Featured Blogs

Latest

FCC's Comcast Ruling Inconsistent and Incoherent

After voting on the Comcast order today, Kevin Martin and his Democratic Party colleagues issued press releases telling us how they saved the Internet from Comcast's discriminatory practices, but they've failed to release the actual order they adopted and subsequently re-wrote. Commissioner McDowell wasn't allowed to see the revised order until 7:00 PM the night before the meeting. Rumor has it that high-level spin doctors are still trying to remove all the rough edges, inconsistencies, and factual errors. more»

Comcast and the Internet

Today the FCC is condemning Comcast's practices with respect to P2P transmissions.I'm happy for FreePress and Public Knowledge today, and I know they have achieved a substantial change in the wind. The basic idea that it's not okay for network access providers to discriminate unreasonably against particular applications is now part of the mainstream communications discourse. That has to be good news. I'm concerned on a couple of fronts. The FCC has taken the view that it can adjudicate, on a case-by-case basis, issues that have to do with "Federal Internet Policy." They used that phrase several times... more»

Another Wrong-Headed WSJ Editorial

Those wacky editorial writers at the Wall Street Journal just cannot seem to get the facts straight about network neutrality and what the FCC has done or can do on this matter. In the July 30, 2008 edition (Review and Outlook A14), the Journal vilifies FCC Chairman Kevin Martin for starting along the slippery slope of regulating Internet content. The Journal writers just seem to love hyperbole, and are not beyond ignoring the facts when they do not support a party line. Here are a few examples from the editorial... more»

Is Anti-Virus Dead?

Each SANSFIRE, the Handlers who can make it to DC get together for a panel discussion on the state of information security. Besides discussion of the hot DNS issue, between most of us there is a large consensus into some of the biggest problems that we face. Two come to mind, the fact that "users will click anything" and that "anti-virus is no longer sufficient". These are actually both related in my mind... more»

Customer Owned Fiber in Ottawa

Arstechnica had a nice article yesterday by Timothy Lee entitled 'The really long tail' following up on Derek Slater's article last week on the Google Public Policy Blog entitled 'What if you could own your Internet connection?' Both articles are about a pilot project in Ottawa.The "tail" in Timothy's article is the "last mile" (or as I prefer, "first mile") fiber connection from individual homes to a network peering point or other aggregation point where individuals can then choose from among multiple competing ISPs. The importance is, as Timothy Lee puts it... more»

Why We'll Never Replace SMTP

An acquaintance asked whether there's been any progress in the oft-rumored project to come up with a more secure replacement for SMTP. Answer: No. Truly, spam isn't a technical problem, it's a social one. If we could figure out some way to make mail recipient networks and hosts willing to shun known bad actors, even at the cost of losing some real mail for a while until the bad actors cave, it would make vastly more difference than any possible technical changes. more»

Deep Packet Inspection: When the Man-In-The-Middle Wants Money

Say you're walking down the sidewalk having a talk with your best friend about all kinds of things. What if you found out later that the sidewalk you were using wasn't really a sidewalk -- but instead a kind of false-front giant copying machine, unobstrusively vacuuming up what you were saying and adding to its database of information about you? Or, say you send a letter to a client of yours (to the extent you still do this), and it turns out later that your letter was intercepted, steamed open, and the contents were read... more»

Click Fraud, Botnets and Parked Domains - All Inclusive

It gets very ugly when someone owns both, the botnet, and the portfolio of parked domains actively participating in pay per click (PPC) advertising programs, where the junk content, or the typosquatted domain names are aiming to attract high value and expensive keywords in order for the scammer to earn higher on per click percentage. This is among the very latest tactics applied by those engaged in click fraud activites. more»

IPv6… Unstoppable Road to Hyperconnectivity: Blame It On Opiates!

Some think IPv6 with its myriad addresses will accelerate the evolution of a hyperconnected world. But could a world where everything and everybody is sensed, monitored, located, to augment our quasi real-time interaction with the world outside our little selves, lead to total dependency, if not to gradual stupidity of the human race? Not surprisingly, a favourite topic for (late night) Internet Conference bar discussions... more»

Counting the Bullets on the (Malware) Front

How much malware is your antivirus solution detecting? A million, ten million, even "worse", less than a million? Does it really matter? No, it doesn't. What's marketable can also be irrelevant if you are to consider that today's malware is no longer coded, but generated efficiently and obfuscated on the fly. Sophos's recent statistics: "It is estimated that the total number of unique malware samples in existence now exceeds 11 million, with Sophos currently receiving approximately 20,000 new samples of suspicious software every single day -- one every four seconds." more»

Is This Only Sloppy Wording by ICANN?

So I wrote earlier that I though it was good stuff when ICANN released a paper on DNS Security. Yes, I think it was good this paper was released, and yes it points out correctly how important DNSSEC is. But, now when reading it in detail, I find two things that troubles me. And it has to do with management of .ARPA. A top level domain that is used for infrastructural purposes. Like IP-addresses and E.164 numbers... more»

Vint Cerf Caught Off Guard, Nevertheless Says What Needs to Be Said About Our Misguided Policy

This morning's mail brought news of a 3 minute 45 second video clip of very candid and very outstanding remarks from Vint Cerf. Vint says very clearly what needs to be said and what needs to be grasped and acted on by the new president and congress next year... My observation is that in my opinion it is not the lighting that is unusual but rather the camera angle. It looks like interviewer is seated with his camera pointed up. The camera is looking at Vint's chin. Consequently I sent Vint an email: "you knew you were being recorded - surely? I hope: in any case the good deed is done... thank you sir." Vint replied with permission to quote... more»

ICANN Releases Paper on Domain Name Security

Today ICANN releases a paper with the title "DNSSEC @ ICANN - Signing the root zone: A way forward toward operational readiness". The paper explains in more detail than earlier documents what ICANN view on signing of the root zone is. I think the key points mentioned in this paper are true, and in general, I think this document is a good read. It is not long, and summarizes what I would call the current view is. more»

Email Hacking Going Commercial

This email hacking as a service offering is the direct result of the public release of a do it yourself hacking kit consisting of each and every publicly known vulnerability for a variety of web based email service providers, with the idea to make it easier for someone to execute their attacks more efficiently. Outsource the hacking of someone's email, and receive a proof in the form of a screenshot of the inbox, next to a guarantee that you'll be able to get back in even after they've changed their passwords? Too good to be true, but since they only charge after they provide you with a proof that they did the job, they could be in fact attempting to hack these emails, compared to the majority of cases where scammers scam the scammers. more»

Shouting 'Bug' on a Crowded Internet…

In the last few weeks we've seen two very different approaches to the full disclosure of security flaws in large-scale computer systems. Problems in the domain name system have been kept quiet long enough for vendors to find and fix their software, while details of how to hack Transport for London's Oyster card will soon be available to anyone with a laptop computer and a desire to break the law. These two cases highlight a major problem facing the computing industry, one that goes back many years and is still far from being unresolved. Given that there are inevitably bugs, flaws and unexpected interactions in complex systems, how much information about them should be made public by researchers when the details could be helpful to criminals or malicious hackers? more»

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days

Most Viewed – Last 30 Days

Sponsored Topics