/ Recently Commented

Principles for Internet Policy

Last Comment: Oct 10, 2003

Of all the candidates for the Democratic nomination, Howard Dean raised the most amount of money over the Internet. On March 15th, the Dean campaign launched the first official weblog in presidential campaign history, six days after Dean himself first stumped in the blogosphere. What follows are Dean's principles for Internet Policy.

This nation -- and not just this nation -- needs to have an honest conversation about what's real, possible and desirable when it comes to the gift of the Internet. Conversations need shared ground. Here are the beliefs we think should guide the development of a fact-based federal policy. We put these forward as part of a continuing Great American Conversation. more

SECSAC Special Meeting on Site Finder: A Technical Analysis

Last Comment: Oct 09, 2003

After attending the afternoon ICANN Security & Stability Committee meeting, I realized that the issues involved fall into several related but independent dimensions. Shy person that I am *Cough*, I have opinions in all, but I think it's worthwhile simply to be able to explain the Big Picture to media and other folks that aren't immersed in our field. In these notes, I'm trying to maintain neutrality about the issues. I do have strong opinions about most, but I'll post those separately, often dealing with one issue at a time. more

EDUCAUSE Prepares Mass Purge of .EDU Domains

Last Comment: Oct 09, 2003

EDUCAUSE, the exclusive registry operator and registrar of .edu domain names under a Cooperative Agreement with the U.S. Department of Commerce, is preparing a mass purge of .edu domain names. The organization says it is part of the final phase in a year long project to improve the accuracy of the WHOIS database for the .edu space. more

Status After ‘Hurricane SiteFinder’: Is It Over?

Last Comment: Oct 08, 2003

After roughly 19 days of its introduction, VeriSign's Site Finder service was finally shutdown on October 4, 2003 following a "Formal Deadline" issued by ICANN (previously reported here). With the plug pulled, the Internet appears to be returning to its regular status ending a historic event that can be best described as a 'Hurricane' -- a Cyber-Hurricane. What follows is a collection of commentaries and questions raised around the Net in response to this event during and after the final hours of VeriSign's deadline... more

The Aftermath: How ISPs Responded to Site Finder Around the World

Last Comment: Oct 06, 2003

During the 2+ weeks for which Site Finder was operational, a number of ISPs took steps to disable the service. A study just released reveals details and analysis, including specific networks disabling Site Finder during its operational period. For example, China blocked the traffic at its backbone, and Taiwan's Chunghwa Telecom and Korea's DACOM also disabled the service. US ISPs seem to have been slower to act, in general -- but US ISP Adelphia disabled the service September 20-22 before re-enabling it on September 23. more

Reaction to VeriSign’s New 36-Hour Deadline

Last Comment: Oct 05, 2003

ICANN today has made a formal demand stating: "Given the magnitude of the issues that have been raised, and their potential impact on the security and stability of the Internet, the DNS and the .com and .net top level domains, VeriSign must suspend the changes to the .com and .net top-level domains introduced on 15 September 2003 by 6:00 PM PDT on 4 October 2003. Failure to comply with this demand by that time will leave ICANN with no choice but to seek promptly to enforce VeriSign's contractual obligations." What follows is a collection of commentaries made around the net and by experts in response to today's announcement...
 more

Special Coverage: Domains Gone Wild!

Last Comment: Oct 04, 2003

In light of the recent events caused by VeriSign's release of Site Finder for .net and .com domain names, CircleID is carrying out a 'Site Finder Special Coverage' and asking all stakeholders (all individuals and organization that own domain names or provide services) to submit their comments 'in favor' or 'against' Site Finder. All comments gathered will be posted on CircleID and distributed to key members of industry. more

Can VeriSign Sue You Over SiteFinder?

