Geeks All Trust Each Other But Not in China

Brian Krebs has a post up the other day on his blog indicating that the amount of spam ending in .cn has declined dramatically due to steps taken by the Chinese government making it more difficult to get a domain ending in .cn... A cursory glance seems to confirm that the amount of spam from .cn as opposed to .ru has switched places. Indeed, if the CNNIC requires people to start writing in application forms, with a business license and identity card, that is seriously going to slow down the rate at which spammers can sign up and register new domains. more

BGP Hijacks: Two More Papers Consider the Problem

The security of the global Default Free Zone (DFZ) has been a topic of much debate and concern for the last twenty years (or more). Two recent papers have brought this issue to the surface once again - it is worth looking at what these two papers add to the mix of what is known, and what solutions might be available. The first of these traces the impact of Chinese "state actor" effects on BGP routing in recent years. more

Nominet/SOCA Cyber Crime Proposal: Allow Cross Border Reactions

Reading the policy proposal of Nominet, I get the feeling that something is overseen here. Putting all the jurisdictional hassle aside for a moment, cyber crime is international, cross-border. So what happens if a UK domain is used for criminal activity outside the UK only? more

The Cyberthreats and Trends Enterprises Should Watch in 2016

Every year, Verisign iDefense Security Intelligence Services produces its Cyberthreats and Trends Report, which provides an overview of the key cybersecurity trends of the previous year and insight into how Verisign believes those trends will evolve. This report is designed to assist in informing cybersecurity and business operations teams of the critical cyberthreats and trends impacting their enterprises, helping them to anticipate key developments and more effectively triage attacks and allocate their limited resources. more

Why Small Businesses Should Start Trusting the Cloud (Reasons to Convince Your Boss)

For small businesses, effectively managing technology comes with a question: Is it better to outsource or stay in-house? Most small and midsize companies can't afford to employ teams of full-time IT staffers. This creates a desire for outsourced solutions. However, opting for a third party means giving up a measure of control. What is best for your business? In this post, we offer a quick rundown of the top five tasks any small business should consider outsourcing. more

Security and Reliability: A Closer Look at Vulnerability Assessments

Building on my last article about Network Assessments, let's take a closer look at vulnerability assessments. (Because entire books have been written on conducting vulnerability assessments, this article is only a high level overview.) What is a vulnerability assessment? more

Secret Doors in Phones and Computers

An article appeared in Computer World that alleges: in exchange for the Indian market presence" mobile device manufacturers, including RIM, Nokia, and Apple (collectively defined in the document as RINOA) have agreed to provide backdoor access on their devices. Could it be true that Nokia, RIM and Apple opened up to Government interception? more

Looking Internally for the Success of Your TLD Strategy

Last week, I had the privilege of presenting at the Digital Marketing & gTLD Strategy Congress in London on how to create a TLD strategy and activate your path to market for launch. Some of the best and brightest minds in the industry attended and it was encouraging to hear from major brands such as Phillips, Microsoft, Google and KPMG, as well as a variety of other applicants. While in my previous blog I discussed why a .brand TLD strategy is important, let's now delve deeper into engagement strategies and why this is the key to a successful .brand. more

The Advanced Persistent Threats (APT) Deception

Most of the good thrillers I tend to watch have spies and assassins in them for some diabolical reason. In those movies you'll often find their target, the Archduke of Villainess, holed up in some remote local and the spy has to fake an identity in order to penetrate the layers of defense. Almost without exception the spy enters the country using a fake passport; relying upon a passport from any country other than their own... So, with that bit of non-fiction in mind, why do so many people automatically assume that cyber-attacks sourced from IP addresses within China are targeted, state-sponsored, attacks? more

When Cyber Awareness Is Fundamentally Lacking

"Smartphones (and tablets, WdN) are invading the battlefield", reports the Economist on its website of 8 October 2011. On the same day the hacking of U.S. drones is reported on by several news sites. ("They appear friendly". Keyloggers???) Is this a coincidence? more

11 Information Economy Policy Reversals Coming to a Marketplace Near You!

In the wake of the election, sweeping policy shifts in the information economy are set to accelerate. Expect fast-tracked FCC reforms, Starlink subsidies, and AI-driven oversight to redefine media, tech, and regulatory landscapes. From relaxed antitrust to intensified media control, these eleven reversals signal a move toward deregulation and Chicago School libertarianism, with lasting impacts on U.S. markets and governance. more

ICANN’s NomCom 2-Stage (R)evolution

ICANN's Nominating Committee (NomCom) is both a strange animal and a precious resource. Having a committee charged with first recruiting, then selecting suitable candidates to hold key positions within ICANN is something that is often little, or even mis, understood. Within the ICANN community itself. By the very nature of its recruitment role, the NomCom has to remain secretive. About who the candidates are, at any rate. But that doesn't mean the rest of the NomCom's processes must remain so. more

WannaCry Ransomware Cyberattack Spreading to Countries Across the World, 45K Attacks Reported So Far

Security researchers are reporting a massive attack today, dubbed "WannaCry", which has reached 45,000 attacks in 74 countries around the world so far, mostly in Russia. more

The Trouble with White Spaces

Like several other engineers, I'm disturbed by the white spaces debate because it focuses on what I regard as the wrong question. The White Space Coalition argues that showing that a system can be constructed that prevents interference between White Space Devices and television broadcast signals compels the Commission to offer up the White Spaces for unlicensed use. This is far from obvious. more

The Rise of WiFi Sensing and Its Implications for Home Security and Surveillance

It's incredibly hard to keep things private in the new digital age. There are far too many stories circulating about people who talked to a friend on the phone or texted about something and almost instantly got hit with ads for the subject of the conversation. And that happens without malware - no telling what information you're giving out if your devices have been infected with malicious software that is spying on you. more