GlavMed Hacks U.S. Government Website

Garth Bruen writes: A report in LegitScript takes a look at Russian rogue Internet pharmacy hacking US government website. "As rogue Internet pharmacy networks become more sophisticated, even US government websites are at risk. Today, we're taking a look at how a rogue Internet pharmacy linked to a criminal network operating out of Russia and Eastern Europe has hacked into a US government website. The Millennium Challenge Corporation, a US foreign aid agency, utilizes a ".gov" top-level domain, which is assigned to the control of the US government. Domain names ending in .gov are typically administered by the General Services Administration." more

DNSSEC Taking Center Stage at 2010 Black Hat

On July 28th DNSSEC took center stage at the 2010 Black Hat Conference in Las Vegas. Two years ago, at the same conference, Dan Kaminsky unveiled the infamous DNS bug that many believe became a major catalyst for DNSSEC implementation. To kick things off, Jeff Moss -- founder of Black Hat -- in his opening speech called out the fact that "we have not solved any fundamental problems" and noted that the technical community must catch up. more

Using Facebook for Verisimilitude? For real?

I recently became aware of the new pay-by-mobile phone service Venmo.com. "Pay friends with your phone, skip the ATM, Settle up on meals, rent, bills and drinks" ... Venmo are using Facebook connect as a way of verifying user identities, at least that is what they claim. more

Even if Do-Not-Track Were a Good Idea, Could It Ever Work?

In a recent article, I read about increasingly intrusive tracking of online users, which has lead to a proposal at the FTC, "FTC Chairman Jon Leibowitz said the system would be similar to the Do-Not-Call registry that enables consumers to shield their phone numbers from telemarketers." Maybe I'm dense, but even if this weren't a fundamentally bad idea for policy reasons, I don't see how it could work. more

Broadband Tariffs: The Significant Gap Between Residential and Business

Analysis from Point Topic's recent reports on global broadband tariffs has revealed a significant gap in residential and business tariffs worldwide. Clearly businesses are paying more for their services than residential consumers but the relative differences in the ratios is more marked than might be expected. The first thought is that they are paying for more bandwidth and that is true to an extent. more

Spamhaus Motion to Reconsider

A few weeks ago, Spamhaus filed a motion to have the judge reconsider his recent $27,002 award to e360. Their brief hangs on three arguments. ... it's clear Spamhaus is prepared to take this to the Court of Appeals (again) if the judge doesn't reconsider. In my lay reading of the law, and the memo in support of motion to alter judgement I don't think Spamhaus is out of line in asking for the judge to reconsider. I expect that if the judge doesn't reconsider, then we'll see an even more aggressive filing taking it up to the Court of Appeals. more

2010 Data Breach Report from Verizon, US Secret Service

A study conducted by the Verizon Business RISK team in cooperation with the United States Secret Service has found that breaches of electronic records in 2009 involved more insider threats, greater use of social engineering and the continued strong involvement of organized criminal groups. more

Are Service Providers Giving Up on Landline too Soon?

Interesting times in the carrier space, for sure. While most readers of this column are focused on the business market, it's hard to ignore what's occurring in the consumer space right now. Being based in Toronto, I happen to be struck by the similar trends shaping on both sides of the border. Over the past few days, we've seen earnings reports from major telcos and cablecos, and these businesses seem to be going in opposite directions. more

The Issue of License Proliferation

When I was on the ICANN board, we were dealing with the issue of Internationalized Domain Names (IDNs), an initiative to allow non-latin characters in domain names. Technically, it was difficult and even more difficult was the consensus process to decide exactly how to do it. Many communities like the Chinese and Arabic regions were anxious to get started and were getting very frustrated with the ICANN process around IDNs. ... When I joined the Open Source Initiative board of directors, we were also struggling with a similar, but slightly different problem. more

Would You Fly an Airplane That Had a Pre-flight Checkout That Was Only 40 Percent Complete?

In the aviation world safety is paramount. Commercial airlines go to major lengths to make sure that their planes are fully up to code and can fly safely in the air. The risks - loss of human lives - are far too extreme to take any chances. One result of this diligence is the fact that travel by plane is far safer than any other method - nearly 40 times safer per mile than travel by car. While application security risks are not as dire, research shows CSOs fail to use the same stringent level of safety to secure their Internet-facing applications. more

White House on the DNSSEC Deployment: “A Major Milestone on Internet Security”

Andrew McLaughlin reporting in the White House website: "Last week marked a significant advance in the security of the Internet. After years of intensive design, testing, and implementation work, the Internet's domain name system now has a new security upgrade that allows Internet service providers and end users alike to protect against an important online vulnerability: the clandestine redirecting of online communications to unwanted destinations." more

Website Seals of Approval: Can You Trust Them?

The abuse of well-known seal of approvals seems to be the latest ruse used by online fraudsters. Leveraging reputable names that existed long before anyone heard of the Internet is a blaring reminder that even trustworthy seals are not off limits to scammers. In fact, linking to reliable sources of reviews and certification is proving to be an essential part of any fraud strategy today. more

Comments on Economics Study of ICANN’s New TLDs

ICANN has taken another crack at the question of the economics of launching new top-level domains (TLDs). The first report that the group commissioned on the subject was greeted by a loud and unhappy uproar. Now we have the preliminary draft of a new report, this one by professors Katz, Rosston, and Sullivan. It is insightful and analytic, but the final version needs to consider the theoretical and empirical issues... more

iPhone 4 Highlights Mobile Problems

Making a telephone call in London has become more difficult for early adopters of the new iPhone 4. First of all the reception is rather poor. And it is not just that it is not showing the bars correctly; many users in congested mobile areas such as London receive the message 'server not available'. (As a matter of fact, this doesn't apply only to the iPhone -- it is also experienced with other smart phones.) more

Failure of the Broadband Plan?

Craig Moffett sees this as I do: "If LTE networks are going to be usage-capped, then the last pretense that LTE can be positioned as a substitute for terrestrial broadband would seem to be gone." The heart of the U.S. broadband plan is to release more spectrum - enough for 10-20 networks like Verizon's LTE now building - and pray that will be enough competition in five to seven years to check price increases. more