When a sniper ends the life of soldier Paul Bäumer in Remarque's "All Quiet on the Western Front," a laconic situation report from the frontlines recounts an unusually quiet day. In the grand scheme of things, nothing worth reporting has happened. Reading David Kravets' recent article in Wired brought this upsetting ending to mind. U.S. authorities taking down individual domains based on copyright infringement charges is the online equivalent of Remarque's allied snipers: picking off the occasional domain - for better or worse - has little effect on the overall situation. more
In case you haven't been watching cyber news recently, last week various security researchers published that Macs were infected by the Flashback Trojan and that the total number of infections worldwide was 600,000. This number was published by a couple of blogs. I debated writing about this topic since we had a previous Mac outbreak last year that initially spiked up, caused Apple to go into denial about the affair before issuing a fix, and then the malware kind of went away. Will this follow the same pattern? more
Today is April 12 2012. It's also meant to be the day that the new TLD application window closes. Now it's not. ICANN has spectacularly failed to manage the new TLD process and will miss its own deadline by over a week... In a rather badly worded announcement ICANN states that it's extending the deadline for online applications (the only way to apply) until April 20th at 23:59 UTC. more
Like the scene of a movie in which a biblical character holds back the mighty sea and is about to release the tide against his foes, BYOD has become a force of nature poised to flood those charged with keeping corporate systems secure. Despite years of practice hardening systems and enforcing policies that restrict what can and can't be done within the corporate network, businesses are under increasing (if not insurmountable) pressure to allow a diversifying number of personal devices to connect to their networks and be used for business operations. more
Most of the good thrillers I tend to watch have spies and assassins in them for some diabolical reason. In those movies you'll often find their target, the Archduke of Villainess, holed up in some remote local and the spy has to fake an identity in order to penetrate the layers of defense. Almost without exception the spy enters the country using a fake passport; relying upon a passport from any country other than their own... So, with that bit of non-fiction in mind, why do so many people automatically assume that cyber-attacks sourced from IP addresses within China are targeted, state-sponsored, attacks? more
Does the "technical issue" announced today in ICANN's TLD Application System (TAS) and the subsequent extension of the submission deadline call into question the stability and integrity of the new gTLD program? This development underscores the notion that ICANN could consider a more metered and staged approach to the introduction of gTLDs... more
While a great deal of attention has recently been paid to the enormous amount of change that is taking place at the edge of the network with smartphones, tablets, apps, Web2.0 etc, massive changes are also underway on the network side. The current network has been designed over a period of thirty years and it is due for a serious overhaul to keep abreast of changes in the industry in general. more
This morning, Global Payments held a conference call with investors and analysts covering their earlier breach announcement and projected earnings. Global Payments had also released an update advisory yesterday stating that "the company believes that the affected portion of its processing system is confined to North America and less than 1,500,000 card numbers have been exported" and that only Track 2 card data may have been stolen. more
In our continuing review of Rogue Registrars we have stumbled upon on a very elaborate fake banking site for "Swiss Bank" or "Bank of Switzerland". To the casual Internet consumer this site probably appears legitimate, but a number of clues tip off the fraud. Phishing sites are everywhere so this does not immediately raise eyebrows until you review the Thick WHOIS record for the domain. more
One fine night in November 2011 I got an opportunity to get my hands dirty, working on a project for the United States Federal Bureau of Investigation (FBI). They were planning to seize a bunch of computing assets in New York City that were being used as part of a criminal empire that we called "DNS Changer" since that was the name of the software this gang used to infect a half million or so computers. more
I opined about a year ago that DNS blacklists wouldn't work for mail that runs over IPv6 rather than IPv4. The reason is that IPv6 has such a huge range of addresses that spammers can easily send every message from a unique IP address, which means that recipient systems will fire off a unique set of DNSBL queries for every message... Now I'm much less sure this will be a problem... more
On January 18, 2012, Comcast customers found they could not access the NASA.gov website. Some users assumed that Comcast was deliberately blocking the website or that NASA, like Wikipedia and Reddit, was participating in the "blackout" protests against the Stop Online Piracy Act (SOPA) going on that day. As it turned out, the truth was much less exciting, but it offers important lessons about DNSSEC. more
ICANN's policy on the special protection of the Red Cross and the International Olympic Committee (IOC) names has triggered a very lively discussion including contributions by Konstantinos Komatis, Milton Muller, Wolfgang Kleinwächter, and myself (with Avri Doria's reply). There is an agreement that the exceptions are dangerous for ICANN's gTLD policy process which is in a formative and delicate phase. more
The explosion in mobile communications in the developing world has created social and economic changes that have exceeded all expectations and predictions -- even those made as recently as five years ago. There are still countries lagging behind, but now is the time to move on to the next stage -- and that means broadband. Already the developed world is showing an enormous appetite for mobile broadband, so the demand is most certainly there. The rapid development of low cost Smartphone, projected to approach $50 soon... more
No, that title is not a typo. The WHOIS service and the underlying protocol are a relic of another Internet age and need to be replaced. At the recent ICANN 43 conference in Costa Rica, WHOIS was on just about every meeting agenda because of two reasons. First, the Security and Stability Advisory Committee put out SAC 051 which called for a replacement WHOIS protocol and at ICANN 43, there was a panel discussion on such a replacement. The second reason was the draft report from the WHOIS Policy Review Team. more