Last Comment: Oct 03, 2003

Attention so far has been focusing on the ethics of the move (positively satanic), its effects on DNS and non-Web applications (Considered Harmful), and on possible technical responses (Software Aimed at Blocking VeriSign's Search Program). On the legal side of the fence, though, we're not just talking about a can of worms. We're talking about an oil drum of Arcturan Flesh-Eating Tapeworms. more

President of Tucows in Response to SiteFinder

Last Comment: Oct 01, 2003

I have been thinking a lot about stewardship lately in my role as CEO of Tucows and how that relates to employees, a board of directors and investors. Where I've got to, which is not necessarily relevant for this post, is that stewardship needs to exist at EVERY level of a company and a life. With the recent dustup created by Verisign's new Sitefinder service it has crystallized for me what has always bothered me about the .com/.net registry and the way Verisign has approached it.
 more

Petition Against Site Finder

Last Comment: Oct 01, 2003

We Internet users, who either own domain names or have an interest in the domain name system, wish to object to the VeriSign's Site Finder system. We believe that the system: 1) Breaks technical standards, by rewriting the expected error codes to instead point to VeriSign's pay-per-click web directory, and threatens the security and stability of the Internet; 2) Breaks technical standards affecting email services, and other Internet systems... more

ALAC Statement on Site Finder

Last Comment: Oct 01, 2003

The ICANN At-Large Advisory Committee would like to bring to ICANN's attention concerns about VeriSign's surprising roll-out of the "SiteFinder" service for .com and .net. This practice raises grave technical concerns, as it de facto removes error diagnostics from the DNS protocol, and replaces them by an error handling method that is tailored for HTTP, which is just one of the many Internet protocols that make use of the DNS.
 more

It’s “Verisign vs. Users”

Last Comment: Oct 01, 2003

But even if the collateral damage is left out of the picture, the very idea behind SiteFinder is user-unfriendly, and that's the second half of the ALAC's note: SiteFinder is, ultimately, about short-cutting other error handling methods, and redirecting any users that enter non-existing domain names into a web browser to Verisign's own service, for commercial purposes. SiteFinder is designed so it becomes difficult to deploy superior error handling services that would compete with it -- because errors aren't flagged. more

SiteFinder Is Leaking Data

Last Comment: Oct 01, 2003

I just discovered that VeriSign's SiteFinder Web site is leaking data submitted in Web forms to its marketing analysis partner, Omniture. Forms can easily contain personal information such as an email address. For the problem to occur, a Web form must use the GET method. This data spill problem occurs if a Web page anywhere on the Internet submits a Web form to an action URL with a misspelled or expired domain name. Because of VeriSign's recent controversial changes to the DNS system, this form data is submitted to the SiteFinder Web site.  more

The Value of Trust in 2007

Last Comment: Sep 29, 2003

Applications and devices like cell phones, email, search engines, and automated programs handle the error messages differently; it would be naive for VeriSign to think only humans with browsers rely on DNS. When a user enters a non-exist domain name on their cell phone the DNS error message would prevent downloading. Now cell phones download VeriSign's SiteFinder webpage and Service Providers bill the cell phone user for that extra usage. SPAM prevention programs also rely on this error message to check to see if the domain is real. more

Blacklists Down from Fear of DDoS

Last Comment: Sep 28, 2003

Yet another DNS blacklist has been taken down out of fear of the DDoS attacks that took down Osirusoft, Monkeys.com, and the OpenRBL. Blackholes.compu.net suffered a Joe-Job (A Joe-Job is essentially spam designed to look like it's coming from someone else.) earlier this week. Apparently the Joe-Jobing was enough to convince some extremely ignorant mail administrators that Compu.net is spamming and blocked mail from compu.net. Compu.net has also seen the effects of DDoS attacks on other DNS blacklist maintainers. They've decided that the risk to their actual business is too great and they are pulling the plug on their DNS blacklist before they come under the gun by spammers. more

Industry Updates

Uncovering DNS Details on Operation Celestial Force

Global DNS and Domain Activity Trends in Q2 2024

On the Hunt for Remnants of the Samourai Wallet Crypto Mixing Services in the DNS

A Peek at the V3B Phishing Kit Attack via the DNS Lens

NIS2 and Its Implications for Global Brands

  • By CSC
  • Jul 05, 2024

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Following the DNS Trail of APT Group Newbie Unfading Sea Haze

On the DNS Trail of the Foxit PDF Bug Exploitation Attackers

Profiling a Popular DDoS Booter Service’s Ecosystem

IPv4.Global Commits to Keep Ukraine Connected

A DNS Investigation of the Phobos Ransomware 8Base Attack

Stately Taurus APT Group Targets Asian Countries: What Do the Campaign IoCs Reveal?

Managing Expanding Attack Surfaces for Growing Businesses

Subdomain Hijacking in the News Again - What is It?

  • By CSC
  • May 20, 2024

Looking for More Signs of Nitrogen in the DNS

View More