Post Delegation Dispute: A Once Supportable Concept Proposed by the IRT is Now Unsupportable

This comment is being presented in my personal capacity and does not represent the views of my employer (Neustar, Inc.) and its subsidiaries or affiliates, or the Implementation Recommendations Team. Ok. I admit it. I supported the concept of a post delegation dispute resolution process for generic Top-Level Domains (gTLD) Registries. I served as the only gTLD registry member of the Implementation Recommendation Team (IRT) appointed by the Intellectual Property Constituency of the Generic Names Supporting Organization of ICANN. I was one of the authors of the IRT Recommendation in favor of a Post Delegation Dispute Resolution Procedure. more

Skype’s End User License Agreement

I was looking at the End User License Agreement to which Skype wants people to assent. I noticed the following odd provision (Section 3.2.4): You hereby grant to Skype a non-exclusive, worldwide, perpetual, irrevocable, royalty-free, sublicensable and transferable licence to Use the Content in any media in connection with the Skype Software, the Products and the Skype Website. more

Misconfiguration Brings Down Entire .SE Domain in Sweden

A incorrect configuration within Swedens .SE zone caused temporary shutdown of all websites under the country code top-level domain. Web monitoring company, Royal Pingdom, also located in Sweden reports: "Last night, a routine maintenance of Sweden's top-level domain .se went seriously wrong, introducing an error that made DNS lookups for all .se domain names start failing. The entire Swedish Internet effectively stopped working at this point. Swedish (.se) websites could not be reached, email to Swedish domain names stopped working, and for many these problems persist still..." more

Securing a Domain: SSL vs. DNSSEC

There has been quite a bit of talk lately about the best way to secure a domain, mainly centered in two camps: using Secure Socket Layer (SSL), or using DNS Security Extensions (DNSSEC). The answer is quite simple -- you should use both. The reason for this is that they solve different problems, using different methods, and operate over different data. more

Yahoo, Gmail, Hotmail Compromised - But How?

One of the bigger news stories is that of 10,000 usernames and passwords of Hotmail users were posted this past week, victims of a phishing scam... It seems unlikely to me that this would be a hack where someone would break into Hotmail's servers and access the account information that way. It is much more likely that the spammers got the information by social engineering. Why is this more likely? For one, they'd have to get past all of the firewalls and security measures that Microsoft/Hotmail have to keep intruders out. more

An Authenticated Internet

Discussions around DNSSEC are so often focused on the root, the attacks, what DNSSEC does and doesn't do and so on -- and these are all valid and important points. But there is far less attention focused on the opportunities that will surface from an authenticated internet. ...DNSSEC is becoming more of a reality now -- rather than a technical discussion which has been stuck in the mud for 15 years. We can now begin to think about new opportunities to build from a secure DNS, opportunities that build on the certainty that you have arrived at the correct website. Today, you can't be sure. more

ICANN’s Positive Affirmation: Good News for Africa and Emerging Markets

Sometimes you get what you are asking for. And this seems to be one of those occasions... and the US government can give itself a pat on the back for having listened to other stakeholder opinions. For years the world of Internet governance has been seen as its own special corner of the technosphere, full of arcane acronyms and quiet power deals. Despite efforts to make ICANN and the broader Internet community more transparent and user-friendly, many observers, including many African governments, still saw the stage as too much of an insider's game -- with the ultimate insider being the US Department of Commerce. more

ITU Putting Global Cyber Security on Top of Its Agenda

Lisa Schlein of the Voice of America reports: "A new system for tackling the growing number of Global Cyber Attacks has been unveiled at ITU Telecom World 2009, a mammoth exhibition, which showcases the latest advances in ICT or information and communications technology. The International Telecommunications Union, which is sponsoring the event, has put global cyber security at the heart of its agenda. 'As you well know, the next world war could happen in the cyber space and that would be a catastrophe,' said ITU secretary-general, Hamdoun Toure." more

Is America Getting More Like China?

Since Obama became President -- and yes, I voted for him -- there has been a great deal of optimism and energy around the idea that the Internet can be used to improve or "reboot" our democracy. The Administration has hired some great people to work on making government more open and transparent. This is all great. But how much good will all of this nifty e-government do for American democracy if citizens' rights to privacy and free expression are not also fiercely defended? more

Risk of Portfolio Approach to Cybersquatting

A secret weapon is falling into dangerous hands. Organized cybercriminals are building up portfolios of cybersquatting domain names. A smart operator with such a portfolio can go beyond simple stealing and competing full out for traffic and revenues. Rightful brand owners, feeling the squeeze, will find out too late that the bandits have the money to fight legal action. The time to act is now, before pieces of the playing field have been bought up by the enemy. more

Wrong on the “Exaflood,” Wrong on Network Neutrality

In 2007, Johna Till Johnson, president of Nemertes Research, published a paper that hyped a so-called "Exaflood" - a kooky Discovery Institute idea about how the Internet would drown in its own data. The Nemertes press release on the paper was widely reported in newspapers. It described itself as a "... landmark study ... groundbreaking analysis ... evidence the exaflood is coming... It said: "The findings indicate that by 2010 ... users could increasingly encounter Internet "brownouts" or interruptions to the applications they've become accustomed to using on the internet." more

Google Exec: ISPs Must Get Tough on Malware Infested Computers on Their Networks

Ryan Naraine reporting at Threatpost: "Head of Google's anti-malvertising team Eric Davis wants Internet Service Providers (ISPs) to look beyond profits and take a more proactive approach to dealing with malware-infested computers on their networks. During a keynote presentation at the Virus Bulletin conference here, Davis said competitors in the ISP space must look beyond profits and partner on new initiatives to deal with the "parasites" that have taken control of the Internet landscape." more

Net Neutrality, Health Care, and “The Customer is Always Wrong!”

The surest way to screw up future innovative applications would be for ISPs to make constraining assumptions about the future based on existing applications' performance. Discussing P2P behavior as if it were some monolithic, unchanging entity is simply wrong. What is P2P? BitTorrent? Skype? CNN live video feed fan-outs? And what of changes to these existing apps? What of future apps? more

ICANN Releases New gTLD Applicant Guidebook ...Would Apple Need Permission from China for .MAC?

The much-anticipated New gTLD Draft Application Guidebook is out! ICANN has released Version 3. Lots of changes, some minor, some large. All worth reading if you're a potential applicant or just interested in the promise of new Top-Level Domains (TLDs). The public comment period clock started October 4, and runs until November 22 of this year. more

DHS Asks Citizens to Practice Good “Cyber Hygiene”

Kicking off the sixth annual National Cybersecurity Awareness Month this October, the Department of Homeland Security (DHS) has urged computer users to practice good "cyber hygiene". The campaign was given a boost Wednesday when the Senate passed resolution 285 to support its goal to make U.S. citizens more aware of how to secure the internet. DHS has also announced that is has been given new authority to recruit and hire up to 1,000 cybersecurity professionals across the department to fill roles such as: cyber risk and strategic analysis; cyber incident response; vulnerability detection and assessment; intelligence and investigation; and network and systems engineering. more