EFF on Goodmail: Further Confusing an Already Confused Issue

Cindy's piece on the EFF website seems to be a bit of a pastiche, with elements taken out of various articles (some outright wrong, some merely misinformed) that have been doing the rounds of the media for quite a while now about Goodmail. She started off comparing AOL and Goodmail with the old email hoax about congress taxing email. That same line was used in a CircleID post by Matt Blumberg, CEO & Chairman of Returnpath... Various other quotes from different places - Richard Cox from Spamhaus on CNN for example. However a lot of the quotes in those articles are being based on wrong or out of context assumptions, starting with one that goes "AOL is going to remove all its existing whitelists and force people to use Goodmail". more

How Bad is Goodmail?

Goodmail Systems made a big splash last week when AOL and Yahoo announced that they will be giving preferential treatment to mail that uses Goodmail's CertifiedEmail service, claiming (implausibly) that this has something to do with stopping spam... Since Goodmail charges senders for each message, some people see this as the end of e-mail as we know it. I have my concerns about Goodmail, but a lot of the concerns are either overblown or based on bad reporting... more

Internet Governance: An Antispam Perspective

All those Internet Governance pundits who track ICANN the way paparazzi track Paris Hilton are barking up the wrong tree. They've mistaken the Department of Street Signs for the whole of the state. The real action involves words like rbldnsd, content filtering, and webs of trust. Welcome to the Internet! What's on the menu today? Spam, with some phish on the side! We've got email spam, Usenet spam, IRC spam, IM spam, Jabber spam, Web spam, blogs spam, and spam splogs. And next week we'll have some brand new VoIP spam for you. Now that we're a few years into the Cambrian explosion of messaging protocols, I'd like to present a few observations around a theme and offer some suggestions. more

Worm Propagation Strategies in an Ipv6 Internet

A recent paper called "Worm Propagation Strategies in an IPv6 Internet", written by Steven M. Bellovin, Angelos Keromytis, and Bill Cheswick, examines whether or not the deployment of IPv6 will in fact provide a substantial level of barrier against worms. Shared below are the introductory paragraphs from this paper. "In recent years, the internet has been plagued by a number of worms. One popular mechanism that worms use to detect vulnerable targets is random IP address-space probing..." more

The Villain in the ICANN-VeriSign Struggle is the U.S. Government

ICANN Board Chair Vint Cerf now works for a company whose motto is, "Do No Evil." So how could Vint and his fellow board members be engaged in a massive capitulation to the enterprise greed of dot-com operator VeriSign? The story of how the Internet community got to its current impasse over the future of the ICANN-VeriSign relationship is overly complicated but the bottom line is that we are suffering from woes created by the U.S. Government with the best of intentions over the past fifteen years. And only the government has the capacity to stop equivocating and do the right thing for all of us. The road to hell is paved with good intentions... more

Behind the Smoke Screen of Internet and International Infrastructure

In my recent write-up I start by discussing some recent threats network operators should be aware of, such as recursive DNS attacks. Then, a bit on the state of the Internet, cooperation across different fields and how these latest threats with DDoS also relate to worms and bots, as well as spam, phishing and the immense ROI organized crime sees. I try and bring some suggestions on what can be done better, and where we as a community, as well as specifically where us, the "secret hand-shake clubs" of Internet security fail and succeed. Over-secrecy, lack of cooperation, lack of public information, and not being secret enough about what really matters. more

Sponsored TLD Unnecessary? Ron Andruff Responds to Forrester Research

A recent report released by Forrester Research last week has put the .travel sponsored top-level domain under the microscope -- calling the sTLD "Nice, But Not Necessary". Although this 4-page report (sold for US$49.00) has singled out the .travel domain, its critical arguments might very well apply to the nature of most sponsored top-level domains currently in existence -- or under review: '.mobi', '.jobs', '.museum', '.coop', '.xxx' and others. CircleID has invited Ron Andruff, President and CEO of Tralliance, the registry for .travel, to respond to arguments made in this report. more

