Do We Need Title Insurance for Domain Names?

Over the Thanksgiving holiday I read an article in Forbes (November 13, page 148) about real estate title insurance. The article was about how real estate title insurance is a joke and overpriced. But as I read in the article how titles are investigated, in dawned on me that a title check service for domain names would be helpful. Title checks and title insurance would prevent you from losing money when you bought a stolen domain. Last year I almost got bilked for $5,000 buying domains...before I discovered they were stolen... more

Freedom of Expression Part 5: COVID Vaccines not Mandatory

In Part 4 of the Freedom of Expression series, I had highlighted my concerns about the lack of transparency in ingredients of all the COVID-19 vaccines, which has been addressed by Council of Europe's Parliamentary Assembly, the same day (World Holocaust Day) I had raised these concerns. A recent Resolution by the Parliamentary Assembly of the Council of Europe will see the further regulation of social media on content relating to COVID-19. more

Security Researchers are Warning About a New IoT Botnet Storm Brewing

A brand new botnet, dubbed ‘IoTroop’, is discovered evolving and recruiting IoT devices at a far greater pace and with more potential damage than the Mirai botnet of 2016. Researchers at the security firm, Check Point, are warning that "a massive Botnet is forming to create a cyber-storm that could take down the internet. ... Our research suggests we are now experiencing the calm before an even more powerful storm. The next cyber hurricane is about to come." more

More on WHOIS Privacy

Last week I wrote a note the ICANN WHOIS privacy battle, and why nothing's likely to change any time soon. Like many of my articles, it is mirrored at CircleID, where some of the commenters missed the point. One person noted that info about car registrations, to which I roughly likened WHOIS, are usually available only to law enforcement, and that corporations can often be registered in the name of a proxy, so why can't WHOIS do the same thing? more

How is ICANN Spending Your Money?

ICANN has released their IRS Form 990 statements for the year ending June 30, 2008... ICANN says they use for-profit companies as comparables when determining employee compensation. However, even in the middle of a great recession, salaries have been going up, up, and up! more

Do We Really Need IDN?

James Seng has quoted that Korea, China and Japan must have IDN (Internationalized Domain Name) service. His statement may appear as above mentioned countries desperately need for IDN services because there are no alternative. However, there have already been well established local Internet address providers since quite some time. more

ICANN Transfer Policy: Domain Hijacking Got Easier or Did It?

Slashdot recently ran a story about the upcoming changes to the ICANN rules governing domain transfers between registrars. A blog entry at Netcraft referenced by the story stated that: "...domain transfer requests will be automatically approved in five days unless they are explicitly denied by the account owner. This is a change from current procedure, in which a domain's ownership and nameservers remain unchanged if there is no response to a transfer request. This could mean trouble for domain owners who don't closely manage their records..." more

The IPv6 Divide: How Slow Adoption Creates Digital Vulnerabilities and Economic Inequality

The shift to IPv6 has escalated into a matter of national security, as nations lagging in adoption are increasingly exposed to cyber threats and diminished control over their digital infrastructure due to the limited availability of IPv4. With IPv6-only environments becoming more common, reliance on IPv4 may lead to slower connectivity, deepening the digital divide and potentially worsening economic disparities. In this geopolitical landscape, moving to IPv6 serves as a critical step toward maintaining digital independence. more

Continued Threats from Malware

As part of my job, I manage an incident response team that was engaged by a significant organization in Georgia whose network was infected by the QBOT (a.k.a. QAKBOT) malware. The customer had been infected for over a year, several teams before ours had failed to solve the problem, and they continued to get reinfected by the malware when they thought they had eradicated it. Over time it had spread to more than 1,000 computers in their ecosystem stealing user credentials along the way. more

CIRA Proposes New Standard for Domain Name Whois Privacy

The Canadian Internet Registration Authority (CIRA) has announced its proposed policy to provide all dot-ca domain name holders with increased privacy safeguards, bringing it in line with recently-enacted Canadian privacy laws. more

IDN Spoofing Solutions With Balance

Last week's tizzy about IDN (Internationalized Domain Name) spoofing was an interesting exercise in watching how people react to the unknown. The nearly-universal response to the problem that had been described in detail many years ago was "turn off IDNs" instead of "assume that the people who created IDNs knew about this, so let's do some research." The following is based on my thoughts this week. For those of you who are not familiar with my earlier work, I'm one of the authors of the IDN standards... more

Send a Message to NTIA

The Internet Governance Project is is urging Internet users everywhere, but especially those outside the United States, to respond to the NTIA Notice of Inquiry with the following statement: "The Internet's value is created by the participation and cooperation of people all over the world. The Internet is global, not national. Therefore no single Government should have a pre-eminent role in Internet governance. As the US reviews its contract with ICANN, it should work cooperatively with all stakeholders to complete the transition to a Domain Name System independent of US governmental control." more

Blacklisting Under Wrong Assumptions

If you analyze the relay of spam- and malware-containing email circulating on the Internet purely through your mail server logs (running the Unix command "tail"), a large proportion seem to come from Asia Pacific hosts, especially those from mainland China. Therefore, many less-experienced systems administrators have simply blocked the access from subnets of Chinese or Asian origin, effectively destroying the fabric of the Internet -- messaging. If administrators took pains to analyze these supposedly Asian spam messages by analyzing the full Internet headers, they would have realized that the Asian servers were merely used by the real spammers as open relays, or perhaps as zombie hosts previously infected with the mass mailing worms through the exploitation of operating system vulnerabilities.  more

Registrars File Lawsuit Against ICANN and VeriSign

Newman & Newman, the law firm representing an ad hoc coalition of ICANN-accredited domain name registrars, has filed a lawsuit today against ICANN and VeriSign to Stop 'Anti-Consumer, Anti-Competitive' Wait List Service Implementation. ...The complaint attacks ICANN and VeriSign based on 1) Unfair Trade Practices Act Violations; 2) Violation of California Business & Professions Code; 3) Unlawful Tying Arrangement; 4) Attempted Monopolization; 5) Violation of Racketeer Influenced and Corrupt Organizations Act; 6) Intentional Interference with Prospective Economic Advantage; 7) Breach of Contract; and 8) Declaratory Relief. more

Lessons for the Internet Governance Forum from the IETF

As Antonios Broumas has correctly observed, the Internet Governance Forum (IGF) begins life in Athens next week without the means for its participants to agree upon any substantive documents such as resolutions or declarations. Indeed, according to Nitin Desai, the Chairman of its Advisory Group, it is impossible for the IGF to make any decisions, as it "is not a decision-making body. We have no members so we have no power to make decision."... more