Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
A couple of weeks ago, NetworkWorld published an article indicating that the .com TLD was the riskiest TLD in terms of containing code that can steal passwords or take advantage of browser vulnerabilities to distribute malware... It is unclear to me what they mean by TLD's being risky. The number of domains, 31.3% of .com's being considered risky, what does this actually mean? Is it that 31% of .com's are actually serving up malware or something similar? If so, that seems like a lot because for many of us, nearly 1 in every 3 pages that most people visit would be insecure... more
Fear sells. Fear of missing out, fear of being an imposter, fear of crime, fear of injury, fear of sickness ... we can all think of times when people we know (or worse, people in the throes of madness of crowds) have made really bad decisions because they were afraid of something. Bruce Schneier has documented this a number of times. For instance: "it's smart politics to exaggerate terrorist threats" and ... more
Landline networks like the old phone system and the new(er) cable systems do lend themselves to monopoly or at least duopoly outcomes. Building these networks is both very expensive and requires myriad government approvals. Once a system is in place, it is hard for anyone to raise the capital to duplicate it. Even a network of wireless towers is hard to compete with. more
As the IEEE 802.11 task force turns its attention to developing Wi-Fi 8, the next iteration of wireless networking standards, the focus has shifted from sheer speed to enhancing user experience. more
The IETF is in the midst of a vigorous debate about DNS over HTTP or DNS over HTTPS, abbreviated as DoH. How did we get there, and where do we go from here? (This is somewhat simplified, but I think the essential chronology is right.) Javascript code running in a web browser can't do DNS lookups, other than with browser.dns.resolv() to fetch an A record, or implicitly by fetching a URL which looks up a DNS A or AAAA record for the domain in the URL. more
Last week the Ukrainian government sent a letter to ICANN asking them to revoke the ".ru", ".рф" and ".su" top-level domains. It also said they were asking RIPE, which manages IP addresses in Europe, to revoke Russian IP addresses. Both ICANN and RIPE said no. Other people have explained why it would have been a policy disaster, but beyond that, neither would actually have worked. more
Last year I wrote a post right after Thanksgiving entitled: "While You Were Eating You're Turkey Homeland Security Was Seizing 9 Domains". Well I could have repeated the headline today except the number would be 131 domains rather than just 9. Looks like Homeland Security is going to make domain seizures on Thanksgiving as common in the US as Turkey and Stuffing. more
In a recent blog post, Google engineers have revealed information about an early stage project called SPDY (pronounced "SPeeDY"), aimed at significantly boosting Web download speeds. According to the post, SPDY is an application-layer based protocol designed for minimizing latency. It says: "So far we have only tested SPDY in lab conditions. The initial results are very encouraging: when we download the top 25 websites over simulated home network connections, we see a significant improvement in performance - pages loaded up to 55% faster. There is still a lot of work we need to do to evaluate the performance of SPDY in real-world conditions." more
The Council of European National Top level Domain Registries (CENTR) released its global TLD report today, stating that the global TLD market grew 1.4% year over year at the end of first quarter this year. more
In 2019, we've seen a surge in domain name system (DNS) hijacking attempts and have relayed warnings from the U.S. Cybersecurity and Infrastructure Agency, U.K.'s Cybersecurity Centre, ICANN, and other notable security experts. Although the topic has gained popularity amongst CIOs and CISOs, most companies are still overlooking important security blind spots when it comes to securing their digital assets outside the enterprise firewalls -- domains, DNS, digital certificates. more
We read and hear a lot of complaints from trademark interests about allegedly rampant cybersquatting and other forms of trademark infringement, but it's rare to see a story about reverse domain name hijacking and other abuses committed by them. That's what made it so refreshing to see an article in the Saturday, April 4th Wall Street Journal titled "The Scariest Monster of All Sues for Trademark Infringement – Fancy Audio-Cable Outfit Defends Its Brands; A Mini Golf Course Fights Back". more
The GNSO Council and the ICANN Board both seem poised to grant sufficient runway to the community to refine an idea for a simple ticketing system designed to centralize requests for registrant information disclosures and provide meaningful data that is likely to help ICANN staff enhance its assessment of the SSAD proposal. This is very good news for those who advocate for consumer safety and trust on the Internet, and it is very good news for the ICANN multistakeholder model. more
It's not particularly clear whether a marketing intern thought he was being clever or a fatigued pentester thought she was being cynical when the term "Purple Team Pentest" was first thrown around like spaghetti at the fridge door, but it appears we're now stuck with the term for better or worse. Just as the definition of penetration testing has broadened to the point that we commonly label a full-scope penetration of a target's systems with the prospect of lateral compromise and social engineering as a Red Team Pentest -- delivered by a "Red Team" entity operating from a sophisticated hacker's playbook. more
The OECD has published a detailed report, Broadband over Powerlines: Developments and Policy Issues, on what was once considered a potentially interesting and disruptive technology that might have rivaled DSL. It notes that having largely failed in that, it is instead being applied to "smart grid" applications. more
We read carefully Scott Hollenbeck's call to form a Domain Name Industry association to promote consistency in technical operations across the many moving parts of the industry and we, the Board and members of the Domain Name Association, largely agree. More formal coordination among registry operators and domain name registrars would improve the domain name registration experience for registrants and business operations for the domain name industry in general. more
A World-Renowned Source for Internet Developments. Serving Since 2002.