CAN-SPAM Defendant Awarded $111k in Fees/Costs: Gordon v. Virtumundo

I believe this ruling represents the first time that a CAN-SPAM plaintiff has been ordered to pay attorneys' fees and costs to a defendant. As a result, it's a leading example that courts can and do grow tired of bogus anti-marketing lawsuits, and perhaps it will serve as an expensive warning to CAN-SPAM plaintiffs to ensure the merits of their lawsuit. Gordon is an uber anti-spam plaintiff, leading countless CAN-SPAM lawsuits. As the court describes, Gordon runs a "spam business"--basically, a for-profit plaintiff litigation shop to go after spammers (the court also calls it a "litigation factory")... more

IPv6: A 2012 Report Card

The Gogonet Live conference in San Jose witnessed outstanding presentations by several federal administrations including Veteran Affairs, NASA and SPAWAR, sharing their experience and progress towards IPv6 adoption. Furthermore, the NIST compliance report leaves no agency any place to hide. The report card is there for everybody to see. In spite of regular jabs and criticisms, the US Federal Government has done a remarkable job. more

How a Routing Prefix Travels Through the Internet

What happens when an IP address prefix gets announced or withdrawn. How does this information propagate through the Internet? And how does it affect the amount of Border Gateway Protocol (BGP) traffic across the Internet when a single prefix is freshly announced or withdrawn from the global routing table? The following short analysis shows the detailed effects of these two events. more

Bitcoin Miner NiceHash Reports Hack, More Than $60 Million Worth of Bitcoin Potentially Stolen

Nearly $64m in bitcoin has been stolen by hackers who broke into Slovenian-based bitcoin mining marketplace NiceHash. more

TLD Registration Enforcement: A Call for Automation - Part I

The past year has brought a rise in so-called "open and chartered" top-level domains (TLDs). Like the traditional open TLDs of .COM, .NET, and .ORG, these namespaces encourage large-scale registrations, but they differ in that they limit who can legitimately register domains. So far, many thousands of their registrations seem to break the stated rules. It's therefore worth thinking through their respective enforcement efforts -- before the situation gets out of control. more

Continued Threats from Malware

As part of my job, I manage an incident response team that was engaged by a significant organization in Georgia whose network was infected by the QBOT (a.k.a. QAKBOT) malware. The customer had been infected for over a year, several teams before ours had failed to solve the problem, and they continued to get reinfected by the malware when they thought they had eradicated it. Over time it had spread to more than 1,000 computers in their ecosystem stealing user credentials along the way. more

Domain Name Dispute Puts Dot-Ca in the Spotlight

My weekly Law Bytes column (freely available hyperlinked version, Toronto Star version) focuses on the recent Canadian parliamentary discussion on domain name disputes. As discussed about ten days ago, the impetus for governmental interest in domain name disputes and Internet governance is the registration of several domain names bearing the names of sitting Members of Parliament by the Defend Marriage Coalition, an opponent of same-sex marriage legislation. The resulting websites, which include donboudria.ca and davidmcguinty.ca, include MP contact information, photos, and advocacy materials. more

Putting Some Circuit Breakers Into DNS to Protect The Net

There are a lot of bad, but smart, people out there on the net. They are quick to find and capitalize on vulnerabilities, particularly those vulnerabilities in mass market software. These bad folks are quite creative when it comes to making it hard to locate and shutdown the computers involved. For example, a virus that takes over a victim's computer might communicate with its control point, or send its captured/stolen information, by looking up a domain name. Normally domain names are somewhat static - the addresses they map to don't change very frequently - typically changes occur over periods measured in months or longer. more

PINGO: NETmundial Adopts Principles on INternet GOvernance

The Internet Governance Roadmap, which was adopted recently in Sao Paulo by the Global Multistakeholder Meeting on the Future of the Internet Governance Ecosystem (NETmundial) includes a lot of controversial issues -- from net neutrality to mass surveillance -- and it is unclear how this will be translated into reality. However, the Internet Governance Principles, also adopted by NETmundial, were less controversial, but will have probably a sustainable and deep effect for the future of the Internet. more

Have You Monitored Your DNS Performance Lately?

Domain Name System (DNS) surveys such as that recently conducted by Men & Mice continually demonstrate that the DNS is riddled with errors. Since the DNS continues to work, this raises three questions:

1. Does it matter that the DNS is riddled with errors?
2. Why is it riddled with errors?
3. How can it be fixed? more

Sponsored TLD Unnecessary? Ron Andruff Responds to Forrester Research

A recent report released by Forrester Research last week has put the .travel sponsored top-level domain under the microscope -- calling the sTLD "Nice, But Not Necessary". Although this 4-page report (sold for US$49.00) has singled out the .travel domain, its critical arguments might very well apply to the nature of most sponsored top-level domains currently in existence -- or under review: '.mobi', '.jobs', '.museum', '.coop', '.xxx' and others. CircleID has invited Ron Andruff, President and CEO of Tralliance, the registry for .travel, to respond to arguments made in this report. more

Paul Vixie in Response to Site Finder Controversy

As a domain holder myself (of vix.com), I would not have chosen ".com" for my parent domain name back in 1988 had there been a wildcard domain name [that activates Site Finder service] under ".com". The risk of someone attempting to reach me but ending up talking to someone else instead would have been seen as "too great". I am now searching for a new parent domain whose publisher will guarantee me, in perpetuity, that there will be no wildcard name as there now is in "com". more

An Unsanctioned Whois Database

Mark Jeftovic of easyDNS Technologies Inc. has posted an item on ICANN's "GNSO" registrars' mailing list titled "unsanctioned Whois concepts". In that item he suggests that the control and actual publication of contact information about a domain be put into the zone file itself, a file maintained by the registrant (purchasor) of the domain name. more

Did ICANN Over Regulate VeriSign?

CircleID recently interviewed Jonathan Weinberg, Professor of Law at Wayne State University to discuss legal and regulatory issues that have been raised against Internet Corporation For Assigned Names and Numbers (ICANN). VeriSign, the registry operator of the two most popular top-level domains .com and .net, filed a lawsuit against ICANN on February 26, 2004 complaining that the Internet regulatory body has extended "its authority beyond the scope of its contracts". Did ICANN cross its contractual boundaries? To what extent does ICANN's contract limit its technical coordination functions and how much of a threat does VeriSign's lawsuit impose? Jonathan Weinberg explains... more

An Update on IPv6

In the coming weeks another Regional Internet Registry will reach into its inventory of available IPv4 addresses to hand out and it will find that there is nothing left. This is by no means a surprise, and the depletion of IPv4 addresses in the Internet could be seen as one of the longest slow motion train wrecks in history. The IANA exhausted its remaining pool of unallocated IPv4 addresses over four years ago in early 2011, and since then we've seen the exhaustion of the address pools in the Asia Pacific region in April 2011, in the European and the Middle Eastern region in September 2012, in Latin America and the Caribbean in May 2014 and now it's ARIN's turn... more