cybersecurity and public policy. The analysis of the threat environment is, in my opinion, superb; I don't think I've seen it explicated better. Briefly, the US is facing threats at all levels, from individual cybercriminals to actions perpetrated by nation-states. The report pulls no punches... more

A Navigation Aid or a Brand TLD? (Part 2 of 2)

So what are the characteristics of a "Brand TLD"? Please note that by "Brand TLD", I do not mean gTLDs applied for by brands. I mean TLDs whose registrants tend to use them as their primary site and identity. They have either created themselves as, or have become a brand in the eyes of their registrants. These TLDs tend to be in the minority. more

USC: Solving the Digital Divide?

Like many in the UK communications industry my colleagues and I at Entanet have been eagerly awaiting the Digital Britain report. Darren Farnden, Entanet's Head of Marketing, has posted an interesting assessment of key parts of the report at opinion.enta.net. Given the content of Darren's article I thought it would be useful to post it in full here for CircleID readers... more

A Data Dumb Exposes 773 Million Unique Email Addresses, 22 Million Passwords

Close to 773 million unique email addresses and 22 million unique passwords were found to be hosted on cloud service MEGA. more

Outsourcing and Registry Operations Present Challenges to New TLD Applicants

After ICANN announced in Singapore approval of the new Top-Level Domain (TLD) program, we heard many prospective applicants say they would start asking registry infrastructure providers to break down their costs into registration and resolution components. The last few TLD launches have shown that although you can achieve some respectable registration volumes for new TLDs, chances are it will take some time for content to be associated with the domain names, and hence, resolutions to pick up. more

U.S. Schools Targeted in Ransomware Attacks: White House Responds

In response to increasing ransomware attacks targeting U.S. educational institutions, the White House convened an inaugural cybersecurity summit this Tuesday. The malicious cyber onslaughts have led to the online leakage of confidential student data, ranging from medical files to reports on sexual assaults. more

From IPv6 Day to IPv6 Everyday

Quite a number of articles and blogs including one I contributed had IPv6 haruspices dissect the entrails and divine the future of the internet in the wake of the june 8th IPv6 World Day. It came and went with some trepidation, the internet did not go comatose and some marveled at and reported on traffic peaks they witnessed. Preparation of a keynote for the Gogonet Live conference in San Jose, provided me the opportunity to have a look at how some variables evolved since June... more

Facebook Apps on Any Website: A Clever Move? Or a Security Nightmare?

Well, given the amount of malicious JavaScript, malware, and other possibilities to use Facebook (and other similar social networking platforms) for abuse, I certainly wouldn't categorize this news as a "clever move"... In fact, I foresee this as an extraordinarily short-sighted move with far-reaching security implications -- which will allow the levels of malicious abuse to reach new heights. more

Who Are the True Multi-Stakeholders in ICANN?

During ICANN Durban, I attended the Country Code Names Supporting Organisation (ccNSO) 10 year anniversary celebrations. ICANN Chairman, Dr Steve Crocker, was on hand to congratulate the ccNSO on their 10 years and revered them as the "true multi-stakeholders in ICANN". Post Durban, I was reviewing notes and I came across a similar statement made during a ccNSO session that country code Top-Level Domains (ccTLDs) "represent the best functioning multi-stakeholder model" in the ICANN ecosystem. Is this entirely accurate? more

Google Book Search Settlement: Another Digital Pandora’s Box

A very good friend of mine is an archivist with the Ontario government, and we share similar views on how technology is impacting modern life. He passed a really interesting item along that ran in yesterday's Washington Post. Some of you may be following this – Google's Book Search Settlement. I can definitely see how this has a direct bearing on the archive space, but also how it touches on a few tangents of my world – emerging communications technologies. more