Time to Start Calling Facebook “The Dark Empire” and Regulate It Accordingly

It appears people, governments, regulators and legislators worldwide may have forgotten Facebook's complicit involvement with Cambridge Analytica (CA). It is possible that new priorities such as the Covid-19 pandemic in 2020 may have pre-occupied them, and rightly so. But an unprecedented data breach in 2019 unfolded this weekend, bringing a recurring nightmare of the past back into today's reality. more

ICANN Must Release the Single-Character .com Hostages from the IANA Impostor’s Warehouse

Most of the single-character .com labels were initially registered in 1993 by Dr. Jon Postel while performing work pursuant to a contract with, and funded by, the U.S. government and are currently assigned to a "shell registrar" created and controlled by ICANN. This shell - which is the 376th entry on ICANN's list of accredited registrars - is misleadingly identified as the IANA registrar while being engaged in the illicit warehousing of domain names for speculative purposes. more

I Needed Music ‘cos I Had None…

The latest report on young people's online music-finding habits from consumer research company The Leading Question has attracted a fair amount of coverage for its headline finding that UK teenagers use of filesharing services has dropped by a third... Music industry pollsters will inevitably look for a silver lining in the cloud of consumer behaviour, and a focus on the growth of legal services is to be expected. But even with that caveat in mind, there has clearly been a shift in behaviour as more young people find licensed ways to listen to the music they want, watching YouTube videos, streaming songs through MySpace and Spotify and generally using legal avenues to find and enjoy the music of new bands like Florence and the Machine. more

Mend, Don’t End, the IETF

Is it time for the IETF to give up? Martin Geddes makes a case that it is, in fact, time for the IETF to "fade out." The case he lays out is compelling -- first, the IETF is not really an engineering organization. There is a lot of running after "success modes," but very little consideration of failure modes and how they can and should be guarded against. Second, the IETF "the IETF takes on problems for which it lacks an ontological and epistemological framework to resolve." In essence, in Martin's view, the IETF is not about engineering, and hasn't ever really been. more

New gTLD Target Date is April 23? Or is it?

I detect some delight in the domain name community today resulting from Video interview with ICANN CEO Fadi Chehadé. In that interview Chehadé states "We are now targeting to be able to recommend for delegation the first new gTLD as early as the 23rd of April..." On the surface this sounds like very good news. more

Remediating U.S. 5G Global Supply Chain Security Engagement

For nearly the past four years, the Trump Administration has purported to treat 5G supply chain security through empty political gestures such as network equipment banning. The disinformation reached its absurd zenith subsequent to the election with the Q-Anon myth of the Kraken. (The Myth advanced by Trump attorneys asserted the long-deceased Hugo Chavez working with China was corrupting voting machine software to deprive Trump of another term.) more

Dear U.S.A. – Observations on the Cyber Solarium Commission Report

I am writing to you as someone who is not your citizen, (although I had the fortune to wed the most beautiful of your daughters), to share my thoughts about the recent US Government Cyber Solarium Commission report. U.S.A. We owe you one! Without you and your citizens there would be no free Internet as we know it. Thank You! Your constitution is our inspiration. We, the global digital citizenship want to be "the people", in order to "secure the Blessings of Liberty to ourselves and our Posterity..." more

A Quick Look at Today’s Amazon Outage

Craig Labovitz writes to report: At 18:40 UTC Amazon Web Services suffered performance issues for their North Virginia datacenter. The performance issues impacted services such as EC2, S3, SES, RDS, and Mechanical Turk among others. more

Why are *.edu’s Compromised so Much?

When it comes to the problem of outbound spam, one of the experiences that I have, and this was reaffirmed at TechEd, is that the number one source of compromised accounts are educational institutions. That is to say, whenever we have an outbound spam problem and have to hunt down where it is coming from, the highest number of these accounts are phished accounts/credentials from users at an educational institution. Why is this? Why does so much spam originate from universities? more

Broadband Challenge Isn’t About Plumbing

It seems to me that too many people have focused government attention on intervening in the supply of broadband facilities. Let's face it, it is easier to look at a dozen or so suppliers to gather information and figure out who should receive a cheque to help direct their investment in broadband facilities. On the other side of the equation, it is hard work to stimulate demand. But this is precisely where our efforts should be focused, as was recommended by the recent report... more

Securing a Cloud Infrastructure

George Reese (author of the new book Cloud Application Architectures: Building Applications and Infrastructure in the Cloud) is talking at Gluecon about securing cloud infrastructures. Two recent surveys found "security" was the number one concern of companies considering a move to the cloud. George says the key to making customers comfortable with cloud security is transparency... more

Out of .Africa - Process Failures Don’t Change the Facts

I've heard a lot of discussion of the .africa controversy of late -- from conspiracy theories to questions about staff competence to concerns about the role of the GAC. And it's hard not to find faults galore in the way this process and the IRP reporting has played out. But before we get too lost in the weeds of procedure or the future of ICANN, lets not lose track of what this debate was first and still is fundamentally about: a string. more

Conflict Over Efforts to Develop a Best-Practices Document for Blacklist Operators

Neil Schwartzman writes to report: "Ken Magill covers the current rake fight on the IRTF's Anti-Spam Research Group mailing list concerning anti-spam DNS Blacklist, or Blocklist, (DNSBL) operators charging for delistings, that is well worth a read, he has quotes from many experts and leaders in the industry who are decidedly against the practice." more

3 Reasons It’s Crucial to Review Your Domain Lock Portfolio Now

Just as we started the new year, the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency's (CISA) issued an alert. On January 6, 2020 , they warned of domain name system (DNS) hijacking and other cyber threats that may be used by nation-state threat actors to disrupt business activity and take control of vital internet assets. A familiar refrain heard in 2019 now repeating in 2020. more

What’s the ROI on a $20m TLD Auction?

ICANN have taken a solid stance in regards to contention sets, with those yet to be resolved soon to be forced into auctions of last resort in the coming months. As expected, this has increased the velocity of private settlements between applicants, either via deals or private auctions. It seems like most applicants (wisely) don't want to see their funds going into ICANN coffers unnecessarily. more