If Only Mike Knew

In the year 2000, Mike wanted "d.com" for his company website. After all, if you sneaked around these so called "reserved domains" long enough, you might be puzzled to see...say this at "x.com" or this at "z.com" or perhaps this at "q.com". As mysterious as this is, you can imagine Mike's disappointment after receiving the following email... more

You Paid to Join; You Can Leave Anytime

Once upon a time, around 1998-1999, three of us were hired by APEC-Tel to study "International Charging Arrangements for Internet Services". APEC-Tel is a regular meeting of Pacific-nation telecommunications ministers. The impetus of the study was their consternation that connection to the Internet was being charged (paid for) in an entirely new way. The template of the old telephone settlement scheme had been overthrown. Those wishing to connect to the Internet, which was centred in the United States, were being forced to lay lines across the Pacific, pay landing rights in the United States or Canada, and pay further to connect to the Internet at the nearest negotiated peering or transit point. more

World IPv6 Day: A Year in the Life

On the 6th June 2012 we held the World IPv6 Launch Day. Unlike the IPv6 event of the previous year, World IPv6 Day, where the aim was to switch on IPv6 on as many major online services as possible, the 2012 program was somewhat different. This time the effort was intended to encourage service providers to switch on IPv6 and leave it on. What has happened since then? Have we switched it on and left it on? What has changed in the world of IPv6 over the past 12 months? Who's been doing all the work? more

Petition Against Site Finder

We Internet users, who either own domain names or have an interest in the domain name system, wish to object to the VeriSign's Site Finder system. We believe that the system: 1) Breaks technical standards, by rewriting the expected error codes to instead point to VeriSign's pay-per-click web directory, and threatens the security and stability of the Internet; 2) Breaks technical standards affecting email services, and other Internet systems... more

Minding Your IP Address Reputation

Network operators rely on guidance from IP address experts because not all IP addresses used on the Internet are the same. The "reputation" of email senders is especially important because some are malicious users of the system. But identifying "senders" based on their email addresses or the individual IP address of a user presents issues that are unnecessarily complex. more

A Trick to Register Good Generic Domain Names

A good domain name can be difficult to find... in particular when the domain name extension is highly demanded. It is what is happening with the .CLUB new gTLD. Should your Registrar tell you that the desired domain name is not available, it is not necessarily true. Anybody involved in launching a website has to go through a search for a domain name, and most of the time, it begins with the following question: "is the .com available?". Most of the time the answer is: "no it is not".  more

Analyzing Data for Business and Security Signals

Domain name registries and registrars play a critical role in the functioning of the internet, serving as gatekeepers to the DNS. As such, they have an important responsibility to ensure the security and stability of the DNS but also to promote the use of a domain name in a meaningful way for the end user. To be more efficient in achieving these goals, the domain name industry has started to become more open to the idea of leveraging their own internal data to gain insights about their current business. more

Legal Controls on Extreme End-to-End Encryption (ee2ee)

One of the most profoundly disruptive developments occurring in the cyber security arena today is the headlong rush by a set of parties to ubiquitously implement extreme End-to-End (e2e) encryption for communication networks using essentially unbreakable encryption technology. A notable example is a new version of Transport Layer Security (TLS) known as version 1.3. The activity ensues largely in a single venue... more

ICANN Ordered by Illinois Court to Suspend Spamhaus.org

Apparently, at this stage, it is only a proposed ruling. But I am no lawyer. This story has been discussed before, when Spamhaus, which is located in the UK, was sued in the US by a spammer. They refused to come before the court as "they do no business in Illinois, and are located in the UK...After this court ruling, Spamhaus.org was under a DDoS attack, in my opinion for the purpose of preventing users from reaching the information it provided about the court ruling. This was done along-side a Joe Job, sending fake email appearing to come from Spamhaus's CEO... more

An Opinion in Defence of NATs

Network Address Translation has often been described as an unfortunate aberration in the evolution of the Internet, and one that will be expunged with the completion of the transition of IPv6. I think that this view, which appears to form part of today's conventional wisdom about the Internet unnecessarily vilifies NATs. In my opinion, NATs are far from being an aberration, and instead, I see them as an informative step in the evolution of the Internet, particularly as they relate to possibilities in the evolution of name-based networking. Here's why. more

President of Tucows in Response to SiteFinder

I have been thinking a lot about stewardship lately in my role as CEO of Tucows and how that relates to employees, a board of directors and investors. Where I've got to, which is not necessarily relevant for this post, is that stewardship needs to exist at EVERY level of a company and a life. With the recent dustup created by Verisign's new Sitefinder service it has crystallized for me what has always bothered me about the .com/.net registry and the way Verisign has approached it.
 more

New Research from CSC on the Impact of COVID-19 on Internet Security and Safety

Hackers are using company domain names for malicious attacks more than ever before. Established research shows that phishing and related malware attacks most commonly occur from a compromised or hijacked legitimate domain name, a maliciously registered, confusingly similar domain name, or via email header spoofing. Domain security intelligence is the first line of defense in preventing domain cyberattacks. more

Follow a Phishing Case in Real Time: postfinances.com / Swiss Post

It is just another phishing case. Why should I care? I happened to receive my own copy of the phishing email message. Most Internet users will just smile bitterly before deleting it. I checked it to see why it had gone through the spam filters. It had no URL in the text but a reply-to address. So it needed a valid domain name, and had one: postfinances.com. PostFinance (without trailing "s") is the payment system of the Swiss Post. It has millions of users. more

CENTR Paper on Fifth World Telecommunication/ICT Policy Forum

Many nations, particularly from the developing world, look to the International Telecommunications Union (ITU) for advice on telecommunications issues and, increasingly, Internet governance issues. The ITU's Fifth World Telecommunication / ICT Policy Forum (WTPF-13), 14-16 May 2013, Geneva, Switzerland, will be the first WTPF to focus exclusively on Internet issues. more

Are We Ready for Big Bandwidth Applications?

There is a recent industry phenomenon that could have major impacts on ISP networks in the relatively near future. There has been an explosion of households that subscribe to gigabit data plans. At the end of 2018, only 1.8% of US homes subscribed to a gigabit plan. This grew to 2.8% by the end of 2019. With the pandemic, millions of homes upgraded to gigabit plans in an attempt to find a service that would support working from home. more