ICANN Hubris Knows No Ends

Despite all signs pointing to a launch of the new generic Top-Level Domains (gTLDs) program in Singapore, it seems like ICANN could not help poking the Government Advisory Committee (GAC) in the eye one last time. In the latest installment of how a California not for profit technical coordinating body knows best, we have the ICANN Evidence of "Use" Requirement for Trademark Protection document. more

DNS… Wait a SEC

Complete DNSSEC implementation requires that domains are authenticated at the root by the Registry, and that DNS zones and records are authenticated as well. Now before I go any further, let me begin by stating that I fully support the development and deployment of DNSSEC and that the vulnerabilities presented by Cache Poisoning are very real, especially for those websites collecting login credentials or other types of sensitive information. more

The World is in Need of Transformative Solutions

The world has changed significantly since 2000, when the countries of the world adopted the United Nations Millennium Development Goals (MDGs). While strong economic growth in the developing world has helped lift millions out of poverty, global population growth, modern lifestyles and consumption are now stretching the limits of the planet's resources. During this time, technological advances in information and communication technologies (ICT) have radically transformed the way people communicate and lead their lives; now ICT can play a vital, transformative role in helping to put the world on a more sustainable path. more

IPv6 : Rumours Are More Accurate Than Predictions

As rumours tend to be more accurate than predictions, the last /8's are hanging already on this years Christmas tree and one should hurry to get hold of a small little RIR block to put on next year's tree. I will miss the decade of heated and passionate debates between Tony Hain and Geoff Huston on when the exhaustion would actually happen. Estimates ranged all the way from 2008 to 2020 with Tony predicting early demise of IPv4 addresses while Geoff initially thought exhaustion would come later. As time passed the interval converged and here we are. more

ICANN Bans Dotless Domains

Any new top level domain approved for the Internet will have to be more than just a single label. ICANN's new gTLD program committee (NGPC) has decided to ban the use of "dotless domains". TLD operators that had planned to use their new suffix as a keyword, i.e. just the string and nothing else, will now have to reconsider. more

“Keep Those Eyebrows Up!” - Cybersecurity at the Global Women’s Forum

News of cyberattacks is slowly becoming a new normal. We are still at a stage where high-profile cases, like the recent attack against the American credit reporting company Equifax, in which 145.5 million users had their personal information compromised, raise eyebrows. But we need those eyebrows to stay up because we should never accept cyber threats as the new normal. more

Domain Names in 9 Indian Scripts to Be Added to the Root Servers by June

Internet root servers will soon allow domain name registrations in nine Indian scripts, according to Universal Acceptance Steering Group (UASG). more

A Progressive Web Apps World?

The browser is now a full fledged platform for apps. The major benefits of using the browser as a platform includes ease of universal deployment and avoiding concepts such as having to install software. It's also a very flexible and powerful environment. Increasingly consumer electronics "devices" are software applications... Today's PWAs (Progressive Web Apps) go further. They take advantage of HTML5 and also capabilities of the JavaScript environment. more

Not Quite Two Factor, or Is Your Phone Number Really Something You Have?

A recent article in the New York Times Dealbook column reported on phone number hijacking, in which a bad guy fraudulently takes over someone's mobile phone number and used it to reset credentials and drain the victim's account. It happens a lot, even to the chief technologist of the FTC. This reminds us that security is hard, and understanding two-factor authentication is harder than it seems. more

Verisign Mitigates 300 Gbps DDoS Attack and Other Q2 2014 DDoS Trends

It has been another busy quarter for the team that works on our DDoS Protection Services here at Verisign. As detailed in the recent release of our Q2 2014 DDoS Trends Report, from April to June of this year, we not only saw a jump in frequency and size of attacks against our customers, we witnessed the largest DDoS attack we've ever observed and mitigated -- an attack over 300 Gbps against one of our Media and Entertainment customers. more

The Spamhaus Whitelist

For several months I have been working with the Spamhaus project on a whitelist, which we announced to the public this week. While this is hardly the first mail whitelist, our goals are somewhat different from other whitelists. Think of e-mail as ranging from inky black to pearly white... more

Authorities Take Down the Mariposa Botnet

There are a number of sources talking about the takedown of the Mariposa botnet... Spanish authorities, working with researchers from Panda Labs, Defence Intelligence and a couple of other educational institutions, took down the Mariposa botnet (Mariposa is the Spanish word for "butterfly"). The Mariposa botnet is an absolutely enormous with around 12 million (!) nodes doing its bidding. It was involved in things like credit card phishing and identity fraud. more

An Introduction to Security and Reliability - What Does It Really Mean?

I co-authored a book in 2005, titled "Extreme Exploits: Advanced Defenses Against Hardcore Hacks." My chapters focused on securing routing protocols such as BGP, and securing systems related to DMZs, firewalls, and network connectivity. As I look back over those chapters, I realize that the basic fundamentals of network security really haven't changed much even though technology has advanced at an incredible pace. "Defense in depth" was a hot catch phrase seven years ago, and it still applies today. more

DOTZON Study: Digital Company Brands 2021

DOTZON presents the fourth edition of the Digital Company Brands study. After having introduced the study in 2018, DOTZON continued to expand and enhance the underlying data to display how cities successfully use their Digital Company Brands. The Digital Company Brand is the digital dimension of a company brand and mirrors the "digitalness" of a company. Purely digital company brands developed for the first time in the 1990s, with the emergence of Internet business models. Some of them were based solely on a generic Internet address, for example, www.hotel.de or www.amazon.com. more

Spam Is on the Decline; What Are the Implications?

Previously, I wrote that the total amount of spam that we are seeing has seen a significant decline over the past year and a half. What does this mean in real terms? Are we finally winning the fight against spam? There are multiple angles. On the one hand, processing spam takes significant system resources... more