/ Recently Commented
IP Blocklists, Email, and IPv6
Engineers in the Internet Engineering Task Force, in the Messaging Anti-Abuse Working Group, and elsewhere have been debating how to handle e-mail-server blocklists in an IPv6 network. Let's take a look at the problem here. We basically have three ways to address spam, in our goal of reducing the amount of spam in our inboxes... more
- Barry Leiba
- Comments: 10
- Views: 15,470
Digging Through the Problem of IPv6 and Email - Part 3
One idea to make the problem of mail more manageable is to restrict the address space that is allowed to send mail. In an ideal world, we'd restrict where mail mail servers could send mail from. So, if we say that the number of individual mail servers in the world will probably never exceed 32 million (not unreasonable), or 2^25, then what if the 25 least significant bits were reserved for mail servers? more
- Terry Zink
- Comments: 5
- Views: 14,792
Real. Or. Phish?
After Epsilon lost a bunch of customer lists, I've been keeping an eye open to see if any of the vendors I work with had any of my email addresses stolen -- not least because it'll be interesting to see where this data ends up. Recently I got mail from Marriott, telling me that "unauthorized third party gained access to a number of Epsilon's accounts including Marriott's email list."... more
- Steve Atkins
- Comments: 3
- Views: 9,799
Registrar Stakeholder Group in GNSO Works Against the ICANN Multistakeholder Social Compact
One of the essential features of the social compact that makes ICANN viable in its stewardship of the Domain Name system is that the operations of the Contracted Parties, i.e. Registrars and Registries, are governed by the cooperation of the contracted parties and the non-contracted parties, i.e. the stakeholders, in the creation of policy. In ICANN, contracts and other agreements are the method by which this policy is instantiated. more
- Avri Doria
- Comments: 1
- Views: 9,573
Top Public DNS Resolvers Compared
At ThousandEyes, we've always been curious about the performance of various public DNS resolvers -- especially since Google threw their hat in the ring back in 2009. We satisfied our curiosity this week, so we thought we'd share the results. Here's how we did it. more
- Michael Meisel
- Comments: 10
- Views: 124,103
ESP Compromises and Their Lack of Security
Over at Word to the Wise, Laura Atkins has a post up where she talks about the real problem with ESPs and their lack of internal security procedures which resulted in the breach of many thousands of email addresses (especially Epsilon). However, Atkins isn't only criticizing ESP's lack of security but also the industry's response wherein they have suggested countermeasures that are irrelevant to the problem. more
- Terry Zink
- Comments: 3
- Views: 10,177
A Phased Array Early Warning System
The following is a proposal for an "Early Warning" system to resolve one of the remaining impasses between the ICANN Board and the ICANN Governmental Advisory Committee (GAC) as identified in the GAC Scorecard. Based upon phased array radar technology, this proposal is designed to incorporate multiple discrete evaluation phases into the new generic Top-Level Domain (gTLD) program to provide an integrated and comprehensive early warning system for the GAC in providing advice to the ICANN Board, potential applicants, and the broader Internet community. more
- Michael D. Palage
- Comments: 2
- Views: 11,460
Impenetrable Processes and Fool’s Gold at ICANN
A couple of weeks ago, I attended part of the ICANN meeting in San Francisco. I've been watching ICANN and been peripherally aware of their issues since the organization began, but this was my first chance to attend a meeting. What I learned is that ICANN is a crazy behemoth of a bureaucracy, steeped in impenetrable acronyms and processes that make it nearly impossible for someone new to get up to speed. The best example of this is the recent approval of the .XXX top-level domain. more
- J.D. Falk
- Comments: 6
- Views: 13,274
Missing in Action - ICANN’s 2010 Annual Report
In preparation for some upcoming long-haul international flights, I was looking for some "light" ICANN reading material. One document that came to mind was ICANN's 2010 Annual Report. Over the last four years ICANN has produced a year end report. While this document was probably originally conceived as a means to demonstrate ICANN's progress... more
- Michael D. Palage
- Comments: 15
- Views: 12,017
Still Missing in Action
After wading through the various IANA Notice of Inquiry (NOI) submissions I thought I would take a break and do a secondary review of the recently concluded ICANN regional meeting in San Francisco. In doing this review there were three things that kind of jumped out at me as still missing in action. more
- Michael D. Palage
- Comments: 2
- Views: 10,871
Why the Fukushima Analogy Was Apt
A few days ago, CAUCE published a blog post entitled "Epsilon Interactive breach the Fukushima of the Email Industry" on our site, and the always-excellent CircleID. A small coterie of commenters was upset by the hyperbolic nature of the headline. Fair enough, an analogy usually has a high degree of probability that it will fail, and clearly, no one has died as a result of the release of what appears to be tens of millions of people's names and email addresses. But, the two situations are analogous in many other ways, and here's why. more
- Neil Schwartzman
- Comments: 1
- Views: 9,628
.WHO Top-Level Domain Could Be a Bad Idea
Yesterday, taking a look at the "Legal Rights Objection" (3.1.2.2) I read : "An intergovernmental organization (IGO) is eligible to file a legal rights objection if it meets the criteria for registration of a .INT domain name". Taking a look at registered .INT domain names, I found Basel Convention on the Control of Transboundary Movements of Hazardous Wastes and their Disposal... more
- Jean Guillon
- Comments: 1
- Views: 13,532
Garth Bruen Discussing Whois, DNSSEC and Domain Security
NameSmash has interviewed Garth Bruen, Internet security expert and creator of Knujon, on some key issues under discussion during the recent ICANN meetings in San Francisco. Topics include Whois, DNS Security Extensions (DNSSEC) and generic Top-Level Domains (gTLDs) -- issues of critical importance particularly with ICANN's expected roll-out of thousands of new gTLDs in the coming years. more
- Garth Bruen
- Comments: 5
- Views: 17,132
Epsilon Interactive Breach the Fukushima of the Email Industry
A series of attacks on the Email Service Provider (ESP) community began in late 2009. The criminals spear-phish their way into these companies that provide out-sourced mailing infrastructure to their clients, who are companies of all types and sizes. ... On March 30, the Epsilon Interactive division of Alliance Data Marketing (ADS on NASDAQ) suffered a massive breach that upped the ante, substantially. Email lists of at least eight financial institutions were stolen. more
- Neil Schwartzman
- Comments: 1
- Views: 15,433
Moore’s Law and the Economics of Abundance
Moore's Law explains why the price of everything electronic keeps going down; but now Moore's Law is starting to have an effect on much more than technology prices. The costs of energy, medicine, law, education, financial transactions, and government itself are falling because of Moore's Law's relentless progress. But these cost decreases are not being fully reflected in the prices we pay for all these things. more
- Tom Evslin
- Comments: 4
- Views: 18,334