CENTR Publishes Comment on the European Commission’s DNS Abuse Study

CENTR, which represents European national top-level domain name registries (ccTLDs) such as .si or .eu, has published its comments on the European Commission's DNS abuse study, calling out some of the "misleading analysis and unfortunate conclusions in the study." more

Innovation in DNS Business

One thing that amazed me about the ICANN community is the creativeness in finding new business models. I am not even talking about new technology like Internationalized Domain Names (IDN), the number of business models created from the vanilla DNS (actually just .com) are just mind boggling. ICANN was formed in 1999 and introduced the concept of registries and registrars model to the DNS business. With that, we witness the rise of register.com, an IPO darling in the dotcom days, in the early 2000s and subsequently overtaken by the ultra-cheap high-volume reseller model of GoDaddy. We also see new registries like .info and .biz and several others that didn't do so well. There are also after-market (aka ebay) for domain names like afternic and registry outsourcing, DNS hosting, Dynamic DNS etc. That's about what most outsiders know of DNS business models, mostly revolved around the registry-registrar-reseller model. But there are really more and I shall discuss two not-so-well-known but interesting models below. more

Internet Governance Outlook 2021: Digital Cacaphony in a Splintering Cyberspace

In 2020, the pandemic accelerated digitalization around the globe. Homeoffice, Online Shopping, Zoom Conferences became part of the daily life for billions of people. But if somebody would have expected that the Covid-19-Desaster is a wake-up call for the world to be more united, work hand in hand, and pool resources reducing risks of a borderless threat, this "somebody" was wrong. 2020 was dominated by "My country first." more

A Simulation of the SpaceX, Amazon, Telesat and OneWeb Broadband Satellite Constellations

Over two years ago, an MIT research group ran a simulation of the low-Earth orbit broadband constellations of OneWeb, SpaceX, and Telesat, and last January they repeated the simulation updating with revised constellation characteristics and adding Amazon's Project Kuiper. They ran the new simulation twice, once using the planned initial deployments of each constellation and a second time using the configuration shown. more

More Top-Level Domain Wildcards

With all of the recent excitement about *.cm, the Cameroonian wildcard that someone is using to collect vast numbers of mistyped .com addresses, I wondered how many other wildcards there were at the DNS top level. There's a total of 13. Half of the wildcards are harmless. The *.museum wildcard leads to a registry page that helps guess what you might have been looking for. ...The .mp page also claims that .mp is for Mobile Phone rather than for the Marianas Islands, but they're hardly the only small poor island to try to cash in on their ccTLD, and they at least run it themselves. more

Blacklisting Under Wrong Assumptions

If you analyze the relay of spam- and malware-containing email circulating on the Internet purely through your mail server logs (running the Unix command "tail"), a large proportion seem to come from Asia Pacific hosts, especially those from mainland China. Therefore, many less-experienced systems administrators have simply blocked the access from subnets of Chinese or Asian origin, effectively destroying the fabric of the Internet -- messaging. If administrators took pains to analyze these supposedly Asian spam messages by analyzing the full Internet headers, they would have realized that the Asian servers were merely used by the real spammers as open relays, or perhaps as zombie hosts previously infected with the mass mailing worms through the exploitation of operating system vulnerabilities.  more

Blacklists Down from Fear of DDoS

Yet another DNS blacklist has been taken down out of fear of the DDoS attacks that took down Osirusoft, Monkeys.com, and the OpenRBL. Blackholes.compu.net suffered a Joe-Job (A Joe-Job is essentially spam designed to look like it's coming from someone else.) earlier this week. Apparently the Joe-Jobing was enough to convince some extremely ignorant mail administrators that Compu.net is spamming and blocked mail from compu.net. Compu.net has also seen the effects of DDoS attacks on other DNS blacklist maintainers. They've decided that the risk to their actual business is too great and they are pulling the plug on their DNS blacklist before they come under the gun by spammers. more

Do We Need Title Insurance for Domain Names?

Over the Thanksgiving holiday I read an article in Forbes (November 13, page 148) about real estate title insurance. The article was about how real estate title insurance is a joke and overpriced. But as I read in the article how titles are investigated, in dawned on me that a title check service for domain names would be helpful. Title checks and title insurance would prevent you from losing money when you bought a stolen domain. Last year I almost got bilked for $5,000 buying domains...before I discovered they were stolen... more

“No Legal Basis for IANA Transition”: A Post-Mortem Analysis of Senate Committee Hearing

The recent hearing conducted by the US Senate Committee on Commerce, Science & Transportation on 'Preserving the Multi-stakeholder Model of Internet Governance' again showed that the Republican-controlled US Congress needs to act decisively to protect the status quo. The Senator Thune-led Committee convened the hearing on 25th February to look into the 'IANA Transition' and assess the level of preparedness of the non-governmental agencies that are handling the Internet Technical Management functions... more

Endpoint Rollbacks & Data Shadow Copies

Recently I was asked by a customer how they can easily set up rollback capabilities on the endpoints in their corporate network. They had seen the marketing hype by various security technology providers that their products included rollback capabilities they could utilize if/when one of their workstations or servers was infected by malware. Having gotten this question more than once, I thought it would be a good subject to share with a broader audience. more

ICANN and Your Internet Abuse

In spite of the material we were presented with in Durban something has gone very wrong inside of ICANN Compliance. KnujOn has published a report which demonstrates that ICANN Compliance appears to completely collapse between September 2012 and December 2012. Following December 2012, ICANN seems to stop responding to or processing any complaints. It is around this time certain compliance employees start disappearing. This was not limited to the Sydney office as some would have us believe... more

Cybersecurity Tech Accord: 98% of Registrar Whois Requests Unrequited

When a brand goes so far as to ask a domain name registrar for Whois (the registration contact details) of a potentially abusive domain name, there's likely a lot at stake. Most often, the request is prompted by consumer safety concerns, such as the risk to consumers posed by a malicious site. Other times, the demand has a simple goal: to have a dialog with the registrant about the use of trademarks or other intellectual property in order to avoid extreme action. more

Do We Really Need IDN?

James Seng has quoted that Korea, China and Japan must have IDN (Internationalized Domain Name) service. His statement may appear as above mentioned countries desperately need for IDN services because there are no alternative. However, there have already been well established local Internet address providers since quite some time. more

Don’t Register Your Domain in the U.S. if it’s Controversial

In the news lately have been a number of incidents where U.S. courts, or the U.S. government itself has ordered domain registrars to shut down free speech. First was the E360 vs Spamhaus case, in which accused spammer E360 Insight sued anti-spam organization Spamhaus for labeling them as spammers and won by default when Spamhaus insisted that U.S. courts did not have jurisdiction over them in England and didn't appear. Unfortunately, U.S. courts did have jurisdiction over Spamhaus' domain registrar, who was nearly ordered to shut Spamhaus down (a court order was under consideration). Fortunately, Spamhaus was able to move their registration overseas before any shutdown order could be issued... more

Freedom of Expression Part 5: COVID Vaccines not Mandatory

In Part 4 of the Freedom of Expression series, I had highlighted my concerns about the lack of transparency in ingredients of all the COVID-19 vaccines, which has been addressed by Council of Europe's Parliamentary Assembly, the same day (World Holocaust Day) I had raised these concerns. A recent Resolution by the Parliamentary Assembly of the Council of Europe will see the further regulation of social media on content relating to COVID-19. more