Getting On Board With DNSSEC - A Personal Recount

I first became familiar with DNSSEC around 2002 when it was a feature of the Bind9 server, which I was using to setup a new authoritative DNS platform for customers of the ISP I was working for. I looked at it briefly, decided it was too complex and not worth investigating. A couple of years later a domain of a customer got poisoned in another ISPs network. And while the DNS service we provided was working properly, the customers impression was we hadn't protected them. more

DNSSEC - Let’s Stay the Course!

I don't know about you, but I'm starting to think that DNSSEC being so hot these days is a mixed blessing. Yes, it's wonderful that after so many years there is finally broad consensus for making DNSSEC happen. But being so prominent also means the protocol is taking shots from those who don't want to make the necessary software, hardware and operational modifications needed. And DNSSEC has taken some shots from those who just want to be contrarian. more

ICANN to Reconsider the .Amazon Domain Applications

Amazon filed applications for the .AMAZON top-level domains in several scripts in 2012. Five years later, ICANN will re-examine the applications after an Independent Review Process (IRP) proceeding. The IRP Panel found that ICANN's Board failed to demonstrate the existence of public policy reasons for denying the applications. more

Stay Current, Achieve Excellence: 4 Emerging Cloud Techniques

How do you achieve excellence in the cloud? Enterprises know it's not enough to simply locate and leverage the services of a cloud provider: using cloud resources effectively marks the difference between "adequate" and "excellence" in achieving long-term IT and revenue goals. But to maximize cloud use, you need to know what's next for this disruptive market: here are four emerging techniques. more

BGP Hijacks: Two More Papers Consider the Problem

The security of the global Default Free Zone (DFZ) has been a topic of much debate and concern for the last twenty years (or more). Two recent papers have brought this issue to the surface once again - it is worth looking at what these two papers add to the mix of what is known, and what solutions might be available. The first of these traces the impact of Chinese "state actor" effects on BGP routing in recent years. more

Closing the Gaps: The Quest for a Secure Internet

Over the last year the world has been virtually buried under news items describing hacks, insecure websites, servers and scada systems, etc. Each and every time people seem to be amazed and exclaim "How is this possible?" Politicians ask questions, there is a short lived uproar and soon after the world continues its business as usual. Till the next incident. In this blog post I take a step back and try to look at the cyber security issue from this angle... more

Pattishall Client Prevails in Ground-Breaking Domain Name Class Action

My Pattishall colleagues Brett August, Bradley Cohn and Alexis Payne recently won another round in a closely watched lawsuit involving Google and others regarding allegedly unfair use of domain names. The plaintiffs had attempted to bring a class action against multiple defendants for purported trademark infringement, cybersquatting and deceptive trade practices. more

Securing the Routing System at NANOG 74

The level of interest in the general topic of routing security seems to come in waves in our community. At times it seems like the interest from network operators, researchers, security folk and vendors climbs to an intense level, while at other times the topic appears to be moribund. If the attention on this topic at NANOG 74 is anything to go by we seem to be experiencing a local peak. more

Senate Report on 5G: Recipe for Disaster

The Democratic Staff Report Prepared for the use of the Committee on Foreign Relations United States Senate, July 21, 2020, entitled "The New Big Brother," is actually all about 5G technology. The report jumps on the runaway anti-China train chaotically flailing around Washington these days to "out-Trump, Trump." It characterizes 5G technology, longstanding international collaboration, and COVID-19 tracking as all part of a global conspiracy for "digital authoritarianism" run out of Beijing. more

A Year in Review: 14,000 Routing Incidents In 2017

How was the state of the Internet's routing system in 2017? Let's take a look back using data from BGPStream. Some highlights: 13,935 total incidents (either outages or attacks like route leaks and hijacks); Over 10% of all Autonomous Systems on the Internet were affected; 3,106 Autonomous Systems were a victim of at least one routing incident; 1,546 networks caused at least one incident. more

Deadline of Dec 21 To Submit Nominations for 2016 Internet Society Board of Trustees

Are you passionate about preserving the global, open Internet? Do you want to help guide work to connect the unconnected and promote / restore trust in the Internet? Do you have experience in Internet standards, development or public policy? If so, please consider applying for one of the open seats on the Internet Society Board of Trustees.
The Internet Society serves a pivotal role in the world as a leader on Internet policy, technical, economic, and social matters, and as the organizational home of the Internet Engineering Task Force (IETF). more

Hospitals Advised to Prepare for a Month of Downtime Following Cyberattacks

The Joint Commission, a healthcare accreditation agency, has advised hospitals and health systems to brace for at least a month of downtime following a cyberattack, according to The Wall Street Journal. This recommendation is part of new guidelines released by the agency for handling IT security events. more

Securing a Cloud Infrastructure

George Reese (author of the new book Cloud Application Architectures: Building Applications and Infrastructure in the Cloud) is talking at Gluecon about securing cloud infrastructures. Two recent surveys found "security" was the number one concern of companies considering a move to the cloud. George says the key to making customers comfortable with cloud security is transparency... more

Initiative for the Future of the Global Internet

When reading some of the nonsense constituting this initiative occurring in Washington, one wonders what planet the proponents live on. It is like peering through some perverse wormhole back to a 1990s Washington view of the world that saw “the internet” as some salvation for all the problems of humankind. For a world now focused on rolling out 5G virtualization infrastructure and content-based services and meshed devices, the challenges of cybersecurity and network-based harm to society, the initiative makes the U.S. Administration seem utterly out of touch with reality. Simply goofy. more

EURid Compensates Carbon Emissions With Wind Turbines

European TLD registry, EURid has announced that it is the first TLD Registry in Europe to be registered by the EU Eco-Management and Audit Scheme (EMAS). "EURid has taken an environmentally responsible approach to operating .eu for many years. Our environmental policy is based on the principle of 'reduce, reuse and recycle' and provides a framework for making sustainable choices." more