Tackling Cyber Security: Should We Trust the Libertarians? Part 2

A couple of months ago, I wrote a post posing the question of whether or not more government regulation is required in order to secure the Internet. On the one hand, anonymity is viewed in the west as a forum for freedom of speech. The anonymity of the Internet allows dissidents to speak up against unpopular governments. However, the anonymity afforded by the Internet is not so much by design as it is byproduct of its original designers not seeing how widespread it would eventually become. more

Chinese Internationalized Domain Names Approved by ICANN

ICANN's Board of Directors on Friday approved a set of Chinese language internationalized domain names which will allow millions of Chinese language users to access the internet using their native script. The new Internationalized Domain Name (IDN) country code Top-Level Domains (ccTLDs) and the associated organizations approved by the ICANN board include three different organizations: CNNIC (China Internet Network Information Center), HKIRC (Hong Kong Internet Registration Corporation Limited), and TWNIC (Taiwan Network Information Center). more

ICANN Begins Negotiations for the Approval of dot-XXX Domain

The board of ICANN on Friday gave initial approval for the addition of .xxx Top-Level Domain... Dot-XXX domains won't start appearing right away. ICANN must first conduct a "due diligence" study of ICM's business plan for the domain, and then the board will review the contract proposed for the operation of the domain. That may involve referring the matter to ICANN's Governmental Advisory Committee, which is next scheduled to meet in December in Colombia, said board member Bruce Tonkin. "There is a potential that this is a prolonged process,"... more

Terrorism, New gTLDs, DAG4, and ICANN’s Continued US and Western Centric Bias

Those who have been involved in the ICANN process as long as I have naturally become accustomed to ICANN controversies at all levels. But the latest is a "wrong" of international ramifications. The four (4) versions of the Guidebook for the new generic Top-Level Domains (gTLDs) have been hundreds of pages long with a lot of The Good, The Bad, and to some, The Ugly. However, something new has appeared in the 4th and latest version called DAG4 can be called: "The Disturbing". more

Chanel’s Message On Fakes: We Take It Seriously and So Should You

Chanel's warning to counterfeiters: "we are watching and we are taking action." That's the literal message you will see when visiting around 40 websites that used to sell counterfeit goods (such as mychanelshop.com) that now redirect to the Chanel-owned website chanelreplica.com. These domains were transferred to Chanel as a result of a favorable decision rendered in May 2010 against two counterfeiters. more

Three Reasons Why It Makes Sense to Deploy DNSSEC Now

As many of you may know, today .ORG announced that all of its 8.5 million domains are now able to be fully DNSSEC signed - the largest set of domain names in the world so far that has access to this key security upgrade. .. The widespread publicity that the Kaminsky bug got around the world vindicated a decision made in several companies to invest time, effort and money into deploying DNSSEC. The community was split on the value of the DNSSEC effort -- many thought the deployment was quixotic, while a few others thought it was appropriate. more

DNSSEC Becomes a Reality Today at ICANN Brussels

Attendees at the public ICANN meeting in Brussels today heard from over two dozen companies that have implemented or are planning to support DNSSEC, the next-generation standard protocol for secured domain names. It is clearer than ever before that DNSSEC is becoming a reality. more

Google’s “Deeply Disturbing Invasion of Privacy” Being Investigated by Connecticut AG

What happens to companies when they get too big for their own good? Do they inadvertently do things that potentially harm our privacy (think Facebook)? Or, do they simply make mistakes that violate our privacy? Well, last month Google revealed that its Street View cars "mistakenly" captured content flowing over wireless networks -- a potential invasion of privacy. more

Multiple (Even Random or Garbled) Domain Names to Bypass Spam Filters Not a Violation

The California Supreme Court issued its opinion in Kleffman v. Vonage, a case certified from the Ninth Circuit. The California Supreme Court held that the transmission of "commercial e-mail advertisements from multiple domain names for the purpose of bypassing spam filters" does not violate California's spam statute. more

FCC: We Will Regulate Broadband

Since the dust has settled from a stinging defeat in federal court, the FCC has decided to move on its own to settle the broadband regulation dispute. With a 3-2 vote the commission issued a Notice of Inquiry that would set the stage for more regulatory authority of broadband. It seems ironic that the motivating factor was the court case brought by Comcast in Federal District Court to immobilize the FCC's efforts to sanction the service provider from throttling Bit Torrent, file sharing customers. more

VPN Security Flaw Makes IP Address of Users Using IPv6 Easily Traceable

Duncan Geere reporting in Wired: "Since the slow introduction of internet monitoring systems around the world began, more and more people have attempted to preserve their privacy by signing up for VPN services like the Pirate Bay's Ipredator and Pirate Party offering Relakks. But it turns out that there's a gaping security flaw in these services that allows individual users to be identified..." more

A Modest Proposal for ICANN

When it comes to accountability, ICANN would rather be compared to other U.S. nonprofit companies than to the regulatory bodies it more closely resembles. If they truly wish to be treated like a nonprofit, rather than a regulator, there is a very simple solution: make all contributions strictly voluntary. more

When Having a Voice Isn’t Enough

In Brussels on Friday, an esteemed panel of experts got together to discuss the challenge of improving ICANN's accountability. It's just too bad nobody from ICANN came by to hear it. ... While their prescriptions varied widely, the panelists were remarkably similar in their diagnoses - namely, that ICANN has yet to meet the fundamental challenge of making its board and staff accountable and answerable to the community that it is intended to serve. more

Top Level Domains and a Signed Root

With DNSSEC for the root zone going into production in a couple of weeks, it is now possible for Top Level Domain (TLD) managers to submit their Delegation Signer (DS) information to IANA. But what does this really mean for a TLD? In this post we're going to try to sort that out. more

BP and Incident Response: How Well Do Oil and Security Mix?

BP and the Oil Industry are taking a lot of heat these days - much of it rightly so. Moving beyond the drama and evaluating the overall response of BP and others reinforces much of what is taught in incident response training and preparation... by showing the outcomes when one does not respond well. This is probably the most important incident that the responders involved will deal with in their professional lives. For those of us working to protect Internet Infrastructure and resources there are useful lessons as we consider what is happening in the Gulf of Mexico and their response effort. more