There is a classic scene in the movie, "Jaws," when Roy Scheider gets a look at the size of the shark circling his fishing vessel and says, "We're going to need a bigger boat." The same case can be made for CIOs dealing today with application security. Hackers from all over the world are circling business and government like great whites looking for vulnerabilities in Internet-facing applications. The growth of applications is great for doing business but they have become chum in the water for predators. more
Beijing News is reporting (in Chinese) that one of their reporters noticed on Monday that the Google.cn landing page has added an ICP license number dated 2010. The license number had not been there before. ... The report did not clarify whether the addition of the ICP license means that the Chinese authorities have renewed Google.cn's ICP license... more
The key to fixing any part of the Internet infrastructure is to understand the business cases for the parties whose behavior you want to influence and design the technology accordingly. People who follow this approach (Sir Tim Berners-Lee and the World Wide Web) have a chance of succeeding. People who ignore it (DNSSEC, IPv6) will fail. The root problem here is that the ICANN DNS does not differentiate between the parts of the Internet that are accountable and those that are not. more
ICANN is the only institution with responsibility for the functioning of DNS. And so it is natural that when there is a DNS problem for people to expect ICANN to come up with the solution. But having the responsibility to act is not the same as having the ability. Like the IETF, ICANN appears to have been designed with the objective of achieving institutional paralysis. And this is not surprising since the first law of the Internet is 'You are so not in charge (for all values of you). more
In his latest blog post, Google's Chief Legal Officer David Drummond reports that Chinese authorities aren't happy with the automatic redirection of Google.cn to Hong Kong. They are threatening not to renew Google's Internet Content Provider license, which is required to legally operate any kind of Internet business in China. more
Google's internet browser Chrome has overtaken Apple's Safari in the US for the first time on a weekly basis according to website analytics service provider, StatCounter. The firm's research arm StatCounter Global Stats reports that for the week beginning 21 June Chrome overtook Safari to claim third place in the US browser market. "Chrome with 8.97% took third place in the US browser market ahead of Safari with 8.88%. Microsoft's Internet Explorer still dominates the US Internet browser market with 52%, followed by Firefox (28.5%)." more
A directive known as "Written Declaration 29," adopted last week by the European Parliament, calls for legislation that would require search engines to make a record of all search queries, as reported today by Startpage and Ixquick, anonymous search engine providers. "Framed as a measure to crack down on paedophiles, the controversial Declaration calls on the EU to require that search engines store all search traffic for up to two years for possible analysis by authorities." more
A couple of months ago, I wrote a post posing the question of whether or not more government regulation is required in order to secure the Internet. On the one hand, anonymity is viewed in the west as a forum for freedom of speech. The anonymity of the Internet allows dissidents to speak up against unpopular governments. However, the anonymity afforded by the Internet is not so much by design as it is byproduct of its original designers not seeing how widespread it would eventually become. more
ICANN's Board of Directors on Friday approved a set of Chinese language internationalized domain names which will allow millions of Chinese language users to access the internet using their native script. The new Internationalized Domain Name (IDN) country code Top-Level Domains (ccTLDs) and the associated organizations approved by the ICANN board include three different organizations: CNNIC (China Internet Network Information Center), HKIRC (Hong Kong Internet Registration Corporation Limited), and TWNIC (Taiwan Network Information Center). more
The board of ICANN on Friday gave initial approval for the addition of .xxx Top-Level Domain... Dot-XXX domains won't start appearing right away. ICANN must first conduct a "due diligence" study of ICM's business plan for the domain, and then the board will review the contract proposed for the operation of the domain. That may involve referring the matter to ICANN's Governmental Advisory Committee, which is next scheduled to meet in December in Colombia, said board member Bruce Tonkin. "There is a potential that this is a prolonged process,"... more
Those who have been involved in the ICANN process as long as I have naturally become accustomed to ICANN controversies at all levels. But the latest is a "wrong" of international ramifications. The four (4) versions of the Guidebook for the new generic Top-Level Domains (gTLDs) have been hundreds of pages long with a lot of The Good, The Bad, and to some, The Ugly. However, something new has appeared in the 4th and latest version called DAG4 can be called: "The Disturbing". more
Chanel's warning to counterfeiters: "we are watching and we are taking action." That's the literal message you will see when visiting around 40 websites that used to sell counterfeit goods (such as mychanelshop.com) that now redirect to the Chanel-owned website chanelreplica.com. These domains were transferred to Chanel as a result of a favorable decision rendered in May 2010 against two counterfeiters. more
As many of you may know, today .ORG announced that all of its 8.5 million domains are now able to be fully DNSSEC signed - the largest set of domain names in the world so far that has access to this key security upgrade. .. The widespread publicity that the Kaminsky bug got around the world vindicated a decision made in several companies to invest time, effort and money into deploying DNSSEC. The community was split on the value of the DNSSEC effort -- many thought the deployment was quixotic, while a few others thought it was appropriate. more
Attendees at the public ICANN meeting in Brussels today heard from over two dozen companies that have implemented or are planning to support DNSSEC, the next-generation standard protocol for secured domain names. It is clearer than ever before that DNSSEC is becoming a reality. more
What happens to companies when they get too big for their own good? Do they inadvertently do things that potentially harm our privacy (think Facebook)? Or, do they simply make mistakes that violate our privacy? Well, last month Google revealed that its Street View cars "mistakenly" captured content flowing over wireless networks -- a potential invasion of privacy. more