From "Last Call for Whois Comments", a recent opinion piece by eWeek's Security Center Editor Larry Seltzer: "It's not a good sign when the criminals and the lawyers are on the same side of an issue; there may be no good solution to the problems of Whois service rules. Who would have imagined that so much business and so much abuse would center around Internet domain names? Certainly not the designers of the system, including those of the Whois service, which reports on ownership and some other data on domain names... more
For those not familiar with RBL, the term means Real-time Blackhole List, it is mainly used for SPAM fighting. I have recently started playing around with Google as an RBL engine, the idea is that if the search term I use hits too many hits it is likely to be SPAM. The danger of course is that the term could be simply popular -- but the trick here is that I'm using something very special as the search term -- the IP address of the poster. more
Classified ad site craigslist is famously protective of its contents. While they are happy for search engines like Google to index the listings, they really, really do not like third parties to scrape and republish their content in other forms. In 2013 craigslist sued a company called 3taps which had created an API for craigslist data. They also sued real estate site Padmapper, which showed craigslist and other apartment listings on a map, something craigslist didn't do at the time. more
The essence of information privacy is control over disclosure. Whoever is responsible for the information is supposed to be able to decide who sees it. If a society values privacy, it needs to ensure that there are reasonable protections possible against disclosure to those not authorized by the information's owner. In the online world, an essential technical component for this assurance is encryption. If the encryption that is deployed permits disclosure to those who were not authorized by the information's owner, there should be serious concern about the degree of privacy that is meaningfully possible. more
IBM today released the results from its annual X-Force 2010 Trend and Risk Report, identifying more targeted phishing, spam and mobile attacks. The report also finds cloud security continuing to evolve. "From Stuxnet to Zeus Botnets to mobile exploits, a widening variety of attack methodologies is popping up each day," says Tom Cross, threat intelligence manager, IBM X-Force. "The numerous, high profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals, who may be well-funded and operating with knowledge of security vulnerabilities that no one else has. Staying ahead of these growing threats and designing software and services that are secure from the start has never been more critical." more
Register.com has not taken a position for or against WLS. If and when the registry launches this service, Register.com will consider whether to offer it based on the price and conditions attached to the service. We are committed to delivering to our customers the best in class services available. Therefore, the registry's price will be an important factor. Moreover, we are concerned about some of the conditions currently being considered by ICANN - primarily, the "black out period." This is a period of time prior to the final deletion of a name, during which a registrar would be prohibited from selling a WLS subscription on a domain name that it sponsors. We consider this a condition that could confuse consumers and dampen domain name competition. more
This week, the Internet Engineering Task Force (IETF) published a number of what they call "RFCs," which originally meant "Requests for Comment" - the standards documents which specify the technical underpinnings of the Internet. Two of these, numbered 5321> and 5322, replace earlier documents defining the very core of internet email. On the surface, each of these seem surprisingly simple... Yet without general industry-wide acceptance of (and compliance with) these standards, internet email simply would not exist. more
After attending the afternoon ICANN Security & Stability Committee meeting, I realized that the issues involved fall into several related but independent dimensions. Shy person that I am *Cough*, I have opinions in all, but I think it's worthwhile simply to be able to explain the Big Picture to media and other folks that aren't immersed in our field. In these notes, I'm trying to maintain neutrality about the issues. I do have strong opinions about most, but I'll post those separately, often dealing with one issue at a time. more
Are file inclusion vulnerabilitiess equivalent to remote code execution? Are servers (both Linux and Windows) now the lower hanging fruit rather than desktop systems? In the February edition of the Virus Bulletin magazine, we (Kfir Damari, Noam Rathaus and Gadi Evron (me) of Beyond Security) wrote an article on cross platform web server malware and their massive use as botnets, spam bots and generally as attack platforms. Web security papers deal mostly with secure coding and application security. In this paper we describe how these are taken to the next level with live attacks and operational problems service providers deal with daily. more
One of the hottest topics in the email biz these days (insofar as any topic is hot) is how we will deal with mail on IPv6 networks. On existing IPv4 networks, one of the most effective anti-spam techniques is DNSBLs, blackists (or blocklists) that list IP addresses that send only or mostly spam, or whose owners have stated that they shouldn't be sending mail at all. DNSBLs are among the cheapest of anti-spam techniques since they can be applied to incoming mail connections without having to receive or filter spam. more
Neil Schwartzman writes to report: "The company announced the Yahoo! Mail Anti-Phishing Platform (YMAP) yesterday. The technology is predicated upon the use of both DKIM and Sender Policy Framework (SPF) to identify authentic messages. As part of the initiative, Yahoo! has partnered with email authenticators Authentication Metrics, eCert, Return Path, and Truedomain to provide broad-band coverage of well-known brands." more
The governor of Colorado recently signed a new anti-spam law [PDF] into effect. Since CAN SPAM draws a tight line around what states can do, this law is mostly interesting for the way that it pushes as firmly against that line as it can. Other observers have already done a legal analysis of the way it's worded to avoid being tossed out as the Oklahoma law was in Mummagraphics, and to make it as easy as possible for suits to meet the falsity or deception limits in CAN SPAM. To me the most interesting part of this law is its one-way fee recovery language... more
This is the final part of a three-part series interview by Geert Lovink with Jeanette Hofmann, policy expert from Germany, where she talks about her experiences as a member of the ICANN's Nominating Committee and her current involvement as a civil society member of the German delegation for the World Summit of the Information Society (WSIS). "You have been visiting WSIS as a member of the German delegation. Could you share some of your personal impressions with us? Did you primarily look at WSIS as an ICT circus for governmental officials and development experts or was there something, no matter how futile, at stake there?..." more
CAUCE Executive Director Neil Schwartzman won the prestigious Mary Litynski award on June 08, 2011 for his contributions to Internet anti-abuse efforts, including the passage of Canada's Anti-Spam Law. more
IBM published a video where it predicts what the world will look like in 2016 (see bottom of this post for the link). It includes the following five predictions. I want to start with the last one -- that junk mail (i.e., spam) will disappear. You'll need to watch the video to get the nuances of the prediction, but IBM says that in five years, Junk Mail will become a thing of the past. more