DNSSEC Adoption Part 1: A Status Report

Where is the domain industry with the adoption of DNSSEC? After a burst of well publicized activity from 2009-2011 -- .org, .com, .net, and .gov adopting DNSSEC, roots signed, other Top-Level Domains (TLDs) signed -- the pace of adoption appears to have slowed in recent years. As many CircleID readers know, DNSSEC requires multiple steps in the chain of trust to be in place to improve online security. more

If WHOIS Privacy is a Good Idea, Why is it Going Nowhere?

ICANN has been wrangling about WHOIS privacy for years. Last week, yet another WHOIS working group ended without making any progress. What's the problem? Actually, there are two: one is that WHOIS privacy is not necessarily all it's cracked up to be, and the other is that so far, nothing in the debate has given any of the parties any incentive to come to agreement. The current ICANN rules for WHOIS say, approximately, that each time you register a domain in a gTLD (the domains that ICANN manages), you are supposed to provide contact information... WHOIS data is public, and despite unenforceable rules to the contrary, it is routinely scraped... more

Abusive Anti-Anti-Spam Scheme a Dreadful Strategy

A new company called Blue Security purports to have an innovative approach to getting rid of spam. I don't think much of it. As I said to an Associated Press reporter: "It's the worst kind of vigilante approach," said John Levine, a board member with the Coalition Against Unsolicited Commercial E-mail. "Deliberate attacks against people's Web sites are illegal." more

CreditCards.com Domain Name Sells for $2.75 Million

"CreditCards.com, the domain name, has been purchased for $2.75 million by ClickSuccess, L.P., an Austin, Texas-based firm specializing in marketing financial products online. The purchase, announced yesterday (July 20, 2004), represents the fifth highest selling price for a domain name on record." I have to admit, when I looked at those opening lines from a new press release today I started trying to find out who was behind the joke!  more

Domains Under the Most-Abused TLDs: Same Old DNS Abuse Trends?

While threat actors can use any domain across thousands of top-level domains (TLDs), they often have favorites. For instance, you may be familiar with Spamhaus's 10 most-abused TLDs for spamming. WhoisXML API researchers recently built on this list by analyzing 40,000 newly registered domains (NRDs) that sported some of the listed unreputable TLDs. We called this study "DNS Abuse Trends: Dissecting the Domains Under the Most-Abused TLDs." more

Can We Stop IP Spoofing? A New Whitepaper Explores the Issues

In March 2013, Spamhaus was hit by a significant DDoS attack that made its services unavailable. The attack traffic reportedly peaked at 300Gbps with hundreds of millions of packets hitting network equipment on their way. In Q1 2015, Arbor Networks reported a 334Gbps attack targeting a network operator Asia. In the same quarter they also saw 25 attacks larger than 100Gbps globally. What is really frightening about this is that such attacks were relatively easy to mount. more

Google DNS to Be Discontinued in Brazil Ahead of New Law

Doug Madory from Renesys reports: "In response to recent NSA spying allegations, Brazil is pressing ahead with a new law to require Internet companies like Google to store data about Brazilian users inside Brazil, where it will be subject to local privacy laws. The proposed legislation could be signed into law as early as the end of this week. However, Google's DNS service started leaving the country on September 12th, the day President Rousseff announced her intention to require local storage of user data." more

Phish-Proofing URLs in Email?

For those who've been living in an e-mail free cave for the past year, phishing has become a huge problem for banks. Every day I get dozens of urgent messages from a wide variety of banks telling me that I'd better confirm my account info pronto. ...Several people have been floating proposals to extend authentication schemes to the URLs in a mail message. A sender might declare that all of links in it are to its own domain, e.g., if the sender is bigbank.com, all of the links have to be to bigbank.com or maybe www.bigbank.com. Current path authentication schemes don't handle this, but it wouldn't be too hard to retrofit into SPF. ...So the question is, is it worth the effort to make all of the senders and URLs match up? more

The Internet of Stupid Things

In those circles where Internet prognostications abound and policy makers flock to hear grand visions of the future, we often hear about the boundless future represented by "The Internet of Things". This phrase encompasses some decades of the computing industry's transition from computers as esoteric piece of engineering affordable only by nations, to mainframes, desktops, laptops, handhelds, and now wrist computers. Where next? more

Canada’s Anti-spam Bill C-28 is the Law of the Land

It's been a long time coming, but Canada has an anti-spam law, and one, which sets a new world standard, and a tough, but fair, opt-in protocol for everyone in North America who sends commercial email and other electronic messages. Yesterday, The Canadian Senate voted to accept Bill C-28, and today, December 15, at 13:00 eastern, it will be given Royal Asset of the Governor General of Canada, His Excellency the Right Honourable David Johnston. more

Internet Governance Outlook 2016: Cooperation & Confrontation

In 2015 we saw many agreements on Internet Governance. 193 Governments agreed in the UN General Assembly on the WSIS 10+ Outcome Document. They agreed to extend the mandate of the IGF for ten years. They agreed to strengthen the multistakeholder approach. And they agreed to make more efforts to bring the next billion users online until 2020. The UN Group of Governmental Experts (GGE) agreed on a number of confidence building measures to strengthen cybersecurity. more

YouTube’s Fine - Analysts Don’t Understand Internet Peering

As widely reported, Credit Suisse analysts have estimated Google's YouTube may lose $470M in 2009 and more in the future. However, their estimates say Google will pay $360M for bandwidth in 2009. I don't know how Google figures their cost of bandwidth, but anyone who understands anything about Internet transit/peering knows Credit is way off base. more

ICANN, WSIS and the Making of a Global Civil Society - Part I

This is the first part of a two-part series interview by Geert Lovink with Milton Mueller discussing ICANN, World Summit on the Information Society, and the escalating debates over Internet Governance. Read the second part of this Interview here. Geert Lovink: "Would it make sense to analyse ICANN (and its predecessors) as a test model for some sort of secretive 'world government' that is run by self appointed experts? Could you explain why governments are seen as incapable of running the Internet? This all comes close to a conspiracy theory. I am not at all a fan of such reductionist easy-to-understand explanations. However, the discontent with 'global governance' discourse is widespread and it seems that the International Relations experts have little understanding how the Internet is actually run. Where do you think theorization of Internet governance should start?" more

Trademarking .generics - the .bank Fiasco!

I, for one, have been a proponent of new gTLDs from the early days of their policy development process within ICANN. I always believed that the existing gTLDs -- and mainly the .com space -- have created artificial scarcity, which is primarily responsible for much of the cybersquatting and the abuse trademarks experience. I do not share the same fears as those who argue that new gTLDs will create intolerable levels of cybersquatting or will necessitate defensive registrations from brand and trademark owners alike. more

ICANN on Closing Off Port 43

ICANN has launched three task forces on WHOIS restructuring...It sounds innocuous enough -- nobody likes spam -- but the restrictions being discussed reach further than marketers. Pushed by registrars who feel that WHOIS amounts to forced disclosure of their customer lists, the task force is seriously discussing closing off port 43's straightforward access to WHOIS information, replacing it with GIF-based barriers or similar access restrictions. more