Typosquatting Claims Against Security Researcher Are Legally Complicated - Gioconda v. Kenzie

Kenzie is a security researcher who has registered numerous domain names that are typographic errors of well-known trademarks (e.g., rnastercard, rncdonalds, nevvscorp, rncafee, macvvorld, rnonster, pcvvorld). He points the domain names to the actual sites in question (e.g., rncdonalds points to mcdonalds.com), but he is looking to demonstrate how these typo domains are used for "social engineering" attacks. more

Disruptive Google Fiber Is Shaking up the Telco World

The Google Fiber project is receiving international attention. This in itself is a good thing, since it brings the benefits of high-speed FttH infrastructure to the attention of large numbers of people in business and government who will not have to deal with such developments on a regular basis... At the same time we have to look at Google Fiber from the point of view of operating in the American regulatory environment. Yes, we can all learn from its disruptive model, and particularly when the results of the more innovative elements of the services begin to kick in; but for other reasons there is no way that this model can be replicated elsewhere. more

Constraints on Satellite Broadband: Starlink Alone Unable to Meet Rural Broadband Demand

In a 2024 end-of-year memo, Gary Bolton of the Fiber Broadband Association said that FBA had partnered with the consulting firm Cartesian to look at the pros and cons of Starlink in the U.S. FBA says that report shows that Starlink currently has 1.4 million customers in the U.S., and with the current satellite constellation has the capacity to serve 1.7 million customers. more

IP Addresses Are Not Telephone Numbers - The Fundamental Flaw with the FCC’s Proposed Privacy Rules

Last month the FCC released a Notice of Proposed Rulemaking (NPRM) on Customer Proprietary Network Information (CPNI), the information telcos collect about consumers' phone calls. The Commission's proposed rules would adapt and apply privacy rules that have historically applied to the traditional telephone space to broadband carriers. It would also regulate how broadband providers use and share that data. more

ICC Cyber-Enabled Crimes and DNS Abuse: Accountability Questions for Infrastructure Operators

The ICC's new cyber policy reframes Internet infrastructure as crucial to prosecuting atrocities, prompting DNS operators and network providers to grapple with emerging obligations around evidence, neutrality, and cooperation in international justice. more

Cybersecurity Considerations in the Work-From-Home Era

Verisign is deeply committed to protecting our critical internet infrastructure from potential cybersecurity threats, and to keeping up to date on the changing cyber landscape. Over the years, cybercriminals have grown more sophisticated, adapting to changing business practices and diversifying their approaches in non-traditional ways. We have seen security threats continue to evolve in 2020, as many businesses have shifted to a work from home posture due to the COVID-19 pandemic. more

When is Similarity Confusing? Cybersquatting and Abusive Registration

The case I'm reporting on today has garnered attention from a number of quarters. One commentator, Andrew Allemann tells us that "[he's] struggling with this UDRP decision" and Nat Cohen of Telepathy Inc. in a couple of Tweets and a private conversation is concerned that the holding could be a Trojan Horse by erasing the distinction between merely confusing and confusingly similar. The problem centers on the Panel's holding that everyfamily.org is confusingly similar to EVERYTOWN... more

The Cock and the Goat: ICANN in the Age of Horrorism

Like everyone else, former ICANN board members have been preoccupied by the horrific November 13th, 2015 attacks on Paris, France, by a bunch of cold-blooded mass murderers. Our email list discussion of the Paris attacks covered a number of issues, including the inevitable question: what, if anything, should ICANN do in response? Some list subscribers concluded that the events had nothing to do with ICANN's mission, and that we should just sigh and move on. Others, on the other hand, said: not so fast, it would serve ICANN well to take a closer look at the matter, and its ramifications on wider world of ICANN.  more

As WHOIS Transitions to RDAP, How Do We Avoid the Same Mistakes?

In 1905, philosopher George Santayana famously noted, "Those who cannot remember the past are condemned to repeat it." When past attempts to resolve a challenge have failed, it makes sense to consider different approaches even if they seem controversial or otherwise at odds with maintaining the status quo. Such is the case with the opportunity to make real progress in addressing the many functional issues associated with WHOIS. We need to think differently. more

Ten Stopgap Tips for Privacy and Security Risk Management in a Pandemic

As businesses adjust to the "new normal" in the ongoing COVID-19 pandemic, it is important to quickly take stock of where your organization stands on privacy and security risk. Even in these unusual circumstances, organizations of all sizes and sophistication continue to be expected to act with reasonable care and comply with their public commitments and regulatory obligations. Enterprises may be finding different or better ways to operate, collaborate, and service customers. more

GDPR, ICANN, and Registrar WHOIS

On Friday I was on a surprisingly interesting session at Rightscon 2018 in Toronto about GDPR and WHOIS. The panel consisted of Eleeza Agoopian from ICANN staff; Avri Doria who was recently appointed to the ICANN board; Elliot Noss who runs large registrar Tucows; Stephanie Perrin who has done a lot of privacy work for the Canadian government and as an ICANN volunteer, and me; Milt Mueller, who is now at Georgia Tech, moderated. more

All New gTLD Registrations Should Be Subject to Sunrise Periods - Even Reserved Names

Planning to register your trademark as a domain name during a Sunrise Period only to find out that the registration appears on a Reserved Names list? There are a number of reasons why a domain that matches your trademark is appearing on a Reserved Names list. First of all, if the domain desired is the subject of Name Collision, it may appear on a Reserved Names list. Although this is not true for all registries, as some operators are allowing domains that have been the subject of Name Collision to be allocated during Sunrise, but not delegated. more

The Design of the Domain Name System, Part VII - Related Names Are Not Related

In previous installments we've been looking at aspects of the design of the DNS. Today we look at the relationship of similar names in the DNS. A poorly appreciated aspect of the DNS is that there is no inherent relationship between similar looking names. more

IPv6 and MEID’s… Stop Choking on 32 Bits

Both the Internet and North American cellphones are choking under a 32 bit limitation and reactions from protagonists involved in both cases offer striking similarities. 1983 saw the debut of IPv4 and North American mobile telephony started in earnest with Bell's analog AMPS (Advanced Mobile Phone Service). Responding to the need to uniquely identify the growing number of mobile devices in order to bill their owner, the FCC ordered that handsets be equipped with a unique identification number embedded on a chip. This became the 32 bit ESN... more

Iranian Protesters Urged Not to DDoS Gov Sites, Could Backfire as Country’s Networks Are Centralized

In the midst of heavy demonstrations in the street of Iran against current regime and controversial election results, online activist have began organizing online attacks against government websites. Activists are asking supporters to use tools currently being spread via Twitter, Facebook, and other social networking sites to participate in the attack. However as one blogger writes, the attack might in fact back fire in a country like Iran where network infrastructure is relatively centralized... more