ClamAV and the Case of the Missing Mail

Some email discussion lists were all atwitter yesterday, as Sourcefire's open-source anti-virus engine ClamAV version 0.94.x reached its end-of-life. Rather than simply phase this geriatric version out the development team put to halt instances of V0.94 in production yesterday, April 15, 2010. In other words, the ClamAV developers caused version .94 to stop working entirely, and, depending upon the implementation, that meant email to systems using ClamAV also stopped flowing. more

China Won’t Repeat Protectionist Past in Digital Realm

Google may have unnecessarily provoked a fight with China, but the Middle Kingdom better keep its wits, lest it repeat a sad protectionist history. Early last millennium China was the world's richest civilization and technology leader. It famously invented gunpowder, iron casting, paper, porcelain, printing, and gigantic nine-masted sailing vessels. Between 1405 and 1433, the great Muslim Chinese explorer Zheng He led seven expeditions in the South Pacific and Indian Oceans, reaching the coast of East Africa. China's naval fleet grew to 3,500 ships... more

DNS… Wait a SEC

Complete DNSSEC implementation requires that domains are authenticated at the root by the Registry, and that DNS zones and records are authenticated as well. Now before I go any further, let me begin by stating that I fully support the development and deployment of DNSSEC and that the vulnerabilities presented by Cache Poisoning are very real, especially for those websites collecting login credentials or other types of sensitive information. more

A Little Flexibility from ICANN and We Might Just Get IDNs… for Everyone

Nobody doubts that some time in the near future there will be Internationalized Domain Names (IDNs) in Chinese, Russian or Arabic scripts. The Chinese, Russian and Arabic-character-using worlds are large -- encompassing hundreds of millions of current and potential users. They are politically influential blocs, with the ability to demand action in international meetings. And perhaps most importantly, they are -- at least when taken together -- rich. Everybody knows that access on the web in these languages is not a matter of if, but simply a question of when... more

Cyber-Spin: How the Internet Gets Framed as Dangerous

At the beginning of this year, a set of powerhouse organizations in cybersecurity (CSO Magazine, Deloitte, Carnegie Mellon's CERT program, and the U.S. Secret Service) released the results of a survey of 523 business and government executives, professionals and consultants in the ICT management field. The reaction generated by this survey provides an unusually clear illustration of how cyber-security discourse has become willfully detached from facts. more

Comcast vs the FCC - A Reply to Susan Crawford’s Article

This is a reply to Susan Crawford's circleid article "Comcast v. FCC - "Ancillary Jurisdiction" Has to Be Ancillary to Something". I started writing a reply to her article, adding some comments I had and also reminding her that she'd predicted this herself, in an earlier circleid article, but it turned out long enough that I decided to submit it as a circleid post instead. On the whole, the facts agree with this CNET article. This court decision was correct, and expected... more

Apple’s Naked Self Interest

Any vendor in the platform business knows that their primary product is programming interfaces -- the so-called APIs that developers depend upon in order to deliver applications. The API exposes features of the platform, and differentiate applications running on that platform from all others. Lose control of the API, and you will lose control of the developer. Developers are the leading indicator for platform success. Ergo, lose the developer, lose the platform. more

More Provocative Reasons for a Mandatory National Breach Disclosure

I read, with some small amount of discomfort, an article by Bill Brenner on CSO Online, wherein he interviewed several other CSOs and other "Security Execs" on their opinions on the firing of Pennsylvania CISO Robert Maley. For those who haven't heard about this, Mr. Maley was fired for talking about a security incident during the recent RSA conference without approval from his bosses. more

Live Long and (Do Not) Prosper: Lessons and Reminders from Yesterday’s Wikipedia Outage

Yesterday's Wikipedia outage, which resulted from invalid DNS zone information, provides some good reminders about the best and worst attributes of active DNS management. The best part of the DNS is that it provides knowledgeable operators with a great tool to use to manage traffic around trouble spots on a network. In this case, Wikipedia was attempting to route around its European data center because... more

Comcast v. FCC - “Ancillary Jurisdiction” Has to Be Ancillary to Something

Big news today - Judge Tatel has written the D.C. Circuit's opinion in Comcast v. FCC, and Comcast wins. Bottom line: The FCC didn't have regulatory authority over Comcast's unreasonable network management practices because it failed to tie that authority to any express statutory delegation by Congress... more

AFNIC Publishes New Issue Paper on “the Secondary Market in Domain Names”

Loic Damilaville writes to report: Today AFNIC is publishing its new issue paper on the secondary market in domain names. The paper -- written to inform individuals as well as businesses -- gives a detailed account of the concept of "secondary market", the valuation mechanisms used, and the main players involved. The secondary market covers over-the-counter sales of already registered domain names, as well as the market in "second-hand domain names" and the ecosystem made up of the various players involved in these matters. more

ICANN Approves IDNs for China, Taiwan, Thailand, Sri Lanka…

A few weeks back I asked Where is China's IDN? ICANN not only answered my question about China, but also about a host of additional countries (and territory) that had applied for fast-track IDNs. Here are the most recent IDN (string evaluation) approvals... more

ISOC-NY Event: dot nyc - How Are We Doing? (Sat Apr 10)

Joly MacFie writes: Last October the NYC Department of Information Technology & Telecommunications (DoITT) issued a request for proposals for "services to obtain, manage, administer, maintain and market the geographic Top Domain name .nyc.". At ICANN's recent 37th meeting in Nairobi, consensus was reached on the "overarching" issue of intellectual property protection. This leaves only the issue of the final (4th) draft of the Applicants Guidebook, expected before the 38th meeting in Brussels in June 2010... more

Combining the ONT and Smart Meters

In my recent blog on utilities and the NBN I mentioned that the ultimate prize would be a combination of the ONT (Optical network terminal: the network interface device used in fibre-to-the-home applications, which operates as a demarcation point between the local loop of the carrier and the wiring in the user premises) and intelligent gateway the electricity company need for their smart meters and home energy networks. Perhaps I should expand on this a little... more

Accidentally Importing Censorship

With advancements in hardware and software, sophisticated filtering technologies are increasingly being applied to restrict access to the Internet. This happens at the level of both governments and corporations. .. given the open nature of the trust-based Internet, one country's restrictions, if not handled very carefully, can easily foul the global Internet nest we all live in. This blog is about one such story of Internet restrictions in China becoming visible (seemingly at random) from other parts of the world and going undetected for 3 weeks. more