This case involves an alleged domain name theft. Solid Host is a web host and initial owner of the domain name solidhost.com, which it registered through eNom in 2004. Solid Host claims that in 2008, a security breach at eNom allowed an unknown interloper (Doe) to steal the domain name and move the registration to NameCheap. Doe also acquired NameCheap's "WhoisGuard" service, a domain name proxy service that masked Doe's contact information in the Whois database. Solid Host contacted Doe and sought the domain name; Doe asked for $12,000, and Solid Host took a pass... more
IT security strategies invariably focus on maintaining impenetrable fortresses around computers and network systems. Firewalls, virtual private networks and anti-virus programs are the tools IT engineers use to create their digital security. Sophisticated defense systems can be very effective at keeping the obvious attackers at bay, yet they often create a false sense of security because the real attacks, the kind that inflict irreparable damage on a system or network, avoid the obvious routes into the secure fortress. more
Internet security has been a primary focus this week for more than 1100 engineers and technologists from around the world gathered at the 88th meeting of the Internet Engineering Task Force (IETF). Participants are rethinking approaches to security across a wide range of technical areas. more
Unlike ICANN, the National Telecommunications and Information Administration (NTIA) responded graciously, promptly and substantively to inquiries from the Center for Regulatory Effectiveness (CRE) regarding governance of the internet. CRE sent a letter to NTIA in mid-March asking about public access to documents prepared by ICANN under Memorandum of Understanding (MOU) with NTIA. NTIA provided a quick and clear response to CRE's questions. NTIA also reiterated its commitment to achieving transparency and accountability in ICANN's processes. NTIA's response to CRE, although clear and comprehensive, raised a number of important questions about ICANN and their governance of the internet. more
Back in November 2008 a colleague of mine, Neil Watson (Head of Operations at Entanet International Ltd), published an article on Entanet's opinion blog about the government's proposed plans to centrally store records of all electronic communications throughout the UK. The Interception Modernisation Programme (IMP) will be the largest surveillance system ever created in the UK and calls for a 'live tap' to be placed on every electronic communication in Britain including telephone calls, emails and visited websites. more
The recent ICANN meeting in Vancouver touched upon many issues important to ordinary Internet users: privacy in domain name registration; the cost and terms of .com domain names; internationalized domains; introduction of new domain suffixes. But there were few "ordinary Internet users" at the meeting. Few people can roam the globe to keep up with ICANN's travels, and not many more participate in online forums. more
Well, it's that time of year again. The time of year when I look back at all of the biggest domain news stories from the last twelve months, and also reflect on my predictions from last year. As expected, GDPR has had a major impact on the ability to access domain ownership information. And we did indeed see a number of M&A transactions over this last year. However, there wasn't a lot of new .Brand activity. This is one prediction where I may have missed the mark... more
Much has been said in recent weeks about various forms of cyber spying. The United States has accused the Chinese of cyber espionage and stealing industrial secrets. A former contractor to the United States' NSA, Edward Snowden, has accused various US intelligence agencies of systematic examination of activity on various popular social network services... These days cloud services may be all the vogue, but there is also an emerging understanding that once your data heads into one of these clouds, then it's no longer necessarily entirely your data; it may have become somebody else's data too... more
At a workshop held in late June in Montreal (Canada) -- Karl Auerbach had submitted some live coverage to CircleID --, the Internet Corporation for Assigned Names and Numbers (ICANN) had an in-depth look at various aspects of the Internet's WHOIS databases. These databases associate social information (like holders' names and contact information) with network identifiers, such as IP addresses and domain names. Current policy for these databases -- in particular in the generic top level domain area -- is part of ICANN's contracts with domain name retailers ("registrars") and database operators ("registries"), and permits for use of the data by arbitrary parties for arbitrary purposes. more
I was looking at the End User License Agreement to which Skype wants people to assent. I noticed the following odd provision (Section 3.2.4): You hereby grant to Skype a non-exclusive, worldwide, perpetual, irrevocable, royalty-free, sublicensable and transferable licence to Use the Content in any media in connection with the Skype Software, the Products and the Skype Website. more
If anyone needs another reason why the UN should not be in charge of the internet, they need look no further than the upcoming UNESCO conference on "Freedom of Expression in Cyberspace." The United Nations Education Scientific and Cultural Organization conference will discuss "whether universal free expression standards should be applied to the Internet and how free expression can be protected while respecting individual privacy, national laws and cultural differences." The conference is being held in preparation for the second phase of the UN's World Summit on the Information Society (WSIS)." more
The Equifax hack is understood to have compromised the personal data of over 140 million individuals. Although recent hacks of other businesses have affected more individuals, the personal data held by Equifax is significantly more sensitive than the data compromised in other hacks and includes Social Security numbers, birth dates, current and previous addresses and driver licence details... (Co-authored by Peter Davis and Brendan Nixon.) more
I keep hearing stories of people using "foldering" for covert communications. Foldering is the process of composing a message for another party, but instead of sending it as an email, you leave it in the Drafts folder. The other party then logs in to the same email account and reads the message; they can then reply via the same technique. Foldering has been used for a long time, most famously by then-CIA director David Petraeus and his biographer/lover Paula Broadwell. Why is foldering used? more
The DoC seems to have finally realized it went too far by using ICANN to serve the interests of some conservative groups, as mentioned in a previous post. The new story is now that the ICANN board did not reject the .XXX application as such, but only the agreement negotiated between ICM Registry and the ICANN staff at that time. How subtle these things are... more
Later today, Senator Conrad Burns, who chairs the U.S. Senate subcommittee responsible for supervising ICANN, will be holding a hearing on a number of issues.
At the beginning of the year, a press release called "Burns Unveils NexGenTen Agenda For Communications Reform and Security in the 21st Century", had reported:
"U.S. Sen. Conrad Burns (R-Mont.) announced his top priorities for his chairmanship of the Senate Communications Subcommittee during the 108th legislative session. The ten items, called the Burns NexGenTen Tech Agenda, aim to strengthen security and usher reform for 21st Century Communication... more
A World-Renowned Source for Internet Developments. Serving Since 2002.