Behind the Smoke Screen of Internet and International Infrastructure

In my recent write-up I start by discussing some recent threats network operators should be aware of, such as recursive DNS attacks. Then, a bit on the state of the Internet, cooperation across different fields and how these latest threats with DDoS also relate to worms and bots, as well as spam, phishing and the immense ROI organized crime sees. I try and bring some suggestions on what can be done better, and where we as a community, as well as specifically where us, the "secret hand-shake clubs" of Internet security fail and succeed. Over-secrecy, lack of cooperation, lack of public information, and not being secret enough about what really matters. more

Don’t Rely on Initial TLD Registration Volumes

When deciding to register a given domain name under any of the new ICANN-proposed top-level domains (TLDs), remember that a relatively high initial registration volume does not necessarily imply that the domain names will command high market value or that demand for them will grow. Below are some of the reasons... more

Evolution of the Dot Brand Domains in 5 Years

ICANN's last new gTLD application closed in 2012 with more than 600 brands applying for their dot brand. Dot brand domains associate a keyword or keyphrase and a brand name in a complete domain name... To understand better how the evolution of the dotBrand has been throughout these years, number of websites launched, redirects, registries etc, Dot Brand Observatory prepared a few visual graphics. more

Bill C-27: Historic Canadian Anti-spam Legislation Battered, But Still Unbeaten

As readers of CircleID have seen, there has been a lot of activity (for example, Michael Geist's "Canadian Marketing Association Attacks Anti-Spam Bill"), as the final votes of C-27 grow nearer. The history towards getting a spam law passed in Canada has been a long one. For years, CAUCE encouraged legislators to undertake this important work... Fast forward a few years, and a few governments, and suddenly we have a law tabled in the House of Commons... more

Fiber Infrastructure in China Has Grown Nine Times Faster Than in the U.S. Since 2013

While developed and developing countries are fully aware of the importance of robust Internet infrastructure in the digital age, none have the same level of ambition that has fueled China's aggressive rollout strategy over the past seven years. more

Domain Names as Second-Class Citizens

A new book by Dr. Konstantinos Komaitis (Lecturer in Law at the University of Strathclyde) provides a passionate yet legalistic and well-researched overview of the legal, institutional and ethical problems caused by the clash between domain names and trademarks. This is really the first decent book-length treatment of what is now a decade and a half of legal and political conflict between domain name registrants and trademark holders. more

Estimating Trademark Claims Notice Suppression of Non-Infringing New gTLD Registrations

On February 2nd ICANN staff announced the release of a Draft Report: Rights Protection Mechanisms Review that is open for public comment until May 1st. This Draft Report is preliminary to an Issues Report requested by the GNSO Council that is due to be delivered by September 30th, and that may set the stage for a Policy Development Process (PDP) on Rights Protection Mechanisms (RPMs) that could commence in 2016. Such a PDP could consider comprehensive reform of these RPMs as well as of the Uniform Dispute Resolution Policy (UDRP). more

The Design of the Domain Name System, Part V - Large Data

In the previous four installments, we've been looking at aspects of the design of the DNS. Today we look at the amount of data one can ask the DNS to store and to serve to clients. Most DNS queries are made via UDP, a single packet for query and a single packet for the response, with the packet size traditionally limited to 512 bytes. This limits the payload of the returned records in a response packet to about 400 bytes... more

How Many IPv4 Addresses Does the RIPE NCC Have Left?

Since IANA ran out of IPv4 addresses, people are increasingly aware of how short the remaining lifetime of IPv4 is. With World IPv6 Day taking place this week, the issue has come into even sharper focus. Since March 2011, the RIPE NCC has been publishing the size of its pool of available IPv4 addresses. All five Regional Internet Registries (RIRs) regularly publish the status of their IPv4 address pools. In the image below, you can see how the number of IPv4 addresses in the RIPE NCC pool changes over time. more

Verizon Throws 18 States Under the Progress Train

I am a happy Verizon FIOS fiber-to-the-home customer in Connecticut, I admire the long view Verizon took to build its FIOS infrastructure, and I appreciate the substantial punishment that Verizon took from Wall Street until it became obvious that FIOS would be a huge success. But Verizon is not building FIOS in all of its territories! Verizon is unloading land lines in eighteen states because they don't want to keep building FIOS there... more

Use of DNS Firewalls Could Have Prevented More Than $10B in Data Breach Losses Over the Past 5 Years

New research from the Global Cyber Alliance (GCA) released on Wednesday reports that the use of freely available DNS firewalls could prevent 33% of cybersecurity data breaches from occurring. more

7 Tips to Boost BYOD Security

The bring-your-own-device (BYOD) trend continues to make corporate inroads. According to Security Intelligence, more than 60 percent of enterprises now allow or "tolerate" employee mobile device use in the workplace. But companies still have significant security concerns, especially when it comes to the specter of lost data. Here are seven tips to boost BYOD security in 2015. more

SIEM Alternatives; How Does OpenXDR Make Traditional SIEM Obsolete?

OpenXDR is one of the most cost-effective SIEM alternatives that help businesses detect and mitigate threats within hectic modern architectures. A single cyber incident impacts every aspect of a business -- from system downtime, revenue losses, and reputation damage to disrupted operations. more

A DNS View of Lockdown

At NANOG 79 earlier this month Craig Labowitz from Nokia Deepfield presented on the impact on the COVID-19 pandemic on Internet use. The approach to the analysis used real-time streaming telemetry from Communication Service Provider (CSP) backbone and aggregation routers, and the data analysis covered content provider networks in North America, Europe and parts of Asia. more

Google as DNS, Wikileaks as PoC

Wikileaks is still accessible -- via Google. Does that change anything? For many Internet users IP addresses as well as domain names are completely transparent. Further, Google (and other search engines) and often the first stop when these users wants to find a service, or a web site. Thus, many of us discussed over the years the eventual viability of Google (... and other search engines) as "DNS" (note the "'s). Now, don't jump at my throat quite yet... more