Mehmet Akcin writes: As announced today as part of RIPE meeting in Lisbon, Portugal by Joe Abley, DNS Group Director at ICANN, and Matt Larson, Vice President of DNS Research at VeriSign, in their presentation (Page 25), DNSSEC for the root zone is proposed to be fully deployed by July 1, 2010. The Draft Timeline suggests Root zone being signed by December 1, 2009 while initially staying internal to ICANN and VeriSign. The incremental roll out of the signed root would then take place from January until July 2010.
Joly MacFie writes: The Internet Society's New York Chapter (ISOC-NY) will be holding a public forum at NYU on Oct 8 2009 to discuss, in the post JPA world, civic representation in ICANN. Specific concerns are the current restructuring of the Generic Names Supporting Organization (GNSO) Council, and the replacement of the At-Large Liaison to the ICANN Board by a seated member. Will the creation of new constituencies serve to balkanize the Noncommercial users and dilute their influence? Will an At-large board member be less answerable to the rank and file? These questions and more will be discussed. The public are welcome to attend and the event will be webcast live.
Kicking off the sixth annual National Cybersecurity Awareness Month this October, the Department of Homeland Security (DHS) has urged computer users to practice good "cyber hygiene". The campaign was given a boost Wednesday when the Senate passed resolution 285 to support its goal to make U.S. citizens more aware of how to secure the internet. DHS has also announced that is has been given new authority to recruit and hire up to 1,000 cybersecurity professionals across the department to fill roles such as: cyber risk and strategic analysis; cyber incident response; vulnerability detection and assessment; intelligence and investigation; and network and systems engineering.
Anti-Phishing Working Group (APWG) released its latest Phishing Activity Trends Report today warning that the number of unique phishing websites detected in June rose to 49,084, the highest since April, 2007's record of 55,643, and the second-highest recorded since APWG began reporting this measurement. "The number of hijacked brands ascended to an all-time high of 310 in March and remained, in historical context, at an elevated level to the close of the half in June," says the report.
The Internet Corporation for Assigned Names and Numbers (ICANN) has reached a major milestone today with a new agreement in place with the U.S. Department of Commerce allowing the organization greater independence and giving more countries oversight of the organization.
According to reports today, the Australian federal government made a drastic change to a bill that could potentially allow ISPs to police online traffic. Karen Dearne of the Australian IT reports: "Electronic Frontiers Australia spokesman Geordie Guy said it was unclear if the draft Telecommunications (Interception and Access) Amendment Bill was an "attempt to sneak through" a wholesale expansion of intercepts of private emails and file-sharing or merely a badly drafted bill."
At the end of this month, September 30th, the Joint Project Agreement (JPA) between the Internet Corporation for Assigned Names and Numbers (ICANN) and the U.S. Department of Commerce (DoC) will come to an end. While ICANN has affirmed its commitment in maintaining a long-term, formal relationship with the United States, talks of new changes and a more independent ICANN is intensifying as the expiration date is quickly approaching. For the next upcoming days, this page will be frequently updated with related news and updates.
Ryan Naraine reporting at Threatpost: "Head of Google's anti-malvertising team Eric Davis wants Internet Service Providers (ISPs) to look beyond profits and take a more proactive approach to dealing with malware-infested computers on their networks. During a keynote presentation at the Virus Bulletin conference here, Davis said competitors in the ISP space must look beyond profits and partner on new initiatives to deal with the "parasites" that have taken control of the Internet landscape."
Google today announced an early-stage open source plugin called Google Chrome Frame that aims to seamlessly allow use of open web technologies and faster JavaScript engines within Microsoft's Internet Explorer browser. In a blog post today Google says: "One challenge developers face in using these new technologies is that they are not yet supported by Internet Explorer. Developers can't afford to ignore IE -- most people use some version of IE -- so they end up spending lots of time implementing work-arounds or limiting the functionality of their apps."
An open letter signed by various members of the domain name industry, including heads of some of the top domain name registries and registrars, was sent today to ICANN CEO and Board of Directors urging them to direct their staff to implement the introduction of new Top-Level Domains (TLDs) without further delay. "The time to act is now," says the letter for "many reason" including: Consumer Demand; Safety Considerations; Internet Stability; Innovation; ICANN’s own credibility
As per earlier reports, U.S. Federal Communications Commission Chairman Julius Genachowski proposed new rules today requiring Internet service providers to treat all Internet traffic equally and allow users to access their networks with any device.
VeriSign today released its second quarter 2009 Domain Name Industry Brief where it reports that the total base of domain name registrations across all of the Top-Level Domains [TLDs] has now reached 184 million. However the report also indicates that there has been a 15% decline compared to the same quarter last year. The largest TLDs in terms of base size are reported to be: .com, .cn, .de, .net, .org, .uk, .info, .nl (Netherlands), .eu (European Union), and .biz.
Earlier this year, ICANN began to seriously consider the various effects of adding DNS protocol features and new entries into the Root Zone. With the NTIA announcement that the Root Zone would be signed this year, a root scaling study team was formed to assess the scalability of the processes used to create and publish the Root Zone. Properly considered, this study should have lasted longer than the 120 days -- but the results suggest that scaling up the root zone is not without risk -- and these risks should be considered before "green-lighting" any significant changes to the root zone or its processes. I, for one, would be interested in any comments, observations, etc. (The caveats: This was, by most measures, a rush job. My spin: This is or should be a risk assessment tool.) Full report available here [PDF].
Contrary to previous security reports suggesting compromised machines remain infected for 6 weeks, experts at Trend Micro say these estimates are far from accurate. In its recent blog post the company said: "During the analysis of approximately 100 million compromised IP addresses, we identified that half of all IP addresses were infected for at least 300 days. That percentage rises to eighty percent if the minimum time is reduced to a month." Additionally the study also indicates that while three quarter of the IP addresses were linked to consumer users, the remaining quarter belonged to enterprise users.
Security experts at RSA Research Lab have reported the discovery of a new type of phishing attack targeted against online banking customers that combines a typical phishing website with a live change session initiated by fraudsters. The technique dubbed "Chat-in-the-Middle" not only attempts to trick customers into entering their usernames and passwords into a phishing site but obtains further sensitive information (such as answers to secret questions used by banks to authenticate customers). According to the report, this attack is currently targeting a single U.S.-based financial institution, however operators of all online banking websites are cautioned.