Internet Governance: An Antispam Perspective

All those Internet Governance pundits who track ICANN the way paparazzi track Paris Hilton are barking up the wrong tree. They've mistaken the Department of Street Signs for the whole of the state. The real action involves words like rbldnsd, content filtering, and webs of trust. Welcome to the Internet! What's on the menu today? Spam, with some phish on the side! We've got email spam, Usenet spam, IRC spam, IM spam, Jabber spam, Web spam, blogs spam, and spam splogs. And next week we'll have some brand new VoIP spam for you. Now that we're a few years into the Cambrian explosion of messaging protocols, I'd like to present a few observations around a theme and offer some suggestions. more

7 Major Current Trends in Cloud Computing

Cloud computing has experienced exponential growth over the last few years. As of December 2013, almost 60 percent of current small-to-medium businesses (SMB) use cloud services, and 72 percent of these businesses virtualize substantial portions of their servers. The growth is only expected to increase over the next few years. Here are just a few of the major current trends in the industry today. more

Could a Vanity URL Strategy with Your .Brand Be the Key to Supercharging Your SEO?

I feel incredibly lucky to work every day with some of the biggest, most recognised and most innovative organisations from around the world on developing strategies for their .brand TLDs. In this capacity, I also have the privilege to meet some of the most knowledgeable and forward-thinking experts in branding, digital marketing, web development and technology, to name a few. One such person is the brilliantly talented Matt Dorville. more

An Interview with the Lead Developer of SPF - Part I

CircleID recently interviewed Meng Weng Wong, the lead developer of Sender Policy Framework (SPF) and founder of Pobox.com. As one of the leading anti spam authentication schemes, SPF is used by companies such as AOL, Earthlink, SAP and supported by anti spam companies such as Sophos, Symantec, Brightmail, IronPort, Ciphertrust, MailArmory, MailFrontier, Roaring Penguin Software, and Communigate Pro. Last month, Microsoft announced its agreement to merge Caller ID, its own proposed anti spam authentication scheme, with SPF -- the joint standard is called 'Sender ID'. In this two-part interview, Meng Wong explains how SPF got started, where it is today and what could be expected in the future of email. more

Is the Internet Dying?

There are indications that the Internet, at least the Internet as we know it today, is dying. I am always amazed, and appalled, when I fire up a packet monitor and watch the continuous flow of useless junk that arrives at my demarcation routers' interfaces. That background traffic has increased to the point where it makes noticeable lines on my MRTG graphs. And I have little reason for optimism that this increase will cease. Quite the contrary, I find more reason to be pessimistic and believe that this background noise will become a Niagara-like roar that drowns the usability of the Internet. And the net has very long memory... more

Whois Privacy vs. Anonymity

The Internet is often a lawless place. Everyone knows that there are many tricks and traps lurking on the Internet, just waiting to prey on unsuspecting and innocent users. Some of these traps will trash your computer while others will turn your PC into a zombie that will broadcast messages at the virus writer's command. ...The list of annoyances and downright criminal activities seem endless. ...To make the Internet a safer place both legislators and law enforcement are now focusing on the Internet. In the crossfire that's taking place there are many ideas that are being offered up. Some of them are good and some are not. One bad decision that was recently forced upon the Internet community (without hearings -- more on this later) was to eliminate private domain name registrations for .US domain names. ...It's important to understand the difference between privacy and anonymity. more

ICANN Uses For-Profit Companies as “Comparables” in Its Employee Compensation

According to page 123 of ICANN's annual report: "...Commitment to continued payment in the salary span of 50th to 75th percentile of for-profit market place of companies of a similar size and complexity to ICANN..." Note that the comparables have been "for-profit". This is obviously ridiculous, given the purported non-profit nature of ICANN, with its inherent job security... more

Close to 735K Fraudulently Obtained IP Addresses Have Been Uncovered and Revoked, ARIN Reveals

The American Registry for Internet Numbers, Ltd. (ARIN) has won a legal case against an elaborate multi-year scheme to defraud the Internet community of approximately 735,000 IPv4 addresses, the organization has revealed. While the specifics of the findings are not released, John Curran, ARIN President and CEO said the fraud was detected as a result of an internal due diligence process. more

IPv6: Extinction, Evolution or Revolution?

