Ryan Naraine reporting at Threatpost: "Head of Google's anti-malvertising team Eric Davis wants Internet Service Providers (ISPs) to look beyond profits and take a more proactive approach to dealing with malware-infested computers on their networks. During a keynote presentation at the Virus Bulletin conference here, Davis said competitors in the ISP space must look beyond profits and partner on new initiatives to deal with the "parasites" that have taken control of the Internet landscape." more
Few Internet technologies have horked cyberlaw as much as keyword metatags. Back in the 1990s, some search engines indexed keyword metatags, which encouraged some websites to stuff their keyword metatags as a way of gaming the rankings. Judges took a dim view of this practice, largely because the surreptitious nature of keyword metatags seemed inherently sinister, regardless of their efficacy. In the interim, search engines wizened up. more
Facebook announced on Friday that it settled the class action challenging its "Beacon" advertising program. Net result? Facebook establishes a privacy foundation funded with $9.5 million (or what's left of this amount after attorneys' fees, costs, and class claims are deducted)... Beacon was an advertising program launched in November 2007 which (roughly speaking) allowed the transmission of purchase and consumer-related information between partner retailers, Facebook, and of course, your Facebook friends. I don't think many people have a sense of all of the contours of the program... more
I was looking at the End User License Agreement to which Skype wants people to assent. I noticed the following odd provision (Section 3.2.4): You hereby grant to Skype a non-exclusive, worldwide, perpetual, irrevocable, royalty-free, sublicensable and transferable licence to Use the Content in any media in connection with the Skype Software, the Products and the Skype Website. more
When discussions with overseas colleagues made it clear to me how fast things are changing here in Australia compared with the rest of the world, I was prompted to write this update about the developments in Australia, particularly in relation to its incumbent telco, Telstra. Most people overseas have not yet fully caught up with the fact that the destructive regime of Telstra's former CEO is well and truly over -- in the past there has been plenty of international reporting of the shocking behaviour of Telstra under Sol Trujillo (former US West) and his persistent attacks on the government included suing Ministers and abusing the Regulator. more
The FCC has run three days of workshops on the National Broadband Plan now, for the purpose of bringing a diverse set of perspectives on broadband technology and deployment issues to the attention of FCC staff. You can see the workshop agendas here. The collection of speakers is indeed very diverse. As you would expect, the session on eGov featured a number of government people and a larger collection of folks from the non-profit sector, all but one of whom has a distinctly left-of-center orientation. Grass-roots devolution arguments have a leftish and populist flavor, so who better to make the argument than people from left-of-center think tanks? more
There are a lot of theories flying around about why Twitter and other social media services got knocked offline yesterday. I've heard rumors about it being linked to political tension between Georgia and Russia. Others blame Iran for the outages. I'm not a political commentator, therefore I cannot comment on anyone's political views -- but I have some logic and common sense, and I can draw some objective conclusions. more
Around the world governments, regulators and the industry are struggling with the old regulatory legacy systems. These have become a major stumbling block in the transition to a new environment. Increasingly countries are beginning to understand the social and economic benefits a national broadband infrastructure can offer, but it is impossible to bring that about while the systems are based on the present regulatory regimes. To take these broader benefits into account we will need to develop government policies to facilitate the digital economy... more
Gordon Crovitz's Op-ed in the Wall Street Journal about the relationship between ICANN and the future of free speech quotes me a couple of times... Crovitz emailed me last week when he was researching his column. I was somewhat more critical of ICANN's status quo in our exchange than in the quotes he ended up using. Following are my full answers, emailed to him on Thursday. more
Your corporate domain names send implicit messages (signals) through their Top-Level Domains (TLDs) and their second-level words. Shape your domain names so to send the right messages and to avoid sending unintentionally confusing messages. The post focuses on a framework to help bidders determine which TLDs send messages that are potentially profit generating... Soon TLDs such as ".car," ".cars," ".green," and ".eco" will be available to any qualified body whose request is favored by the allocation system. The system being discussed is a combination of beauty contests and auctions. more
In light of recent announcements regarding Cameroon's country code Top-Level Domain, .CM, being opened to public registration, Tresa Baldas reports on Law.com: "Trademark attorneys are warning companies about a new target for cybersquatters known as '.cm,' which is the country code -- or top level domain -- for the West African nation of Cameroon. The dot-cm domain is a hot target for scammers, they say, due to 'cm' being a common typographical error for 'com' in the popular dot-com domain. Attorneys say this is significant to brand owners because Internet users searching for brand owners' Web sites frequently mistype dot-com as dot-cm and wind up on a bogus site. Not only is Web traffic lost, they say, but a brand name can get diluted or tainted along the way." (Also see, Nation of Cameroon Typo-Squats the Entire .com Space from 2006) more
This post isn't about -- or isn't only about -- the use of computer technology to commit crimes. It's more about the use of computer technology to commit war. A few weeks ago, I was part of a conversation about the legal issues cyberwarfare raises. We were talking about various scenarios -- e.g., a hostile nation-state uses cyberspace to attack the U.S. infrastructure by crippling or shutting down a power grid, air traffic control systems, financial system, etc. Mostly, we were focusing on issues that went to the laws of war, such as how and when a nation-state that is the target of a cyberattack can determine the attack is war, rather than cybercrime or cyberterrorism. more
Since my last post about DNS subversion we have had some good feedback. We had 29 responses, I agree a small sample, but what we found is very interesting. Let's remind ourselves of what we are looking at? Does your ISP redirect DNS queries? Specifically, if you try to make a port 53 UDP or TCP connection to a server outside of your ISP's network does it get there? more
Nguyen Minh Duc, senior security director at Bach Khoa Internetwork Security (Bkis), says that the source of recent cyberattack against US and South Korean government websites was not North Korea -- as widely reported -- but UK. Based on Bkis analysis, a report today by Nguyen Minh Duc says that a master server located in UK was found to control the 8 Command and Control servers responsible for the series of cyberattacks last week.
more
VeriSign makes a great deal of money from the .COM and .NET registries. Can we tell how much they make, and how much that might change if the CFIT lawsuit succeeds? It's not hard to make some estimates from public information. The largest gTLD registry that VeriSign doesn't run is .ORG, which was transferred a few years ago to the Public Internet Registry (PIR) which pays Afilias to run the registry, and uses whatever is left over to support the Internet Society (ISOC)... more
A World-Renowned Source for Internet Developments. Serving Since 2002.