Spam

Spam / Most Viewed

Garth Bruen Discussing Whois, DNSSEC and Domain Security

NameSmash has interviewed Garth Bruen, Internet security expert and creator of Knujon, on some key issues under discussion during the recent ICANN meetings in San Francisco. Topics include Whois, DNS Security Extensions (DNSSEC) and generic Top-Level Domains (gTLDs) -- issues of critical importance particularly with ICANN's expected roll-out of thousands of new gTLDs in the coming years. more

U.S. Senate’s Hearing on ICANN

Later today, Senator Conrad Burns, who chairs the U.S. Senate subcommittee responsible for supervising ICANN, will be holding a hearing on a number of issues.

At the beginning of the year, a press release called "Burns Unveils NexGenTen Agenda For Communications Reform and Security in the 21st Century", had reported:

"U.S. Sen. Conrad Burns (R-Mont.) announced his top priorities for his chairmanship of the Senate Communications Subcommittee during the 108th legislative session. The ten items, called the Burns NexGenTen Tech Agenda, aim to strengthen security and usher reform for 21st Century Communication... more

Hijacked IP Addresses

From time to time, a party can get out of control. Raucous celebration can become careless, even destructive. Combine a critical number of young people, a certain amount of beer and lots of music and damage often happens. Partygoers leave a mess behind them. The same thing happens to some IP addresses. Malicious actors use IP addresses properly registered to someone else. more

A Year of CAN SPAM

The CAN SPAM Act of 2003 went into effect a year ago on Jan 1, 2004. As of that date, spam suddenly stopped, e-mail was once again easy and pleasant to use, and Internet users had one less problem to worry about. Oh, that didn't happen? What went wrong? more

Oklahoma Spammer Fighter Loses Even Worse

Last December I wrote about Mark Mumma, who runs a small web hosting company in Oklahoma City and his battle with Omega World Travel a/k/a cruise.com. Mumma lost his CAN SPAM suit agains them in December, but Omega's countersuit for defamation went to trial last week, and I hear that the jury awarded Omega $2.5 million in damages, which Mumma is not likely to be able to pay. This may be painted in some circles as a huge defeat for anti-spam activists, but it's not... more

Whither WGIG?

Now, I don't like the word "whither" any more than you do. But this Reuters article was circulating yesterday and it seemed to call for a "whither." It's a short story, so let's do a close reading. "A U.N.-sponsored panel aims to settle a long-running tug of war for control of the Internet by July and propose solutions to problems such as cyber crime and email spam, panel leaders said on Monday." We're going to decide what "internet governance" is by July?  more

M3AAWG Releases Anti-Abuse Best Common Practices for Hosting and Cloud Service Providers

Jointly published by the Internet Infrastructure Coalition (i2C) and the Messaging, Malware and Mobile Anti-Abuse Working Group, the new document outlines proven activities that can help Web hosting services improve their operations and better protect end-users. more

Brad Templeton in Response to Site Finder Controversy

A harmful, highly unilateral and capricious action. Tons of software out there depended on the ability to tell the difference between a domain name which exists and does not. They use that to give a meaningful, locally defined error to the user, or to identify if an E-mail address will work or not before sending the mail. Many used it as a way to tag spam (which came from domains that did not exist). It is the local software that best knows how to deal with the error. more

On Comcast and Net Neutrality: Shouting Fire in a Theater

The Comcast traffic shaping case has stirred up passionate debate. Net neutrality proponents are calling for Comcast's head on a platter. The common argument is that Comcast's policy may stifle innovation and competition. If a service provider is allowed to exercise unregulated discretion in how it treats subscriber traffic, it is a slippery slope toward anti-competitive practices. Net neutrality says keep your hands off. Some are preaching net neutrality as if it were an inalienable human right like freedom of speech... more

Search Engines and Registrars Getting Creative with Whois Database?

One of the best sources of information about sites on the web is the Whois database. A trio of patent applications from Go Daddy, published last week at the US Patent and Trademark Office, explores whether adding additional information to the Whois database might help reduce spam, phishing, and other fraudulent practices and improve search engine results. The patent filings from Go Daddy would add reputation information to the published Whois data to let others use it for a number of reasons, including enabling search engines incorporate it into their ranking mechanisms. ...The patent application from Google focuses upon fighting web spam using a wide range of data, including that associated with domain names. ...We can't really be certain that Google is presently using this information, but there are some indications that they may be... more

Potential Danger Ahead for Registrants: dot-info Abusive Domain Use Policy

ICANN has posted a request by Afilias for a new registry service in relation to "abusive" domains in dot-info. While in general the proposal is motivated by good intentions, the devil is in the details. While most folks (including myself) probably care very little about the .info TLD, my concern is that any bad implementation in .info might be copied or used as a precedent in other more important TLDs, in particular .com run by VeriSign. more

Site Finder: The Technical, Legal & Privacy Concerns

It is openly admitted , in the same Implementation PDF file, that all accesses to the Site Finder service are monitored and archived. A further worry for users is the privacy policy and terms of service posted on the Site Finder service. Not only does the simple act of mistyping a URL implicitly cause you, the end user, to accept VeriSign's Terms of Service and Privacy Policy without the chance to review and accept or decline either, but critical information as described above is not disclosed in either policy (as of this writing). The Privacy Policy clearly states... more

What is ‘Pharming’ and Should You Be Worried?

The sky is falling! The sky is falling! ...or is it? What is this thing called "pharming"? Put simply, it's redirection of web traffic, so that the server you think you're talking to actually belongs to a criminal. For example: you think you're talking to www.examplebank.com because it says so in the browser's address bar, but actually you're connected to www.mafia-R-us.ru. This can happen in three main ways: 1. DNS Hijack: a social engineering attack on the Internet infrastructure... more

New TLD Public Comments: Jumping-to-Conclusions?

Having been involved in the whole TLD issue since its inception, back in the ancient history of the mid-1990's, one would think that nothing would surprise me anymore. As it turns out, however, watching the comments on ICANN's public comment list with respect to the new sTLD proposals, I find that I'm taken-back by some of the kinds of comments I'm seeing. more

Spam-Friendly Registrar ‘Dynamic Dolphin’ Shuttered by ICANN

Neil Schwartzman writes: Brian Krebs is reporting in KrebsOnSecurity that ICANN last week revoked the charter of Dynamic Dolphin, a registrar that has long been closely associated with spam and cybercrime. "The move came almost five years after this reporter asked the Internet Corporation for Assigned Names and Numbers (ICANN) to investigate whether the man at the helm of this registrar was none other than Scottie Richter, an avowed spammer who has settled multi-million-dollar spam lawsuits with Facebook, Microsoft and MySpace over the past decade..." more