US, Russia and China Stay Out of Paris International Cybersecurity Pact

US, China and Russia have refused to sign the French-backed agreement, Paris Call for Trust and Security in Cyberspace, announced by French President at the UNESCO Internet Governance Forum (IGF) on Monday. more

Vietnam Primary Source of Spam in November

Vietnam is now responsible for more than 10% of the worlds spam, according to threat analysis from managed security firm, Network Box. November saw malware threat levels remain consistently high with Vietnam taking the number one spam spot from last month’s chart topper, Brazil. more

Let a Thousand Flowers Bloom… But Watch Out for Weeds

When ICANN committed -- after no small debate -- to an open, rather than limited application process for new gTLDs, supporters likened it to "letting a thousand flowers bloom." On reveal day we got our first glimpse at the thousand (plus) flowers they promised. Now it falls to ICANN to tend this wild new garden... But now the fun of spreading the seeds has already begun to fade, and the hard work of turning this new, unprecedented flowerbed into a safe, innovative and worthwhile global garden has already begun. more

When the Internet Service Provider is Government-Owned Monopoly: Cuba’s Forthcoming 3G Pricing Model

Jorge Luis Valdés Hernández, Director de Servicios Convergentes de la Vicepresidencia de Integración Comercial de ETECSA, described the forthcoming changes to their mobile Internet service in a recent press conference. (He also has a very long job title). To be honest, the press conference coverage left me a bit confused, but this is some of what he said as I understood it. more

Fairness & Due Process Require Changes to ICANN’s “Updated Supplementary Procedures” to the IRP

The Updated Supplementary Procedures for Independent Review Process ("IRP Supplementary Procedures") are now up for review and Public Comment. Frankly, there is a lot of work to be done. If you have ever been in a String Objection, Community Objection, or negotiated a Consensus Policy, your rights are being limited by the current way the IRP Supplementary Procedures proposal is structured. With timely edits, we can ensure that all directly-impacted and materially-affected parties have actual notice of the IRP proceeding... more

The Antivirus Uncertainty Principle

The antivirus industry has been trying to deal with false positive detection issues for a long, long time - and it's not going to be fixed anytime soon. To better understand why, the physicist in me draws an analogy with Heisenberg's Uncertainty Principle - where, in its simplest distillation, the better you know where an atom is, the less likely you'll know it's momentum (and vice versa) - aka the "observer effect". more

Growth in Commercial Sinkholing Operations

The last couple of years have seen a growth in commercial sinkholing operations. What was once an academic method for studying botnets and other types of Internet-born threat, has more recently turned in to an increasingly profitable business for some organizations. Yesterday I published a blog on the DarkReading site titled Sinkholing For Profit, and I wanted to expand upon some aspects of the sinkholing discussion (there's only so much you can fit in to 800-ish word limits). more

Analysis of Wireless Broadband Plan in 2nd Stimulus Package

While it was good to see that the Administration included telecoms in its new stimulus package - which was launched in September 2011 - the concerns expressed when the project was announced last year still persist. Wireless is not a solution to the significant broadband problems the USA is facing. ... The new plan seems to be driven more by the failed attempts in previous initiatives to roll out more broadband infrastructure. more

FCC Nixes Starlink and LTD Broadband

On August 10, the FCC issued a press release denying the long-form applications of Starlink and LTD Broadband in the RDOF reverse auction. This is big news because these are two of the biggest winners of the reverse auction. LTD Broadband was the largest winner of the auctions at $1.32 billion, while Starlink had claimed over $885 million in the auction. more

Trump’s Strange WRC-19 Letter

The 2019 World Radiocommunication Conference (WRC-19) is underway. It is the latest in a continuum of treaty-making gatherings that began in 1903 and is devoted to the now 116-year-old art of globally carving up the radio spectrum among designated uses that is instantiated in the Radio Regulations treaty agreement. Not unexpectedly, the event includes designation of 5G spectrum that flows from the requirements long set in 3GPP and GSMA. more

One Third of Companies Employing Staff to Monitor Content of Outbound Email, According to Survey

A recent survey of US companies conducted by Proofpoint has found companies increasingly concerned over data leaks via emplyee misuse of email, blogs, social networks, multimedia channels and text messages. From the report: "[A]s more US companies reported their business was impacted by the exposure of sensitive or embarrassing information (34 percent, up from 23 percent in 2008), an increasing number say they employ staff to read or otherwise analyze the contents of outbound email (38 percent, up from 29 percent in 2008). The pain of data leakage has become so acute in 2009 that more US companies report they employ staff whose primary or exclusive job is to monitor the content of outbound email (33 percent, up from 15 percent in 2008)." more

Behind the Curtain: Making IPv6 Work

Wouldn't it be nice if turning on IPv6 really was 'press one button and the rest is magic' easy? For some things, it is. If you're talking about client-side, enabling an IPv4-only home service on DSL or fibre really can be this simple, because all the heavy lifting is being done inside your ISP: you're not enabling IPv6 in the network, you're turning on the last mile. It was knocking at your door and you just had to let it in. more

Call for Participation - ICANN DNSSEC Workshop at ICANN62, Panama City

Would you like to share information about how you are using DNSSEC with the wider technical community? Do you have an idea for how to make DNSSEC or DANE work better? Or work with new applications? If so - and if you will be attending ICANN 62 in Panama City, Panama from 25-28 June 2018 - then please consider sending in a proposal to participate as a speaker in the ICANN 62 DNSSEC Workshop! more

Disclosing Unique User IDs in URLs Doesn’t Violate ECPA - In re Zynga/Facebook

In separate lawsuits, plaintiffs alleged Facebook and Zynga violated the Stored Communications Act (in Zynga's case, also the Wiretap Act). The crux of plaintiffs' allegations was that when a Facebook user clicked on an ad or a link, the HTTP request sent by the browser included the user's Facebook ID and the address of the webpage the user was viewing when he or she clicked the link. An end user's request to play Farmville would result in the transmission of similar information to third parties. more

Microsoft and Financial Services Groups Disrupt Zeus Botnet Servers

Microsoft's Digital Crimes Unit - in collaboration with Financial Services - Information Sharing and Analysis Center (FS-ISAC) and NACHA - The Electronic Payments Association, as well as Kyrus Tech Inc. - has executed a coordinated global action against some of the worst known cybercrime operations fueling online fraud and identity theft, said Microsoft in an announcement today. "With this legal and technical action, a number of the most harmful botnets using the Zeus family of malware worldwide have been disrupted in an unprecedented, proactive cross-industry operation against this cybercriminal organization." more