The Distribution of Botnets Since Rustock Went Down

I pulled together some statistics on my collection of botnet statistics for the period of time between Rustock being shut down and Wednesday, April 6. I wanted to see the distribution of botnets per country - now that Rustock is down, which country has the most botnet infections (as measured by unique IP addresses that send us spam)? more

Asia Pacific IPv4 Exhausted, Becomes First Region Unable to Meet IPv4 Demand

Asia Pacific Network Information Center (APNIC) today announced it has reached the last block of its available pool of IPv4 addresses. The day is marked as key turning point which initiates a major change in regional delegation policy. more

A Closer Look at the ‘Level 3 + Global Crossing’ Union

On Monday, 11 April 2011, Level 3 announced they had entered a definitive agreement to acquire Global Crossing. According to the Renesys Market Intelligence rankings, this merger would bring together the world's #1 and #2 global providers, with over half the Internet market on earth dependent on the combined entity. If the deal gained regulatory approval in the US and elsewhere today, how would the Internet provider landscape change? We'll answer that question in this blog, giving the proposed union a fictional name of Level Crossing for the purposes of our discussion. more

TelChina, China Mobile Building Mobile Payment Solution With .tel

Telnic Limited, the registry operator for the .tel top level domain (TLD), today announced that its regional partner TelChina and China Mobile, a leading mobile phone company, have entered into a strategic relationship to develop Mobile-Pay services on the .tel platform. ... On this platform, users will not have to log on to various websites for payment, but accomplish it through the clicking of a Mobile-Pay link on a .tel page. more

Major International Botnet Disabled Says U.S. Department of Justice

The U.S. Department of Justice and the FBI announced on Wednesday that they have taken actions to disable an international botnet of more than two million infected computers responsible for stealing corporate data including user names, passwords and financial information. more

Beyond the Top Level: DNSSEC Deployment at ICANN 40

I recently wrote about the encouraging level of DNSSEC adoption among top-level domain name registries, and noted that adoption at the second level and in applications is an important next step for adding more security to the DNS. The root and approximately 20 percent of the top level domains are now signed; it is time for registrars and recursive DNS servers operated by the ISPs to occupy center stage. more

Unlimited Bandwidth is Disrupting Infrastructure Models

Over the last ten years we have heard a lot about edge-based services. These were needed to enable the operation of applications at the edge of the network, as the lack of available bandwidth capacity made it difficult to do so over the core network. However, with the prospect of limitless bandwidth the design of the network is changing again. more

Facts & Tips for Consumers About the Epsilon Breach

There has been a lot of talk, blogging, tweeting and press reportage about the Epsilon breach, but little in the way of concrete information to consumers as to where they stand, if their personal information (PII) such as their name and email address has been lost to criminals. The CAUCE Board of Directors have developed the following FAQ that provides facts and guidance for those affected by the breach. more

Privacy is a Growth Market in Search of Leadership

Within a single month, privacy has moved to the top of the "to-do" list for government, business and consumers. In fact, the confluence of activity is the best indication in the last ten years that the will exists to establish regulatory and self-governance programs that complement consumer protection. Privacy is a growth market. more

RIPE NCC Members Secure their Resources Using Certification

Resource certification verifies that an Internet number resource (IP address space or autnonomous system number) has legitimately been allocated by a Regional Internet Registry. It will also benefit every network operator and Internet user in the world by helping to ensure long-term routing stability. more

Are You Ready for the Mobile Revolution?

If there is one fundamental trend everyone can agree on in technology circles, it's the move to mobile. More and more online traffic is originating not from PCs, but from smart mobile devices. You can pick your research study to confirm -- recently I read that Tony White of Ars Logica is projecting that by next year 50% of all web traffic will be generated by mobile devices. That may be aggressive, but you get the idea. more

The Epsilon Phishing Model

Phishing researcher Gary Warner's always interesting blog offers some fresh perspective on clicking links on emails, as the crux of the phishing problem. Gary writes: "There is a saying 'if you give a man a fish, he'll eat for a day, but if you teach a man to fish, he can feed himself for a lifetime.' In the case of the Epsilon email breach the saying might be 'if you teach a man to be phished, he'll be a victim for a lifetime.' In order to illustrate my point, let's look at a few of the security flaws in the business model of email-based marketing, using Epsilon Interactive and their communications as some examples." more

Governments Increasingly Trying to Control the Internet, Warns New U.S. Report

The U.S. Sate Department annual human rights report released on Friday has expressed concerns over the increasing trend among governments spending more time, money and attention in efforts to control their citizens access to the Internet and other communication means. To aid people seeking to speak out, the U.S. government is helping to finance circumvention technologies to avoid firewalls, reports the Associated Press. "To deal with governments hacking computers or intimidating dissenters, the U.S. government has trained 5,000 people from around the world on how to leave less of a trace on the Internet." more

Everything You Should Know About a TLD Business Case, But Didn’t Know to Ask

Applying for a new Top-Level Domain (TLD) is an expensive and lengthy process, costing an estimated $500K for application and various legal and professional services. Central to the application is the business case. Even though ICANN requires an albeit simple version, most applicants must have a credible business case, especially if they need to secure internal approval, or more importantly attract and secure outside investment. Given the truth to the maxim "if you fail to plan, you plan to fail," some closer scrutiny of your business plan will pay dividends in the long-term... more

Two Years Later the Conficker Worm Not Entirely Disappeared

In a SecurityWeek article today, Ram Mohan writes: "Just over two years ago, the Internet held its breath. The high-profile, widely proliferated Conficker worm had been in the wild from October 2008; its largest mutation was revealed in February 2009, with a widely publicized activation date of April 1, 2009. ... What we do know: Conficker could have proved much more damaging than it ultimately did, and the threat has not entirely disappeared." more