I, the Domain Name Tasting Victim

I have recently been a "victim" of the domain name tasting "scam". A domain name (.COM) which is related to me personally (and which was owned by someone else previously) expired and as I knew from Whois (which is another debate on its own) that the expiry date was coming up, I kept a watch on when it would become available so I could register it. To cut a long story short, it took me nearly 6 weeks to get the domain. Each time the domain dropped off the 5 day grace period (it is not really something that would generate ad revenue), it would be picked up by a different registrant... more

The Evolution of 5G

Technology always evolves, and I've been reading about where scientists envision the evolution of 5G. The first generation of 5G, which will be rolled out over the next 3-5 years, is mostly aimed at increasing the throughput of cellular networks. According to Cisco, North American cellular data volumes are growing at a torrid 36% per year, and even faster than that in some urban markets where the volumes of data are doubling every two years. The main goal of the first-generation 5G is to increase network capacity to handle that growth. more

Zoom Security: The Good, the Bad, and the Business Model

Zoom - one of the hottest companies on the planet right now, as businesses, schools, and individuals switch to various forms of teleconferencing due to the pandemic - has come in for much criticism due to assorted security and privacy flaws. Some of the problems are real but easily fixable, some are due to a mismatch between what Zoom was intended for and how it's being used now - and some are worrisome. more

Harm Caused by Typosquatting Is Still Modest, Research Suggests

Harm caused by domain name typosquatting is still modest, to both the user and the brand holder, and investment on anti-typosquatting products should be cautious, according to a paper published in Security and Privacy (SP), 2015 IEEE Symposium titled, "Every Second Counts: Quantifying the Negative Externalities of Cybercrime via Typosquatting." The paper presents a strategy for quantifying the harm caused by the cybercrime of typo squatting via an intent inference technique. more

IPv6 and Prepaid Electricity

When visiting a friend in the UK in my student days some decades ago, he asked me at one point in time if I had some coins to keep the electricity meter going. This was the first and last time I saw a coin activated electricity meter. In my mind, prepaid electricity now essentially belonged to a distant past when Scrooge like landlords would make sure renters did not disappear without paying their electricity bills. more

DNS Security Flaw Secret Leaked Prior to Set Date: Patch DNS as Fast as Possible

In what seems to have started with a blog post by reverse engineer Halvar Flake, and subsequent blog postings from other experts in the know, the details of the recently announced DNS vulnerability was quite likely made public today. The DNS flaw was found earlier this year by security researcher Dan Kaminsky and earlier this month announced publicly along with various tools and patches provided by numerous vendors... more

Is the WCIT Indeed Wicked?

The traditional network operators see OTT services as a threat, and the companies offering them are perceived to be getting a free lunch over their networks - they are calling for international regulation. In particular, the European telcos (united in ETNO) have been claiming that this undermines their investment in infrastructure and they want to use the WCIT conference in Dubai later this year to lobby for regulatory changes that would see certain levies being levied - something that is strenuously opposed by, among others, the USA and the APAC countries. more

IPv6 Security Considerations

When rolling out a new protocol such as IPv6, it is useful to consider the changes to security posture, particularly the network's attack surface. While protocol security discussions are widely available, there is often not "one place" where you can go to get information about potential attacks, references to research about those attacks, potential counters, and operational challenges. more

Internet Governance Forum Publishes BPs on Regulation and Mitigation of Unsolicited Communications

The IGF this morning published a number of reports, including the aforementioned one, at the URL provided, titled 'IGF 2015 Best Practice Forum Regulation and mitigation of unsolicited communications.' The reports can be found in the included URLs on the IGF Website. more

A Tribute to the STI (Special Trademarks Initiative Team)

In the ICANN world, our relations are often a little tumultuous, as policy-making bodies can be. As I look back on my experiences over the last decade at ICANN (and many committees, working groups and task forces), one stands out for its quality, dedication, professionalism and hard work. That's the Special Trademarks Initiatives Working Team, or the STI. I was proud to be a part of the Team as an Non-Commercial Stakeholders Group (NCSG) representative, and this tribute reflects my high regard for the Team and the recommendations it produced. more

A Billion Reasons Why the IGF Matters

I approach the mic. As the adrenalin kicks in, my hands begin to slightly tremble. Eyes dart at me, anticipating my imminent speech. I glance at the scribbled text in my notebook to review the key points I hastily made; breathe in, exhale. I look up; the total silence is punctured by my poised words: "My name is Michael Oghia, and I am an Internet Society Ambassador." more

How Do We Get More Network Operator Feedback Into IETF Standards? Please Take This Survey

How do we get more feedback from the operators of networks back into the standards process of the Internet Engineering Task Force (IETF)? How do we help know whether the open standards being developed within the IETF reflect the operational realities of the networks into which those standards will be deployed? If we could get more network operators participating in the IETF standards process, would that result in better standards that are deployed faster? more

Internet Root Servers Hit with Unusual DNS Amplification Attack

On Nov. 30 and Dec. 1, several of the Internet Domain Name System's root name servers received high rate of suspicious queries, reaching as high as 5 million queries per second, according to a report released by the Root Server System Advisory Council. The incident has been categorized as a unique type of DNS amplification attack. more

The Cost of an ISO 27001 Certification

The first question I often get when talking to IT Service providers on ISO 27001 certification is: "How much does it cost to get it?" I like to reply with a question: "how much does it cost when you don't have it?" The answer to the first question is easy, the answer to the second one is more complicated. As a financial I am interested in the business case. If the cost of not having an ISO 27001 certification is higher than the cost of getting and maintaining one, you can actually make a profitable investment by getting certified. more

Putting Cloud Providers to the Test - New Bitcurrent/Webmetrics Report

Recently Bitcurrent conducted a cloud performance test commissioned by my client Webmetrics, a business unit of Neustar. Bitcurrent describes itself as part blog, part analyst firm and part resource site for the web community. The research project was led by Alistair Croll, a well-known name in the space and program chair for the Cloud Connect conference. more