Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Last week I wrote a note the ICANN WHOIS privacy battle, and why nothing's likely to change any time soon. Like many of my articles, it is mirrored at CircleID, where some of the commenters missed the point. One person noted that info about car registrations, to which I roughly likened WHOIS, are usually available only to law enforcement, and that corporations can often be registered in the name of a proxy, so why can't WHOIS do the same thing? more
"The Internet's impact on cities grows daily as it electronically enables the meeting, movement, and exchange of people, ideas, products, and cultures at a range and frequency never before possible, creating what Marshall McLuhan called the 'global village'." So begins a paper in which Dr. Michael Gurstein and I present a short review of the history of TLDs and the negative effects their omission from the Internet's naming schema is having on cities. We then identify 12 areas where city-TLDs will benefit Global Cities if planned and developed in the public interest. more
The Seventh Circuit has issued its opinion in the continuing saga of E360 Insight vs. the Spamhaus Project. While it is not a complete victory for Spamhaus, they did about as well as anyone could have hoped for under the circumstances. E360 won on the procedural issue, while Spamhaus won on the substance. The procedural issue was whether the default judgement against Spamhaus was properly granted last September. The court session was so odd that the appeals decision quotes several pages of the transcript. more
EURid, the entity charged with managing the .eu namespace, is reported to have taken action against an alleged cybersquatter based in China, Zheng Qingying... The last suspension "en masse" was directed against Ovidio when over 74 thousand domains were suspended. This time round the number is much lower -- a paltry ten thousand! In this instance there seems to have been a pattern of cybersquatting, with over a dozen ADR proceedings against the registrant in question. more
The report of the Whois Working Group was published today. The Working Group could not achieve agreement on how to reconcile privacy and data protection rights with the interests of intellectual property holders and law enforcement agencies. So the Working Group Chair redefined the meaning of "agreement." See the full story at the Internet Governance Project site. more
Depending on whom you ask, peer-to-peer (P2P) services may be the best thing that ever happened to the Internet or a diabolical arbitrage scheme which will ruin all ISPs and bring an end to the Internet as we think we know it. Some famous P2P services include ICQ, Skype, Napster, and BitTorrent. Currently a new P2P service called iPlayer from BBC is causing some consternation and eliciting some threatening growls from British ISPs... more
Sender Policy Framework (SPF) stops novice spammers but not the professionals, says Spammer-X, a retired spammer who has gone into a lot of the details in his book, "Inside the Spam Cartel". The best way to beat SPF is to join it... First, Joe Spammer rents a dedicated spam host in a spammer-friendly location, like China. Next, he registers 100 domain names, and each domain is registered under a fake name and address. Next, DNS entries for each of the hosts are set up, including a valid pointer record (PTR), an MX record and reverse DNS entries for each domain... more
In one of the first (if not the first) UDRP cases for .cat, the auto giant BMW appears to have filed a WIPO case over the BMW.cat domain name. Other prospective new TLD operators have tried to suggest in ICANN meetings that these new TLDs do not cause problems with cybersquatting or defensive registrations... Obviously, given the above WIPO case, that statement is false. more
ICANN has announced that it is seeking input and feedback on the topic of domain tasting. (See their announcement for full details) Interestingly enough Michael Gilmour published an article a couple of days ago covering the same topic - "Why domain tasting is great!", which will probably raise a few hackles! One point that in particular caught my eye... more
I was talking to my good friend Verner Entwhistle the other day when he suddenly turned to me and said "I don't think we need DNSSEC". Sharp intake of breath. Transpired after a long and involved discussion his case boiled down to four points: 1. SSL provides known and trusted security, DNSSEC is superfluous, 2. DNSSEC is complex and potentially prone to errors, 3. DNSSEC makes DoS attacks worse, 4. DNSSEC does not solve the last mile problem. Let's take them one at a time... more
"First they ignore you, then they laugh at you, then they fight you, then you win!" quote by Gandhi pretty much summarizes the evolution of the domain name monetization and development business. I have watched this business come of age for more than half a decade... In the beginning nobody cared... then when people started talking about how great it was, 'smart people' and the "legitimate web" laughed. Then the trucks with money showed up... A significant double-digit percentage of global Internet traffic is now owned by domain holders with generic names. So the fight is on. more
According to the majority of the testimony at this month's "Spam Summit," held by the U.S. Federal Trade Commission (FTC), the state of the fight against spam is pretty much the same as it has been for the last several years. The two days of presentations can largely be boiled down to the following bullets: Spam volumes continue to increase, being driven by the growth of "botnets"... Oh, and the spam wars are a lot less exciting than they used to be. Case in point: unlike last time, there were no fist-fights at this year's shindig. more
DNS rebinding attacks are real and can be carried out in the real world. They can penetrate through browsers, Java, Flash, Adobe and can have serious implications for Web 2.0-type applications that pack more code and action onto the client. Such an attack can convert browsers into open network proxies and get around firewalls to access internal documents and services. It requires less than $100 to temporarily hijack 100,000 IP addresses for sending spam and defrauding pay-per-click advertisers. Everyone is at risk and relying on network firewalls is simply not enough. In a paper released by Stanford Security Lab, "Protecting Browsers from DNS Rebinding Attacks," authors Collin Jackson, Adam Barth, Andrew Bortz, Weidong Shao, and Dan Boneh provide ample detail about the nature of this attack as well as strong defenses that can be put in place in order to help protect modern browsers. more
Neustar is facing a potential loss of the Dot-US franchise as competitors bid against them. Why might this be of interest to .com registrants? ...The issue of antitrust with regards to the .com agreement has never really been properly settled, as a well-funded complainant hasn't brought forward a case to full fruition in the courts. ICANN sold out the public by agreeing to a settlement that would see its own coffers swell, at the expense of registrants, so they do not count. more
Last month's column looked at the exhaustion of the IPv4 unallocated address pool and the state of preparedness in the Internet to grapple with this issue... There has been a considerable volume of discussion in various IPv6 and address policy forums across the world about how we should respond to this situation in terms of development of address distribution policies. Is it possible to devise address management policies that might both lessen some of the more harmful potential impacts of this forthcoming hiatus in IPv4 address supply, and also provide some impetus to industry to move in the originally intended direction to transition into an IPv6 network? more
A World-Renowned Source for Internet Developments. Serving Since 2002.