CAN-Spam-a-Friend? The Case Against Reunion.com

Hoang v. Reunion.com sidesteps an eagerly anticipated legal dispute over the legality of commercial address book scraping and 'send-to-a-friend' emails, and also highlights the damage that can cascade when a federal Circuit Court woefully misreads a statute. more

Neelie Kroes, the EU, Cloud Computing, Regulation and Good Ears

In her blog EU Commissioner Neelie Kroes blogs on her stance on cloud computing. In short: this is a good development which the EU will embrace and advocate, but may need regulation in order to ensure a safe environment for industry and individuals in the cloud. Here's some thoughts on that. more

Registry-Registrar Cross Ownership: Framing the Issues

There has been much said and written recently about the issue of registry-registrar cross ownership with regard to New Top Level Domains ("New TLDs"). It is clear that there appears to be a fair amount of confusion about the issue and the positions espoused by various parties. To assist the ICANN community in understanding the issue -- the points of agreement and debate -- I offer the following overview on behalf of Network Solutions and Central Registry Solutions... more

Facebook Apps on Any Website: A Clever Move? Or a Security Nightmare?

Well, given the amount of malicious JavaScript, malware, and other possibilities to use Facebook (and other similar social networking platforms) for abuse, I certainly wouldn't categorize this news as a "clever move"... In fact, I foresee this as an extraordinarily short-sighted move with far-reaching security implications -- which will allow the levels of malicious abuse to reach new heights. more

The G7 and EU Join China in Call for Space Debris and Collision Regulation

Last month, the Chinese government published space situational awareness and traffic management regulations and procedures designed to guard against collisions in orbit and mitigate space debris, and this month, at the G7 summit, delegates from Canada, France, Germany, Italy, Japan, the USA, the UK, and the EU pledged to take action to tackle the growing hazard of space debris as our planet's orbit becomes increasingly crowded. more

Facebook Enters Wholesale Fiber Business, Plans to Sell Unused Capacity on New Fiber Routes

Facebooks says it intends to allow third parties - including local and regional providers - to purchase excess capacity on its fiber. more

A Look at the Current State of ccTLDs, Particularly in Europe

European ccTLDs have passed 67 million registrations in total at a net growth of 0.7% over the past quarter, according to the new DomainWire report by Council of European National Top level Domain Registries (CENTR). more

The White House Broadband Plan

Reading the White House $100 billion broadband plan was a bit eerie because it felt like I could have written it. The plan espouses the same policies that I've been recommending. This plan is 180 degrees different than the Congress plan that would fund broadband using a giant federal, and a series of state reverse auctions. The plan starts by citing the 1936 Rural Electrification Act, which brought electricity to nearly every home and farm in America. more

The Worm and the Wiretap

According to recent news reports, the administration wants new laws to require that all communications systems contain "back doors" in their cryptosystems, ways for law enforcement and intelligence agencies to be able to read messages even though they're encrypted. By chance, there have also been articles on the Stuxnet computer worm, a very sophisticated piece of malware that many people are attributing to an arm of some government. The latter story shows why cryptographic back doors, known generically as "key escrow", are a bad idea. more

A New Boom to Come? Re-Evaluating the Success of the New TLD Program

I think it's fair to say that quite a few people -- both within the domain name industry and beyond -- have an opinion on whether the new TLD program is succeeding or struggling. But are things really all that bad? Are we forecasting doom before it has really had a chance to run? Crunching the numbers... Let's consider the (relatively short) history to this point and take a look at some statistics. more

ICANN’s Weak Accountability Remains a Problem

The JPA is dead, and in its place is the Affirmation of Commitments. Much debated, this change is anticipated to bring more global participation into ICANN's governance. Increased globalization may turn out to be beneficial for the Internet community, if it helps to shore up ICANN's institutional weaknesses. But the Affirmation leaves important questions unanswered... more

No Virginia, You Have No Duty to Secure Your WiFi Access Point

Every now and again a report flies across the network about the police breaking down someone's door and attempting to arrest the home owner for bad things online - assuming that whatever happened from that person's Internet connection is their fault. Now there are lots of problems with this - lots of problems. But one of the big ones is that anyone can access an open access point... more

The Story of Conficker and the Industry Response

On November 2, 2009, Microsoft released its seventh edition of the Security and Intelligence Report (SIR). The SIR provides an in-depth perspective on the changing threat landscape including software vulnerability disclosures and exploits, malicious software (malware), and potentially unwanted software. Using data derived from hundreds of millions of Windows computers, and some of the busiest online services on the Internet, this report also provides a detailed analysis of the threat landscape and the changing face of threats and countermeasures and includes updated data on privacy and breach notifications. The following is an excerpt from the SIR, pp 29-32, about the Conficker worm and the industry response that showed an incredible amount of collaboration across vendors. more

IPv6: The Four Horsemen of the IPcalypse

War, famine, pestilence and death. They fought for the last IPv4 addresses, hoarded and sold them at outrageous prices, traffic and commerce came slowly to a halt... Pestilence invaded the internet... Bandits roam the lands. A retired general told recently that the internet looks like the North German plains, easy to invade. Cyberwar and Cybersecurity are becoming mainstream subjects and have increasing Government attention. more

Mitigating the Increasing Risks of an Insecure Internet of Things

The emergence and proliferation of Internet of Things (IoT) devices on industrial, enterprise, and home networks brings with it unprecedented risk. The potential magnitude of this risk was made concrete in October 2016, when insecure Internet-connected cameras launched a distributed denial of service (DDoS) attack on Dyn, a provider of DNS service for many large online service providers (e.g., Twitter, Reddit). Although this incident caused large-scale disruption, it is noteworthy that the attack involved only a few hundred thousand endpoints... more