Feds Ask for DNSChanger Deadline Extension As Millions of PCs Could Be Cut Off from the Web

Brian Krebs reporting in Krebs on Security: "Millions of computers infected with the stealthy and tenacious DNSChanger Trojan may be spared a planned disconnection from the Internet early next month if a New York court approves a new request by the U.S. government. Meanwhile, six men accused of managing and profiting from the huge collection of hacked PCs are expected to soon be extradited from their native Estonia to face charges in the United States." more

Anonymous Plans to Go After DNS Root Servers. What Will Be the US’s Response?

The other day on pastebin, snippets of an email conversation were posted with members of the hacking group Anonymous discussing plans to conduct DOS attacks against the Internet's root name servers... Going after the Internet's root servers is a very bold move by Anonymous. Whereas before they were "merely" breaking into companies that they believed were acting contra to the hacker ethic, going after the Internet infrastructure is another thing altogether. Why? more

Google’s Free Public DNS Load Tops VeriSign, Raising Dot-Com Contract Tender Question

Google revealed on its official blog today that it is handling an average of more than 70 billion requests per day on its free Public DNS service. According to VeriSign's latest public statistics, it is handling only an average of 59 billion DNS requests per day, less than that handled by Google. more

Spectrum Crisis: Wireless Auctions Preferred Method

Talk, conjecture and analysis have predicted a wireless spectrum crisis for years. The official word seems to project a culmination of dropped calls, slow loading of data, downright network access denials as impending by 2015. If so, then we should look at the current argument about how that additional spectrum can be disseminated to wireless carriers in a fair and balanced fashion. more

MegaBust’s MegaQuestions Cloud the Net’s Future

Mid-January 2012 marked a major inflection point for digital copyright policy in the United States... Yet no one involved with Congressional interaction on either side of the issue believes it has been sidetracked for long, and "Hollywood" and "Silicon Valley" are both plotting their next moves in this high-stakes game to further define the responsibilities and potential liabilities... The resolution of this dispute will determine the ability of Internet services to move to "the cloud"... more

Debilitating Cyber Attack: Not If, But When?

We all know how easy it can be to ignore or underestimate the possibly, or even likelihood, of a terrorist attack; just remember what happened on 9-11. That seems to be just what the U.S. is doing when it comes to a possible Cyber-Attack, no not in other countries, but right here at home where targets like private sector companies, who provide vital economic and emergency services to our population using broadband infrastructure, and are woefully under-secured for such attacks. more

How Frequently Do Botnets Reuse IP Addresses?

I wonder how much botnets reuse IP addresses. Do they infect a system and spam, get blocked, discard the IP and move onto the next (new) one? This means that they have a nearly unlimited supply of IP addresses. Or do they infect a system and spam, get blocked, and then let it go dormant only to awaken it some time later? I decided to take a look. more

SEC Filing Reveals Facebook Network Equipment Valued Over $1B at Close of 2011

"Facebook reported in its SEC filing that it owns 'network equipment' valued at $1.016 billion at the close of 2011," reports Rich Miller of Data Center Knowledge. "The number reflects the expense of rapidly building a massive Internet infrastructure, including Facebook's shift from buying vendor gear and leasing data centers to building its own servers, racks and custom data centers." more

Phish or Fair?

It shouldn't be a big surprise to hear that phishing is a big problem for banks. Criminals send email pretending to be a bank, and set up web sites that look a lot like a bank. One reason that phishing is possible is that e-mail has no built in security, so that if a mail message comes in purporting to be from, say, accounts@bankofamerica.com, there's no easy way to tell whether the message is really from bankofamerica.com, or from a crook. more

Is ICANN Opening up Public Comment Periods in Bad Faith?

I read with interest that ICANN opened up yet another comment period on new TLDs. I believe that I speak for many when I question whether ICANN is opening up these comment periods in good faith, or instead whether these are smokescreens, mere distractions to pretend that ICANN is "listening" to the public while staff and insiders proceed with predetermined outcomes. more

Reducing Unreachable ICANN Registrations

Recently ICANN published a report on inaccurate registration data in her own databases. Now the question is presented to the world how can we mitigate this problem? There seems to be a very easy solution. ... The question to this answer seems simple. To know who has registered with an organisation. This makes it possible to contact the registered person or organisation, to send bills and to discuss policy with the members. more

New gTLD Application Monitoring? Now?

Why in the world would any company sign-up for a "New gTLD Application Monitoring Service" when ICANN intends to publicly post all applications on May 1st? Domain Name Watching and Trademark Watching Services make perfect sense when new registrations and applications are being submitted and granted on a daily basis. I think that we can all easily agree that trying to understand new domain name and trademark registrations without an automated service would be nearly impossible. more

World Notices That Verisign Said Three Months Ago That They Had a Security Breach Two Years Ago

The trade press is abuzz today with reports about a security breach at Verisign. While a security breach at the company that runs .COM, .NET, and does the mechanical parts of managing the DNS root is interesting, this shouldn't be news, at least, not now. Since Verisign is a public company, they file a financial report called a 10-Q with the SEC every quarter. According to the SEC's web site, Verisign filed their 10-Q for June through September 2011 on October 28th. more

CRIDO Sells “Do Not Sell List”

Coalition for Responsible Internet Domain Oversight, or CRIDO, released a plan they called a "peacemaker" three days before the Jan. 12th, 2012 launch, which would allow brands to begin the ICANN application process but would allow organizations and companies the opportunity to place their brand names, without cost, on a temporary "do not sell" list. ICANN so far has not responded to the "do not sell" list, and CRIDO is getting restless and threatening lawsuits. more

Value or Love for New gTLDs?

ICANN has started its historic and controversial program to expand the number of generic Top-Level Domains (gTLDs). This essay outlines the factors needed for the program to create economic value, warns against a cognitive trap that complicates selection of a new gTLD and considers the value contribution of the registries. I will not go into relevant macro measures, but I examine the problems associated with the popular measure of simply counting the number of registrations. more