For some years now the general uptake of IPv6 has appeared to be "just around the corner". Yet the Internet industry has so far failed to pick up and run with this message, and it continues to be strongly reluctant to make any substantial widespread commitment to deploy IPv6. Some carriers are now making some initial moves in terms of migrating their internet infrastructure over to a dual protocol network, but for many others it's a case of still watching and waiting for what they think is the optimum time to make a move. So when should we be deploying IPv6 services? At what point will the business case for IPv6 have a positive bottom line? It's a tough question to answer, and while advice of "sometime, probably sooner than later" is certainly not wrong, it's also entirely unhelpful as well! more

Examining Two Well-Known Attacks on VoIP

VoIP is here to stay. In fact many incumbent telecommunication carriers have started offering VoIP service for sometime and several new VoIP service providers have emerged. Aside from issues such as quality of service, the aspect of security, or lack thereof, is misunderstood by some of the VoIP service providers. This purpose of this article is to discuss two of the most well known attacks that can be carried out in current VoIP deployments. more

Adult-Related TLDs Considered Dangerous

In an RFC prepared by Donald E. Eastlake 3rd and Declan McCullagh, an analysis is offered for proposals to mandate the use of a special top level name or an IP address bit to flag "adult" or "unsafe" material or the like. This document explains why these ideas are ill considered from legal, philosophical, and technical points of view: "Besides technical impossibility, such a mandate would be an illegal forcing of speech in some jurisdictions, as well as cause severe linguistic problems for domain or other character string names." more

IDN and Homographs Spoofing

There is a published spoofing attack using homographs IDN. By using a Cyrillic SMALL LETTER A (U+430), Securnia is able to pretend to be http://www.paypal.com/. Actually this is well-documented in RFC 3490 under the Security Consideration: "To help prevent confusion between characters that are visually similar, it is suggested that implementations provide visual indications where a domain name contains multiple scripts. Such mechanisms can also be used to show when a name contains a mixture of simplified and traditional Chinese characters, or to distinguish zero and one from O and l..." more

Summary Judgment Denied in a Case of Creative Typosquatting

In the case of Lands' End, Inc. v. Remy, the defendant website owners were accused of crafting a clever scheme to get some extra commissions from their affiliate relationship with landsend.com. It looks like the scheme has backfired, however, as Lands' End's claim against the defendants under the Anticybersquatting Consumer Protection Act, [15 U.S.C. §1125(d)] ("ACPA") has survived a summary judgment motion and the case is heading for trial. more

India Launches ‘.bank.in’ and ‘.fin.in’ Domains to Deter Financial Fraud

In a bid to bolster cybersecurity in India's financial sector, the Reserve Bank of India (RBI) has announced exclusive internet domains -- 'bank.in' for registered banks and 'fin.in' for non-banking financial entities. RBI Governor Sanjay Malhotra revealed that registrations for 'bank.in' will commence in April 2025, followed by 'fin.in', with the initiative aimed at reducing phishing attempts and fortifying digital banking trust. more

Google’s Top-10 Search Terms Dominated By Trademarks

According to Google's 2006 Year-End Review, dubbed Zeitgeist, or the cultural climate of an era, a majority of the top-ten search terms for 2006 were trademarks. Topping the list is the registered BEBO mark which is held by Bebo.com LLC, a California company that runs a social networking website. Second on the list was MYSPACE, the registered mark associated with Newscorp's $580 million social-networking giant. Next, as a result of a majority of the world catching soccer fever over the summer, "world cup" ranked as the third most searched term... more