Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
EFF and several other civil society organizations have declared a 'Stop Cyber Spying Week' in protest of several controversial U.S. cybersecurity legislative proposals, including the bill currently before Congress and the Senate called CISPA... more
DNSSEC continues to gain momentum as network operators and domain owners watch and learn from early adopters. The learning process is made easier by efforts such as the ongoing work conducted by researchers at Sandia labs to methodically identify and categorize the kinds of problems that are occurring. more
Although ICANN is now getting a lot of ridicule for the "glitch" in its TLD application System, it deserves some praise and respect for the results of its April 10 board meeting. In that meeting, the board showed the involved community - and the rest of the world - that it is no longer going to be stampeded by extra-procedural political pressure to make yet another round of hasty amendments to its new TLD program's policies and procedures. more
There were long faces all over the new gTLD ecosystem yesterday -- applicants, consultants and technical operators alike -- when ICANN took their Application System (TAS) offline and announced that it would not be brought back up for 5 days. As a result, the long-anticipated close of the first new gTLD application window was pushed back from April 12 to April 20, 23:59 UTC. You could almost hear the groans of dismay spreading over social cyberspace! more
When a sniper ends the life of soldier Paul Bäumer in Remarque's "All Quiet on the Western Front," a laconic situation report from the frontlines recounts an unusually quiet day. In the grand scheme of things, nothing worth reporting has happened. Reading David Kravets' recent article in Wired brought this upsetting ending to mind. U.S. authorities taking down individual domains based on copyright infringement charges is the online equivalent of Remarque's allied snipers: picking off the occasional domain - for better or worse - has little effect on the overall situation. more
In case you haven't been watching cyber news recently, last week various security researchers published that Macs were infected by the Flashback Trojan and that the total number of infections worldwide was 600,000. This number was published by a couple of blogs. I debated writing about this topic since we had a previous Mac outbreak last year that initially spiked up, caused Apple to go into denial about the affair before issuing a fix, and then the malware kind of went away. Will this follow the same pattern? more
Today is April 12 2012. It's also meant to be the day that the new TLD application window closes. Now it's not. ICANN has spectacularly failed to manage the new TLD process and will miss its own deadline by over a week... In a rather badly worded announcement ICANN states that it's extending the deadline for online applications (the only way to apply) until April 20th at 23:59 UTC. more
Like the scene of a movie in which a biblical character holds back the mighty sea and is about to release the tide against his foes, BYOD has become a force of nature poised to flood those charged with keeping corporate systems secure. Despite years of practice hardening systems and enforcing policies that restrict what can and can't be done within the corporate network, businesses are under increasing (if not insurmountable) pressure to allow a diversifying number of personal devices to connect to their networks and be used for business operations. more
Most of the good thrillers I tend to watch have spies and assassins in them for some diabolical reason. In those movies you'll often find their target, the Archduke of Villainess, holed up in some remote local and the spy has to fake an identity in order to penetrate the layers of defense. Almost without exception the spy enters the country using a fake passport; relying upon a passport from any country other than their own... So, with that bit of non-fiction in mind, why do so many people automatically assume that cyber-attacks sourced from IP addresses within China are targeted, state-sponsored, attacks? more
Does the "technical issue" announced today in ICANN's TLD Application System (TAS) and the subsequent extension of the submission deadline call into question the stability and integrity of the new gTLD program? This development underscores the notion that ICANN could consider a more metered and staged approach to the introduction of gTLDs... more
While a great deal of attention has recently been paid to the enormous amount of change that is taking place at the edge of the network with smartphones, tablets, apps, Web2.0 etc, massive changes are also underway on the network side. The current network has been designed over a period of thirty years and it is due for a serious overhaul to keep abreast of changes in the industry in general. more
This morning, Global Payments held a conference call with investors and analysts covering their earlier breach announcement and projected earnings. Global Payments had also released an update advisory yesterday stating that "the company believes that the affected portion of its processing system is confined to North America and less than 1,500,000 card numbers have been exported" and that only Track 2 card data may have been stolen. more
In our continuing review of Rogue Registrars we have stumbled upon on a very elaborate fake banking site for "Swiss Bank" or "Bank of Switzerland". To the casual Internet consumer this site probably appears legitimate, but a number of clues tip off the fraud. Phishing sites are everywhere so this does not immediately raise eyebrows until you review the Thick WHOIS record for the domain. more
One fine night in November 2011 I got an opportunity to get my hands dirty, working on a project for the United States Federal Bureau of Investigation (FBI). They were planning to seize a bunch of computing assets in New York City that were being used as part of a criminal empire that we called "DNS Changer" since that was the name of the software this gang used to infect a half million or so computers. more
I opined about a year ago that DNS blacklists wouldn't work for mail that runs over IPv6 rather than IPv4. The reason is that IPv6 has such a huge range of addresses that spammers can easily send every message from a unique IP address, which means that recipient systems will fire off a unique set of DNSBL queries for every message... Now I'm much less sure this will be a problem... more
A World-Renowned Source for Internet Developments. Serving Since 2002.