I came across an interesting article on Reuters today: "U.S. securities regulators formally asked public companies for the first time to disclose cyber attacks against them, following a rash of high-profile Internet crimes..." This is a pretty big step for the SEC. Requiring companies to disclose when they have been hacked shifts the action on corporations from something voluntary to something that they have to do. The question is do we want to hear about everything? more
Studies have found only limited, insufficient agency adherence with FISMA's (Federal Information Security Management Act) continuous monitoring mandates. One survey found almost half of federal IT professionals were unaware of continuous monitoring requirements. A recent GAO report found that two-thirds of agencies "did not adequately monitor networks" to protect them "from intentional or unintentional harm." more
Recent articles in the press have outlined how sites including MSN and Hulu are now using an advanced version of the old cookie file to track user behavior. These "supercookies" are very hard to detect and delete, and can track user behavior across multiple sites, not just one. These tricky little trackers have lawmakers pressing the FTC to investigate, and the IAB scrambling to defend industry practices. more
Signing Email is now a Draft Standard! Signing email transitioned from a proposed standard to a draft standard (RFC6376 -- one of the new RFCs) over at the IETF a few days ago. The other is RFC6377. Let's go through a brief history of DKIM RFCs to refresh our memories... more
I read with interest the piece by the Chairman of the Association of National Advertisers (ANA), Garry Elliot, in Advertising Age, which was partly prompted by my commentary in the same publication describing why new generic Top-Level Domains (gTLDs) could be an opportunity for some brands. He says: "From all I've seen, no matter how one tries to justify ICANN's process or the benefits it speculates will occur, it is simply impossible to defend the economics of the ICANN proposal. That is the Achilles' heel of this entire exercise. To paraphrase an old saying, 'It's the economics, stupid.'" more
While it was good to see that the Administration included telecoms in its new stimulus package - which was launched in September 2011 - the concerns expressed when the project was announced last year still persist. Wireless is not a solution to the significant broadband problems the USA is facing. ... The new plan seems to be driven more by the failed attempts in previous initiatives to roll out more broadband infrastructure. more
Wout de Natris: "In this decision OPTA revokes the registration of Diginotar as a so called Trusted Third Party. Diginotar issued certified certificates for digital signatures. The security breach by Iranian hackers over the summer, which Diginotar did not report to the authorities, lead to severe credibility issues for all Diginotar certificates issued before. This included Dutch government websites, but also led to severe breaches of privacy for Iranian end users, in multiple countries. As a result of OPTA's decision all certificates issued by Diginotar have to be revoked, while at the same she is forbidden to issue new ones. more
At the Government Roundtable meeting in Amsterdam on 12 September RIPE NCC presented on her results on auditing Local Internet Registries (LIRs) and on the policy process concerning certification of her members. If this showed something to the world it is that cooperation with governments and law enforcement agencies (LEAs) pays off and self-governance can work. How did this come about? more
When it comes to building a robust globe-spanning network of crimeware and making the victims dance to a tune of the cyber-criminals' choosing, you're guaranteed to find domain name abuse at the heart of the operation. DNS provides the critical flexibility and underlying scalability of modern command-and-control (C&C) infrastructure. Cyber-criminals that master DNS (and manage to maintain the stream of new domain registrations that keep it fed) tend to find themselves in command of the largest and most profitable crimeware networks. more
I once wrote about about the legal right objections on Guillon.info and with all these new generic Top-Level Domain (gTLD) announcements, I find it interesting to check if an application could be blocked by paragraph 3.2.2.2 of the latest Draft Applicant Guidebook. more
Kieren McCarthy reporting in .nxt: "An extraordinary series of policy papers drawn up by the European Commission and seen by .Nxt have called for greater governmental control over the Internet's domain name system. ...the measures would provide governments with de facto control over the Internet's naming systems and bring an end to the independent and autonomous approach that has defined the Internet's domain name system since its inception." more
The international press is alight with reports of various countries considering privacy and anti-spam legislation. It appears that many countries have arrived at the logical conclusion that after years of supposed 'self regulation'; some marketers must be brought to heel by way of regulation and law, to stop abusive practices. more
ICANN Chairman and other departures after the board's vote to approve the New generic Top-Level Domains (gTLDs) in Singapore draw criticism, reports The Washington Post. Shortly after the vote, Peter Dengate Thrush joined a New gTLD Group which stands to greatly benefit directly from this vote on the program he led on for nearly 3 years. This appears to have caused grave damage to ICANN's credibility internationally drawing international Press and Governments criticism over conflict of interest. more
In keeping with the discussion that I have been involved in over the last decade, 'structural changes' should be today's key phrase - not just for the telecoms sector but for every sector in our economies. It has been clear for a long time that structural change is well overdue. It doesn't really matter which sector you pick, you will see that some of these reform debates go back at least a decade - and often longer -- in healthcare, education, environment, energy, finance and banking and media. more
Telecoms engineers from all of the major telecoms services and equipment companies around the world agree that FttH is the only future-proof telecommunications technology. So who should we trust - the technology experts or politicians with different agendas? If there had been a division of opinion among these experts it would have been necessary to investigate it; but if they are all in agreement it is safe to follow their advice. more
A World-Renowned Source for Internet Developments. Serving Since 2002.