The Hack Back Bill in Congress is Better Than You’d Expect

Rep's Graves and Sinema recently introduced H.R. 4036, the catchily named Active Cyber Defense Certainty Act or ACDC act which creates some exceptions to criminal parts of computer crime laws. Lots of reports have decried "hack back" but if you read the bill, it's surprisingly well targeted. The first change is to what they call Attributional Technology, and says it's OK to put bait on your computer for an intruder intended to identify the intruder. more

Google Now a Target for Regulation

The time was - way back around the turn of the century - when all Internet companies believed that the Internet should be free from government regulation. I lobbied along with Google and Amazon to that end (there were no Twitter and Facebook then); we were successful over the objection of traditional telcos who wanted the protection of regulation. The FCC under both Democrats and Republicans agreed to forbear from regulating the Internet the way they regulate the telephone network; the Internet flourished, to put it mildly. more

Former Yahoo CEO Marissa Mayer Apologizes for Data Breach, Blames Russian Agents

Former Yahoo CEO Marissa Mayer apologized today at the Senate Commerce, Science and Transportation hearing regarding massive data breaches at the internet company, blaming Russian agents. more

Enabling Privacy Is Not Harmful

The argument for end-to-end encryption is apparently heating up with the work moving forward on TLSv1.3 currently in progress in the IETF. The naysayers, however, are also out in force, arguing that end-to-end encryption is a net negative... The idea of end-to-end encryption is recast as a form of extremism, a radical idea that should not be supported by the network engineering community. Is end-to-end encryption really extremist? Is it really a threat to the social order? more

An Opinion in Defence of NATs

Network Address Translation has often been described as an unfortunate aberration in the evolution of the Internet, and one that will be expunged with the completion of the transition of IPv6. I think that this view, which appears to form part of today's conventional wisdom about the Internet unnecessarily vilifies NATs. In my opinion, NATs are far from being an aberration, and instead, I see them as an informative step in the evolution of the Internet, particularly as they relate to possibilities in the evolution of name-based networking. Here's why. more

Reverse Domain Hijacking Where Complainant Knew but Did Not Disclose Geographic Significance of Mark

In the case of Oy Vallila Interior Ab v. Linkz Internet Services, a 3-member WIPO Panel denied the Complainant's efforts to have the disputed domain name vallila.com transferred because the Complainant did not prove that the Respondent registered and used the disputed domain name in bad faith. The Complainant is in the business of providing fabrics and interior design services and claimed trademark rights in its registered mark VALLILA in the European Union. more

The FCC Robocall Proceeding: International Insularity

In March of this year, the Federal Communications Commission (FCC) adopted an initial Notice of Inquiry (CG No. 17-59) to mitigate robocalls. In July, it adopted a Second Notice. Mitigating spoofed telephone calls is a global problem which every country in the world has been addressing as part of a global ecosystem for many years in intergovernmental and industry bodies, in academic R&D and patent filings, and industry products with ongoing activity continuing today. more

Net Neutrality 101: Why ‘Title II’ Doesn’t Apply to Internet Transmissions

No baby boomers had been born when Congress enacted Title II of the Communications Act in 1934 as a means of regulating the Bell telephone monopoly, and the first Millennials were in elementary school when that monopoly was broken up in 1983. Title II was set to die along with plain old telephone service until the Obama administration decided Title II should be used to implement net neutrality -- the principle that consumers should have reasonable access to internet functionality. more

Legal Controls on Extreme End-to-End Encryption (ee2ee)

One of the most profoundly disruptive developments occurring in the cyber security arena today is the headlong rush by a set of parties to ubiquitously implement extreme End-to-End (e2e) encryption for communication networks using essentially unbreakable encryption technology. A notable example is a new version of Transport Layer Security (TLS) known as version 1.3. The activity ensues largely in a single venue... more

Dell Loses Key Customer Support Domain Name for a Month, Site Exposed to Questionable Content

The website designated by Dell Inc. to help customers recover from malicious software and other computer maladies may have been hijacked for a few weeks this summer by people who specialize in deploying said malware, reports Brian Krebs in KrebsOnSecurity. more

The Darkening Web: Is there Light at the end of the Tunnel?

In his book "The Darkening Web: The War for Cyberspace" (Penguin Books, New York 2017), Alexander Klimburg, an Austrian-American academic, gives "Internet Dreamers" a "Wake Up Call". He tells us the background-story why people start to be "anxious about the future of the Internet", as the recent ISOC Global Internet Report "Paths to Our Digital Future" has recognized. Klimburg refers to Alphabets CEO Erich Schmidt, who once said that "the Internet is the first thing that humanity has built that humanity does not understand". more

Trademark Rights Paramount to Contract Rights for Domain Names

UDRP decisions come down from providers (principally from WIPO and the Forum) at the rate of 7 to 10 a day. Complainants mostly prevail; this is because in 90% of the cases (more or less that percentage) respondents have no plausible defense and generally don't bother appearing, although default alone is not conclusive of cybersquatting; there must be evidence of infringement. When complainants do not prevail, it is not because they lack rights... more

Celebrating 167 Years of Public International Law for Cyber Security

On 30 September 1850 at Dresden, the first international treaty was issued among the first sovereign nations to internet their national electronic communication networks. It was known as the Dresden Convention, and culminated several weeks hammering out basic requirements and techniques to implement an internet spanning the Austro-German European continent at the time, and established a continuing "Union" of signatories to evolve the provisions of the treaty. more

The Catalonian Matter: Law and Order, Democracy and Freedom of Speech, Censorship and Trust

I'm an engineer, and I firmly believe that Internet matters and, in general, Information Society, should be kept separate from politics, so usually, I'm very skeptical to talk about those and mix things. Let's start by saying that I'm Catalonian. Despite the dictatorial regime when I was born, forbidden teaching Catalonian, I learned it, even despite, initially for family reasons and now for work reasons, I live in Madrid. However, I keep saying everywhere I go, that I was born in Barcelona... more

Why I Want a .PAYPAL New gTLD

I use Paypal, and I am quite satisfied with how it helps me with my business: it is still a little hard to use, and I don't use all functions of the tool, but it is not so expensive, it is fast and efficient, and Paypal does not send so many emails. In one word, Paypal rocks... The only problem that I have with Paypal is the number of fake emails that I receive. Of course, I easily identify them as they come in and luckily, G Suite (Gmail) does an excellent job at blocking all spam and phishing. more