Anonymous Plans to Go After DNS Root Servers. What Will Be the US’s Response?

The other day on pastebin, snippets of an email conversation were posted with members of the hacking group Anonymous discussing plans to conduct DOS attacks against the Internet's root name servers... Going after the Internet's root servers is a very bold move by Anonymous. Whereas before they were "merely" breaking into companies that they believed were acting contra to the hacker ethic, going after the Internet infrastructure is another thing altogether. Why? more

How is ICANN Spending Your Money?

ICANN has released their IRS Form 990 statements for the year ending June 30, 2008... ICANN says they use for-profit companies as comparables when determining employee compensation. However, even in the middle of a great recession, salaries have been going up, up, and up! more

More on WHOIS Privacy

Last week I wrote a note the ICANN WHOIS privacy battle, and why nothing's likely to change any time soon. Like many of my articles, it is mirrored at CircleID, where some of the commenters missed the point. One person noted that info about car registrations, to which I roughly likened WHOIS, are usually available only to law enforcement, and that corporations can often be registered in the name of a proxy, so why can't WHOIS do the same thing? more

Questioning Parked Domains and Google AdNonSense

Is contextual advertising helping or hurting the web? It basically started with Google Adsense even though the concept wasn't new. It had never been done on the scale that Google did it. Now we have Yahoo Publisher. MSN is building their version. We have Konterra and a whole lot of other companies scrambling to cash in on the contextual ad craze. Initially contextual advertising seems like a good idea. Ads based on the content of your website that might benefit your readers or visitors. Ads that are related to the content you produce that will also help you make a little money for your efforts. However greed ruins all good things. Now there are probably millions of webpages online that are built for the sole purpose of cashing in on contextual advertising. ...To make money with contextual advertising you want your content to be bad. Yes, you want it to be bad. more

Do We Need Title Insurance for Domain Names?

Over the Thanksgiving holiday I read an article in Forbes (November 13, page 148) about real estate title insurance. The article was about how real estate title insurance is a joke and overpriced. But as I read in the article how titles are investigated, in dawned on me that a title check service for domain names would be helpful. Title checks and title insurance would prevent you from losing money when you bought a stolen domain. Last year I almost got bilked for $5,000 buying domains...before I discovered they were stolen... more

Freedom of Expression Part 5: COVID Vaccines not Mandatory

In Part 4 of the Freedom of Expression series, I had highlighted my concerns about the lack of transparency in ingredients of all the COVID-19 vaccines, which has been addressed by Council of Europe's Parliamentary Assembly, the same day (World Holocaust Day) I had raised these concerns. A recent Resolution by the Parliamentary Assembly of the Council of Europe will see the further regulation of social media on content relating to COVID-19. more

ICANN Transfer Policy: Domain Hijacking Got Easier or Did It?

Slashdot recently ran a story about the upcoming changes to the ICANN rules governing domain transfers between registrars. A blog entry at Netcraft referenced by the story stated that: "...domain transfer requests will be automatically approved in five days unless they are explicitly denied by the account owner. This is a change from current procedure, in which a domain's ownership and nameservers remain unchanged if there is no response to a transfer request. This could mean trouble for domain owners who don't closely manage their records..." more

Security Researchers are Warning About a New IoT Botnet Storm Brewing

A brand new botnet, dubbed ‘IoTroop’, is discovered evolving and recruiting IoT devices at a far greater pace and with more potential damage than the Mirai botnet of 2016. Researchers at the security firm, Check Point, are warning that "a massive Botnet is forming to create a cyber-storm that could take down the internet. ... Our research suggests we are now experiencing the calm before an even more powerful storm. The next cyber hurricane is about to come." more

Do We Really Need IDN?

James Seng has quoted that Korea, China and Japan must have IDN (Internationalized Domain Name) service. His statement may appear as above mentioned countries desperately need for IDN services because there are no alternative. However, there have already been well established local Internet address providers since quite some time. more

SIEM Alternatives; How Does OpenXDR Make Traditional SIEM Obsolete?

OpenXDR is one of the most cost-effective SIEM alternatives that help businesses detect and mitigate threats within hectic modern architectures. A single cyber incident impacts every aspect of a business -- from system downtime, revenue losses, and reputation damage to disrupted operations. more

Continued Threats from Malware

As part of my job, I manage an incident response team that was engaged by a significant organization in Georgia whose network was infected by the QBOT (a.k.a. QAKBOT) malware. The customer had been infected for over a year, several teams before ours had failed to solve the problem, and they continued to get reinfected by the malware when they thought they had eradicated it. Over time it had spread to more than 1,000 computers in their ecosystem stealing user credentials along the way. more

CIRA Proposes New Standard for Domain Name Whois Privacy

The Canadian Internet Registration Authority (CIRA) has announced its proposed policy to provide all dot-ca domain name holders with increased privacy safeguards, bringing it in line with recently-enacted Canadian privacy laws. more

IDN Spoofing Solutions With Balance

Last week's tizzy about IDN (Internationalized Domain Name) spoofing was an interesting exercise in watching how people react to the unknown. The nearly-universal response to the problem that had been described in detail many years ago was "turn off IDNs" instead of "assume that the people who created IDNs knew about this, so let's do some research." The following is based on my thoughts this week. For those of you who are not familiar with my earlier work, I'm one of the authors of the IDN standards... more

Send a Message to NTIA

The Internet Governance Project is is urging Internet users everywhere, but especially those outside the United States, to respond to the NTIA Notice of Inquiry with the following statement: "The Internet's value is created by the participation and cooperation of people all over the world. The Internet is global, not national. Therefore no single Government should have a pre-eminent role in Internet governance. As the US reviews its contract with ICANN, it should work cooperatively with all stakeholders to complete the transition to a Domain Name System independent of US governmental control." more

Blacklisting Under Wrong Assumptions

If you analyze the relay of spam- and malware-containing email circulating on the Internet purely through your mail server logs (running the Unix command "tail"), a large proportion seem to come from Asia Pacific hosts, especially those from mainland China. Therefore, many less-experienced systems administrators have simply blocked the access from subnets of Chinese or Asian origin, effectively destroying the fabric of the Internet -- messaging. If administrators took pains to analyze these supposedly Asian spam messages by analyzing the full Internet headers, they would have realized that the Asian servers were merely used by the real spammers as open relays, or perhaps as zombie hosts previously infected with the mass mailing worms through the exploitation of operating system vulnerabilities.  more