Petition Against Site Finder

We Internet users, who either own domain names or have an interest in the domain name system, wish to object to the VeriSign's Site Finder system. We believe that the system: 1) Breaks technical standards, by rewriting the expected error codes to instead point to VeriSign's pay-per-click web directory, and threatens the security and stability of the Internet; 2) Breaks technical standards affecting email services, and other Internet systems... more

The Debate Continues: Geist Replies to CENTR Response

While this may be better suited as a comment to the CENTR posting, I thought that its length might warrant a separate submission. Many thanks to CircleID for hosting this interesting discussion. Below is the full text of a comment I forwarded to CENTR earlier today in reply to its commentary on my recent study on national governments and ccTLDs. ...I should also preface my remarks by noting that I speak for myself -- not the ITU (see below), nor CIRA, (a CENTR member ) on which I serve on the board of directors, nor the Public Interest Registry, which manages the dot-org domain and on which I serve on the Global Advisory Council. more

How DANE Strengthens Security for TLS, S/SMIME and Other Applications

The Domain Name System (DNS) offers ways to significantly strengthen the security of Internet applications via a new protocol called the DNS-based Authentication of Named Entities (DANE). One problem it helps to solve is how to easily find keys for end users and systems in a secure and scalable manner. It can also help to address well-known vulnerabilities in the public Certification Authority (CA) model. Applications today need to trust a large number of global CAs. more

No Spectrum Shortage, Just an Allocation Problem

As a new study from Citi Investment Research & Analysis make clear, the US does not have a spectrum shortage. We've just allowed a relatively small number of carriers to control the spectrum. ... Perhaps if we had an effective "use it or lose it" policy in place, or a heavy tax on unused spectrum a more vibrant market for this spectrum would emerge. more

If Only Mike Knew

In the year 2000, Mike wanted "d.com" for his company website. After all, if you sneaked around these so called "reserved domains" long enough, you might be puzzled to see...say this at "x.com" or this at "z.com" or perhaps this at "q.com". As mysterious as this is, you can imagine Mike's disappointment after receiving the following email... more

Interesting Facts About Domain Names

During a database testing, Dennis Forbes makes use of the .com zone file as data sample but he also stumbles upon some unexpected domain name discoveries which he has reported on his site. Dennis Forbes explains: "I recently had a need for a mid-sized amount of real-world data, which I required for testing purposes on low-end hardware (testing and demonstrating some of the new functionality of SQL Server 2005). I wanted something that wasn't confidential, which excluded the easy choice of using business data, and I refrain from using artificial data..." more

A Trick to Register Good Generic Domain Names

A good domain name can be difficult to find... in particular when the domain name extension is highly demanded. It is what is happening with the .CLUB new gTLD. Should your Registrar tell you that the desired domain name is not available, it is not necessarily true. Anybody involved in launching a website has to go through a search for a domain name, and most of the time, it begins with the following question: "is the .com available?". Most of the time the answer is: "no it is not".  more

“.Pol”, a “.Com” for Political Candidates

In the coming months, ICANN will ambitiously expand the number of top-level domains (TLDs). ICANN could add ".movie" and ".paris", among others, to the existing ranks of ".com", ".org", ".gov", and ".edu". Here's another they should consider: a new ".pol" TLD that is reserved exclusively for political candidates and entities. A ".pol" TLD is needed to alleviate problems linked to a now-common phenomenon called political cybersquatting... more

The Highest Threat TLDs - Part 2

In the first article of this two-part blog series, we looked at how frequently domains were used by bad actors for phishing activity across individual top-level domains (TLDs) or domain extensions, using data from CSC's Fraud Protection services, powered by our DomainSecSM platform. In this second article, we analyze multiple datasets to determine the highest-threat TLDs, based on the frequency with which the domains are used egregiously for a range of cybercrimes. more

World Economic Forum Davos 2022: War in Ukraine, Metaverse und Splinternet

The war in Ukraine, Metaverse and Splinternet were among the most discussed items during the recent World Economic Forum (WEF) in Davos. The topic of cyber security was primarily about the role of cyberattacks in the Ukraine war. Cyber is not the focus of day-to-day public war reporting but is an integral part of warfare on both sides. This applies above all to the use of "social media." more

UNESCO Director-General on Linguistic Diversity on the Internet: Main Challenges Are Technical

Today, Irina Bokova, Director-General of UNESCO has released a statement concerning the linguistic diversity on the Internet stating: "UNESCO's experience and the 2012 study of the use of internationalized domain names undertaken with EURid show that the main challenges are technical. Obstacles lie with Internet browsers that do not consistently support non-ASCII characters, with limited e-mail functionality, and with the lack of support of non-ASCII characters in popular applications, websites and mobile devices." more

The Ugly End of the Phone Network

I was a little early. "By the end of President Obama's first term, there won't be any more copper landlines left in the country, I blogged just after Obama had been elected. Before that I'd prophesized the end of POTS (Plain Old Telephone Service) by 2010. Nevertheless, the end is nigh. And it's gonna be ugly without some planning. more

Follow a Phishing Case in Real Time: postfinances.com / Swiss Post

It is just another phishing case. Why should I care? I happened to receive my own copy of the phishing email message. Most Internet users will just smile bitterly before deleting it. I checked it to see why it had gone through the spam filters. It had no URL in the text but a reply-to address. So it needed a valid domain name, and had one: postfinances.com. PostFinance (without trailing "s") is the payment system of the Swiss Post. It has millions of users. more

IoT Devices Will Never Be Secure - Enter the Programmable Networks

Harvard Business Review just ran an interesting article on the information security aspects of Internet of Things (IoT). Based on the storyline, the smart city initiatives are doomed to fail unless the security of the IoT devices and the systems will be improved. While security of the digital society is obviously a key concern, I am not entirely convinced that relying on the security of individual devices and systems is the best course of action. more

Which Domains Stand the Strongest Against Phishing Attacks?

The latest Anti-Phishing Working Group (APWG) Global Phishing Survey, which analyzed over 100,000 phishing attacks in the first half of 2014, examines the progress that top level domains (TLDs) are making in responding to phishing attacks that use their TLDs. The report finds the .INFO domain has the lowest average phishing uptimes as compared to other TLDs, such as .COM and .NET. more