Spam on P2P networks used to be mainly with advertising inside downloaded movies and pictures (mainly pornographic in nature), as well as by hiding viruses and other malware in downloaded warez and most any other file type (from zip archives to movie files). Further, P2P networks were in the past used for harvesting by spammers. Today, P2P has become a direct to customer spamvertizing medium. This has been an ongoing change for a while. As we speak, it is moving from a proof of concept trial to a full spread of spam, day in, day out... more
From the perspective of Internet security operations, here is what Net Neutrality means to me. I am not saying these issues aren't important, I am saying they are basically arguing over the colour of bits and self-marginalizing themselves. For a while now I tried not to comment on the Net Neutrality non-issue, much like I didn't comment much on the whole "owning the Internet by owning the Domain Name System" thingie. Here it goes anyway. Two years ago I strongly advocated that consumer ISP's should block some ports, either as incident response measures or as permanent security measures... more
Black Frog -- a new effort to continue the SO-CALLED Blue Security fight against spammers. A botnet, a crime, a stupid idea that I wish would have worked -- News items on Black Frog. Blue Frog by Blue Security was a good effort. Why? Because they wanted to "get spammers back". They withstood tremendous DDoS attacks and abuse reports, getting kicked from ISP after ISP. ...The road to hell is filled with good intentions. Theirs was golden, but they got to hell, quite literally, non-the-less. ...When Blue Security went down, some of us made a bet as to when two bored guys sitting and planning their millions in some café would show up, with Blue Security's business plan minus the DDoS factor. Well -- they just did. more
I'm sure this is something that's been raked over before, but I don't see a common understanding of what 'Net Neutrality' actually is. Despite many of the Internetorati demanding it by law. There appear to be several different camps, which you could paint as "bottom of IP", "middle" and "top". The bottomistas would see enforced Internet Protocol itself as a premature optimisation and violation of the end-to-end principle. Unhappy that you only get IPv4 or IPv6? Still grumpy that you only have IPv4 and not even IPv6? Really miserable that your VoIP packets are staggering under the poisonous load of IPv6 headers? You're a bottomista. more
Is it just a coincidence that some of the leading Internet-based application companies are pushing aggressively into network connectivity at exactly the same time the major telephone companies are pushing into content? Or are we witnessing the end of the Internet as we know it? Think back to the online world fifteen years ago. There was AOL, there was Compuserve, there was Prodigy, and there was Apple's eWorld. Sure, there were researchers and students posting to Usenet newsgroups and navigating through Gopher sites, but the Internet was a sideshow for individuals and business users. ...the online world of those days was fragmented and small. Every online service was an island. Are we going back to those days? more
The Domain Name System is often though of as an integral part of the Internet. Without it, how can you ever locate anything? Well, quite easily, thank you very much. DNS is used implicitly for many services, such as web browsing. It also includes explicit extensions for a few applications such as e-mail. (I'm talking here about DNS the system, not DNS the technology that can be re-purposed to things like ENUM.) But the most notable thing about DNS is its receding importance... more
A recent study conducted by Blue Security reports how Internet users can unknowingly expose their contacts' emails addresses to Spammers while sharing files, music, games and DVDs over Peer-to-Peer (P2P) networks. The study has uncovered hundreds of incidents where files containing email addresses were made accessible in P2P networks. more
This morning, at 10 am in 2141 Rayburn, the Subcommittee on Courts, the Internet, and Intellectual Property is holding a hearing on "Internet Domain Name Fraud -- New Criminal and Civil Enforcement Tools." At that hearing, the Subcommittee will be considering a new Whois bill creating new penalties for people who provide false data when registering a domain name. We need to raise our collective eyebrows at this bill (which was suddenly dropped the evening before this hearing). The title of the bill is the "Fraudulent Online Identity Sanctions Act." (FOISA) more
I was reading David Weinberger's reports on how the New York Times is planning on tackling its "link rot" problem where articles slip behind the pay-wall. Part of their solution appears to be to replace articles with their summaries. As usual, this got me thinking about telephony. Why don't phone calls and callers have URIs or URLs? ...Let's take addressing the endpoints first. Obviously, ENUM is one way of "Internetising" the phone number address space. more
I've been trying to avoid writing about the Internet as such. With as "At the Edge" I'm looking at larger issues but can't escape writing more directly about the Internet. It seems as if everyone wants a say in Internet policy without distinguishing between technical and social issues. Today the term "The Internet" or, for many simply "Internet" is more of brand than a term for a specific technology and its implications. It has become too easy to talk about the Internet in lieu of understanding. We also see the converse -- a failure to recognize "Internet" issues. more
In his article titled, "End of Life Announcement", John Walker (author of the Speak Freely application) makes a few arguments about Network Address Translation (NAT) that are simply not true: "There are powerful forces, including government, large media organisations, and music publishers who think this situation is just fine. In essence, every time a user--they love the word "consumer"--goes behind a NAT box, a site which was formerly a peer to their own sites goes dark, no longer accessible to others on the Internet, while their privileged sites remain. The lights are going out all over the Internet. ...It is irresponsible to encourage people to buy into a technology which will soon cease to work." more
Please do sit down. Should the shock cause you to suddenly lose consciousness, I hereby disclaim all responsibility for any subsequent loss or injury. I'm about to defend the anthrax of the Internet: NAT. Network Address Translation is a hack to enable private IP addresses on one side of a router (inside your network) to talk to public IP addresses on the other side (on the Internet, outside your network). It really doesn't matter how it works. The consequence is that unless the router is specifically configured, outsiders can't get in uninvited. So those on the inside can't, by default, act as servers of any service to the outside world. more
Attacks on ICANN are coming from several different directions, and the list of concerns includes "cybercrime and protection of intellectual property rights."... First, it's not apparent to me that any government can "control" the internet -- and it's even less likely that that control can happen through the DNS. The most that governments will do will be to build walls between nations, requiring their ISPs to point only to approved sites. (China is well on its way to doing this already.) That's not controlling the Internet, that's creating different, national Internets. more
The Internet was replaced by a dual system created in 2014: a fiber optic network called "Net2Cash". It has a speed of one hundred Petabits per second (equivalent to 100 million Gigabits per second or 100,000 million Megabits per second). We no longer talk about Megabytes or Gigabytes because that is old school. Nowadays a couple of Exabites store the content of all written by man, from books and newspapers to Sumerian clay tablets; from Inca quipus and Egyptian hieroglyphs to all homework made by kids registered in elementary school. more
The 85th meeting of the Internet Engineering Task Force (IETF) begins next week in Atlanta, Georgia, USA. Over 1000 engineers, maybe as many as 1400 or more, from all around the world will gather in various working groups to discuss and debate issues relating to the open standards that define the Internet's infrastructure. more