Facebook and Privacy

Mark Zuckerberg shocked a lot of people by promising a new focus on privacy for Facebook. There are many skeptics; Zuckerberg himself noted that the company doesn't "currently have a strong reputation for building privacy protective services." And there are issues that his blog post doesn't address; Zeynep Tufekci discusses many of them While I share many of her concerns, I think there are some other issues - and risks. more

My Domain Reputation Is Bad, Should I Get a New Domain?

Many companies have the occasional "oops" where they send email they probably shouldn't have. This can often cause a decrease in reputation and subsequent delivery problems. Some companies rush to fix things by changing domains. Brand new domains, those registered less than 30 days, have really bad reputations. Blame the spammers and scammers who exploited a loophole and sent tons of untraceable spam from newly registered domains that they then abandoned without paying for them. more

Protect Access to Safe Online Pharmacies Through Cyber Policy

The high cost of prescription drugs has created a health and economic crisis in the U.S. Personal prescription importation gives Americans a lifeline for affording safe medications. As prescription drug prices continue to skyrocket, the Internet has made it possible for Americans to access medications safely at considerable cost savings. As I've shared previously on CircleID, safety and affordability are the most important considerations when choosing an online pharmacy. more

Enough’s Enough: It’s Time to Set a Deadline for the Next New gTLD Application Window

The ICANN community is currently in full congratulatory mode because the team responsible for the delivery of the Phase 1 Final Report of the Expedited Policy Development Process on gTLD Registry Data (EPDP) has managed to do so in a record-breaking seven months. The GNSO Council approved the Final Report in a special meeting on 4 March 2019, and the report will now be sent to the ICANN Board for consideration and hopefully adoption. more

Say YES to DNSSEC

With the latest "DNSpionage" attack, ICANN astutely prompted domain name holders to fully deploy DNSSEC on their names. Afilias absolutely supports this and encourages the same. In this post, I remind you of why DNSSEC is important and our continued role. Afilias has a long history in the development and advocacy of DNSSEC. In 2007, we partnered with Public Interest Registry to help found dnssec-deployment.org. more

Researchers Demonstrate Serious Privacy Attacks on 4G and 5G Protocols

A group of academic researchers have revealed a design weakness in the 4G/5G protocol which can be exploited by an attacker to identify the victim's presence in a particular cell area just from the victim's soft-identity such as phone number and Twitter handle. more

Electronically Steerable, Flat-Panel Antennas for Satellite and Terrestrial Connectivity

What will the cost and capability of these antennas be in ten or twenty years? What would be the applications and implications of ubiquitous wireless networks? You might have some short-term guesses, like smart cities, but farther out it's science fiction -- Gaia, the Noosphere, 1984? ... Three companies, OneWeb, SpaceX and Telesat, plan to provide global, low-latency broadband Internet service using constellations of low-Earth orbit (LEO) satellites. more

Microsoft is Abandoning SHA-1 Hashes for Updates - But Why?

Microsoft is shipping a patch to eliminate SHA-1 hashes from its update process. There's nothing wrong with eliminating SHA-1 - but their reasoning may be very interesting. SHA-1 is a "cryptographic hash function". That is, it takes an input file of any size and outputs 20 bytes. An essential property of cryptographic hash functions is that in practice (though obviously not in theory), no two files should have the same hash value unless the files are identical. more

Banning 5G Equipment is a Foolish Strategy

It has become popular today around Washington and the venues of its coerced allies to issue threats to ban telecommunications equipment from certain countries - especially equipment intended for 5G use. The guise is vague assertions of "national security." It is an old tactic dating back to the turn of the last century and recurrent for decades. A combination of treaty instruments and collaborative industry standards activity several decades ago largely put an end to the banning tactic - significantly benefitting the entire world. more

Revisiting How Registrants Can Reduce the Threat of Domain Hijacking

Recent events have shown the threat of domain hijacking is very real; however, it is also largely preventable. As Verisign previously noted, there are many security controls that registrants can utilize to help strengthen their security posture. Verisign would like to reiterate this advice within the context of the recent domain hijacking reports. Domains are an important element of internet infrastructure; their functionality and security rely upon many factors such as their delegated name servers. more

Study Finds a Third of .Com Domains Completely Unused

How Many .com Domain Names Are Unused? Singapore Data Company recently conducted a study to answer this question. more

A Look Back at the World of IP Addressing in 2018: What Changed and What to Expect

Time for another annual roundup from the world of IP addresses. Let's see what has changed in the past 12 months in addressing the Internet and look at how IP address allocation information can inform us of the changing nature of the network itself. Back in around 1992 the IETF gazed into the crystal ball and tried to understand how the internet was going to evolve and what demands that would place on the addressing system as part of the "IP Next Generation" study. more

Creating TLS: The Pioneering Role of Ruth Nelson

As often occurs in networking and cryptographic history, anecdotes and insularity conspire to mask how developments actually occurred, and seminal roles undertaken by women are forgotten or ignored. One of the notable examples of this proclivity occurred in the cybersecurity cryptology arena as it involves a critical platform known as the Transport Layer Security Protocol (TLS) and the pioneering role of Ruth Nelson. more

Forget it, Jake. It’s China.

A timely article in The Wall Street Journal (that I only recently got around to reading): "The future's not here." American business people once saw China as dynamic, exciting and wide open. Not anymore. To which I ask: When was China ever "wide open?" Let's not blame the recent trade and tariff issues. China is a ruthlessly competitive market that, like so many countries, tilts the playing field in favor of its home-grown companies. more

Bitcoin: The Andromeda Strain of Computer Science Research

Everyone knows about Bitcoin. Opinions are divided: it's either a huge bubble, best suited for buying tulip bulbs, or, as one Twitter rather hyperbolically expressed it, "the most important application of cryptography in human history". I personally am in the bubble camp, but I think there's another lesson here, on the difference between science and engineering. Bitcoin and the blockchain are interesting ideas that escaped the laboratory without proper engineering - and it shows. Let's start with the upside. more