The Credible Threat

If you have been following the debate over Internet governance over the past few years, you know that while ICANN supporters (U.S., Canadian, Australian governments; business lobby) and critics (developing world and occasionally Europe) argue over the optimal approach, particularly with respect to government involvement in the domain name system, the reality has been that possession is all. ...The alternate root has always lurked in the background as a possibility that would force everyone to rethink their positions since it would enable a single country (or group of countries) to effectively pack up their bags and start a new game. ...It is with that background in mind that people need to think about a press release issued yesterday in China announcing a revamping of its Internet domain name system. Starting tomorrow, China's Ministry of Information Industry plans to begin offering four country-code domains. more

Chinese Alternate Root as a New Beginning and Real Internet Governance

I suppose not many have been listening to Paul Vixie or surfing from China, I have done both. The Chinese "alternate root" has been going on for a while. China is creating an alternate root, which it can control while using the Chinese language. I doubt I need to tell any of you about ICANN, VeriSign, Internet Governance, alternate roots or the history of these issues. Everyone else will. Unlike most of my colleagues, I hold a different opinion on the subject and have for some time. China launches an alternate root? It's about time they do, too! more

China’s New Domain Names: Lost in Translation

This morning I got a bunch of alarmist messages from friends asking about this English-language People's Daily article titled: China adds top-level domain names. The paragraph that's freaking people out is: "Under the new system, besides "CN", three Chinese TLD names "CN", "COM" and "NET" are temporarily set. It means Internet users don't have to surf the Web via the servers under the management of ICANN..." Not for the first time, it appears that the People's Daily's English translation is very misleading. more

A Day Which Will Live in Infamy: ICANN Board Approves VeriSign Settlement

ICANN's Board voted to accept the latest settlement proposal by a vote of 9 to 5: "Today, ICANN's Board of Directors approved, by a majority vote, a set of agreements settling a long time dispute between ICANN and VeriSign, the registry operator for the .COM registry. These settlement documents include a new registry agreement relating to the operation of the .COM registry..." more

The Future of Some Email May Not Use Email

Paul McNamara quotes me extensively in this piece on the EFF protest of Goodmail. When I say "the EFF has lost its mind", i really mean "the EFF has lost its way". In the early days, the EFF was about preventing the government from ruining the Internet commons, and preventing the government from putting walls on the frontier. These days, the EFF is more about preventing companies who have no power to regulate from doing things the EFF doesn't like. That is a huge change, and one that makes the EFF much less worthy of support... more

Report on DNS Amplification Attacks

In this newly released paper Randal Vaughn and Gadi Evron discuss the threat of Distributed Denial of Service (DDoS) attacks using recursive DNS name servers open to the world. The study is based on case studies of several attacked ISPs reported to have on a volume of 2.8Gbps. One reported event indicated attacks reaching as high as 10Gbps and used as many as 140,000 exploited name servers. more

ICANN Meeting: The Road to Wellington

What would it take for this upcoming meeting to be a success? I am a big believer in ICANN's core principles, and in the forum it provides for private self-governance of domain names and numbers. I think the ICANN model continues to have great potential as a form of governance. For this meeting to be a success for me, personally, I'd like to see those core principles made more visibly operational -- or at least see a start made on this effort. I'm putting a stake in the ground with these posts, and we'll see whether progress happens or not. more

Latest Turn of Events on .XXX, from ICANN Wellington

As the ICANN's week-long meeting in Wellington, New Zealand is now fully underway, the approval of the proposed .XXX top-level domain (TLD) continues to remain a key topic of discussion and its eventual approval yet uncertain. The .XXX TLD was widely expected to receive its final approval at the ICANN's last meeting held in Vancouver about 4 months earlier but the discussion was unexpectedly delayed as the organization and governments requested more time to review the merits of setting up such a domain. Stuart Lawley, president of the would-be .XXX operator ICM Registry LLC offers his comments from Wellington. more