Deadline of July 2 to Nominate People for Jonathan B. Postel Service Award

Do you know of someone who has made the Internet better in some way who deserves more recognition? Maybe someone who has helped extend Internet access to a large region? Or wrote widely-used programs that make the Internet more secure? Or served in some capacity behind the scenes in Internet services? Or maybe someone who has been actively working for open standards and open processes for the Internet? more

Google Received 65.9 Million Take Down Requests Last Month, Company Reports

As part of its transparency report, Google says Copyright removal requests continue to be on steady rise and that the company received a new record 65,923,523 requests just last month. more

Response to Inaccurate .travel Wild Card Assessments

Bret Fausett's recent assessment of Tralliance's ".museum-like" wild card is just dead wrong. If Tralliance is so focused on monetizing its search results, why, then, would we not capitalize on the cornerstone of our registry, directory.travel? The fact is .travel is a sponsored space on the Net that is designed to do one thing and one thing only: Serve its constituency. For years the community has heard me at the open forum microphone reminding the ICANN board of directors that the industry was anxious to have its own domain to enable it to improve business efficiency... more

Is it Time for a Registration Operations Industry Association? (Part 1)

Since 2001 there have been occasional conversations on technical mailing lists exploring the concept of creating an independent industry association or consortium of domain registration operators. My recent experiences with the evolution of extensions to the Extensible Provisioning Protocol (EPP) have convinced me to look at these suggestions more closely, and I'm now convinced that this is an idea worth exploring. "Registration Operations" refers to the technical tasks, such as the development, deployment, and ongoing systems administration of EPP, performed by registries and registrars to provide registration services. more

The Internet Monopoly

People are increasingly becoming aware of the emerging 'internet monopoly'. Companies such as Google, Facebook, Twitter and many the other (local) social network and media sites are becoming so large and powerful that they can dictate the use of their services in such a way that people lose control over their own information and their participation in these networks. ... These digital media developments certainly did happen, but they are not founded on the 'permission-based' principles that we advocated during all those years. more

ICANN and the Data Quality Act: Part VI

This is the sixth part of a multi-part series reported by ICANNfocus. This part focuses on ICANN's Strategic Plan. Read previous parts: Part I, Part II, Part III, Part IV, Part V. "The requirement that ICANN develop a Strategic Plan offers an important opportunity for achieving meaningful reform of the organization. The Strategic Plan is one of the key new ICANN duties contained in the most recent amendment to their Memorandum of Understanding (MOU) with the Department of Commerce. The MOU specifies in considerable detail the elements that ICANN is to include in the Plan including issues ranging from executive compensation to mechanisms for ICANN accountability..." more

The Proxy Fight for Iranian Democracy

If you put 65 million people in a locked room, they’re going to find all the exits pretty quickly, and maybe make a few of their own. In the case of Iran’s crippled-but-still-connected Internet, that means finding a continuous supply of proxy servers that allow continued access to unfiltered international web content like Twitter, Gmail, and the BBC... more

Wow! BIND9 9.10 Is out, and What a List of Features!

Today the e-mail faerie brought news of the release of BIND9 9.10.0 which can be downloaded from here. BIND9 is the most popular name server on the Internet and has been ever since taking that title away from BIND8 which had a few years earlier taken it from BIND4. I used to work on BIND, and I founded ISC, the home of BIND, and even though I left ISC in July 2013 to launch a commercial security startup company, I remain a fan of both ISC and BIND. more

Dell Loses Key Customer Support Domain Name for a Month, Site Exposed to Questionable Content

The website designated by Dell Inc. to help customers recover from malicious software and other computer maladies may have been hijacked for a few weeks this summer by people who specialize in deploying said malware, reports Brian Krebs in KrebsOnSecurity. more

URL Shorteners

If you're a twit a Twitter user, you've likely used one or another of the URL shorteners out there. Even if you're not, you may have run across a shortened URL. The first one I encountered, several years ago, was tinyurl.com, but there plenty of them, including bit.ly, tr.im, qoiob.com, tinyarrow.ws, tweak, and many others. ... What would best practices for URL shortening services look like? Some suggestions, from others as well as from me. more

How to Avoid Insider Threats Such as the Latest New York Post Hacking

New York Post has been "hacked" by an employee. To protect themselves from insider threats, companies can deploy zero trust and restrict access. On October 27, the New York Post published a string of racist and sexist articles on its website. Fabricated news about politicians, such as pieces concerning racist comments of a New York City mayor, has been headlining the publication. more

Bigger, Faster, Better (and Cheaper!)

Let's take a second to look back some 50 years to the world of 1972 and the technology and telecommunications environment at that time. The world of 1972 was one populated by a relatively small collection of massive (and eye-wateringly expensive) mainframe computers that were tended by a set of computer operators working around the clock and directed by specialized programmers, trained in the obscure symbol set used by the job control systems on these computers. more

Edge Computing, Fog Computing, IoT, and Securing Them All

The oft used term "the Internet of Things" (IoT) has expanded to encapsulate practically any device (or "thing") with some modicum of compute power that in turn can connect to another device that may or may not be connected to the Internet. ... The information security community -- in fact, the InfoSec industry at large -- has struggled and mostly failed to secure the "IoT". This does not bode well for the next evolutionary advancement of networked compute technology. more

Clarke and Knake’s “Cyberwar”

I just finished reading Richard Clarke and Robert Knake's book Cyberwar. Though the book has flaws, some of them serious, the authors make some important points. They deserve to be taken seriously. I should note that I disagree with some of my friends about whether or not "cyberwar" is a real concept. Earlier, I speculated that perhaps it might be a useful way to conduct disinformation operations, but it need not be so limited. more

We Must Keep Track of How Countries Will Confront Cybercrime in a New UN Convention

As a designated committee of experts prepares to draft a new treaty to combat the use of information and communications technologies in cybercrime at the UN in January 2022, it is paramount that other stakeholders oversee these discussions to avoid violating human rights on the Internet. This initiative was kickstarted by a 2019 resolution led by Russia and endorsed by other countries considered by many to behavior controversially on cybersecurity matters, such as China, Venezuela, Cambodia, North Korea, and others. more