Featured Blogs

Latest

Blissful Ignorance: Placement Prostituting the Press

Andrew McLaughlin, in his excellent dismemberment of the BBC's report on the "IPv4 address crisis", is observing not a random piece of sloppy research, but the success of settled policy. That policy, pursued by public relations companies serving information technology and telecommunications (IT&T) companies, is simple to sum up: "identify, support and encourage technically ignorant journalism". It centres around the most valuable word in the lexicon of the public relations firm: "placement"...A key characteristic of the "placement" story is its conformance to a template...With one search, I found a CNET story published in July with quite startling parallels to the BBC story... more

Court Denies Preliminary Restriction of WLS

In a strongly worded ruling, a U.S. Federal Court Judge has ruled in ICANN's favor and denied plaintiffs' motion for preliminary injunction. Dotster and two other ICANN accredited registrars had asked the court for an order prohibiting ICANN from finalizing approval of VeriSign's proposed new "Wait Listing Service" (WLS). Plaintiffs alleged that WLS is "anti-competitive" and that ICANN breached its obligations under the registrar accreditation agreement (RAA) when ICANN gave preliminary approval to WLS last year. The court disagreed, ruling [PDF] as follows: more

VeriSign's New Security Seal Too Trusting?

On November 4, 2003, VeriSign announced a new "trust enhancing" seal which they built using Macromedia's Flash technology...While there are problems inherent to VeriSign's approach that call into question their understanding of "The Value of Trust," there are ways they could have made this particular implementation less trivially spoofable. The flaws I demonstrate on this page are flaws in the concept and the execution rather than anything inherently flawed in Flash. Overall this kind of graphical "trustmark" is extremely easy to forge just by recreating the artwork. But in this case, you don't even have to do that. The seal can still be called directly off the VeriSign servers, yet it is easily modified, without recreating artwork, and without doing anything untoward with VeriSign's servers! more

Blacklisting Under Wrong Assumptions

If you analyze the relay of spam- and malware-containing email circulating on the Internet purely through your mail server logs (running the Unix command "tail"), a large proportion seem to come from Asia Pacific hosts, especially those from mainland China. Therefore, many less-experienced systems administrators have simply blocked the access from subnets of Chinese or Asian origin, effectively destroying the fabric of the Internet -- messaging. If administrators took pains to analyze these supposedly Asian spam messages by analyzing the full Internet headers, they would have realized that the Asian servers were merely used by the real spammers as open relays, or perhaps as zombie hosts previously infected with the mass mailing worms through the exploitation of operating system vulnerabilities.  more

The Future of Email

While people may debate the death of email, there is no question that many email servers are already overloaded with spam. Current spam solutions are beginning to address the problem, but so far they all suffer from the arms race issue - as fast as we come up with new ways to fight spam, spammers are finding new ways to deliver it to us. While the functionality of email will certainly continue, the current system must change. When the change comes, it will deliver the future of email to Microsoft. more

Bad Journalism, IPv6, and the BBC

Here's a good way to frighten yourself: Learn about something, and then read what the press writes about it. It's astonishing how often flatly untrue things get reported as facts. I first observed this back in 1997 when I was a Democratic lawyer in the U.S. House of Representatives working on the (rather ridiculous) campaign finance investigation. (The investigating committee's conspiracy-minded chairman was famous for shotgunning pumpkins in his backyard in order to figure out exactly how Hillary snuffed Vince Foster)...More recently, I've seen the same discouraging phenomenon in reporting on technology and, in particular, the Internet. more

An Unsanctioned Whois Database

Mark Jeftovic of easyDNS Technologies Inc. has posted an item on ICANN's "GNSO" registrars' mailing list titled "unsanctioned Whois concepts". In that item he suggests that the control and actual publication of contact information about a domain be put into the zone file itself, a file maintained by the registrant (purchasor) of the domain name. more

The Cyber-Sociology of Domain Names

Erica Wass is the editor and contributing author of the recently published book, "Addressing the World: National Identity and Internet Country Code Domains", (Rowman & Littlefield, October 2003). This book is an edited collection of original essays by domain name administrators, academics, journalists and lawyers that examine the connections between various cultures and the use and regulation of their country code domain names. CircleID recently caught up with Erica Wass to gain a better insight into the work behind this book. What follows is the first article of a three-part series where Erica shares her insight and discoveries that lead her to a sophisticated global perspective on "Addressing the world". She begins by examining cyber-sociology of ccTLDs -- the underlying theme of the book. more

Lobbying for Whois Privacy

Today a letter was submitted to the President of ICANN, Paul Twomey, at the ICANN Carthage meeting, "asking him to ensure that strong privacy safeguards, based on internationally accepted standards, are established for the WHOIS database." Latest reports indicated that the draft letter had been signed by about 50 nonprofit groups and represented 21 countries on six continents. "Signers of the letter included the American Library Association, the U.S. Association for Computing Machinery, the Australian Council for Civil Liberties, Electronic Frontier Finland, Privacy Ukraine, and the United Kingdom's Foundation for Information Policy Research." more

Registration And Use Of Domain Name Infringing Another's Trademark Ruled "Advertising Injury" Covere

The registration and use of an Internet domain name that allegedly infringes another's trademark is an "advertising injury" within the meaning of an insurance policy, and thus requires the accused company's insurer to provide coverage, according to a recent ruling by the U.S. Court of Appeals for the Fourth Circuit. In the same ruling, the Fourth Circuit also held that the domain name, because it led customers to advertisements at the related website, constituted use of the trademark "in the course of advertising." State Auto Property and Cas. Ins. Co. v. Travelers Indemn. Co. of Am. more

.Pro Asking for Second-Level Domains (Again)

In a Message from RegistryPro Advisory Board to Tina Dam on 24 October 2003, it is noted that .Pro is, again, asking ICANN to allow for the registration of 2nd level domains. I am, again, of mixed opinion on this. On the one hand, a registry should be able to do what it wants, within reason. This clearly falls into that category. On the other hand, .Pro has been denied once already on the grounds that registering 2nd level domains is not the proposal upon which they were approved in the "testbed" procedure of November 2000. more

NAT: Just Say No

Fueled by the lack of public IP addresses, 70% of Fortune 1000 companies have been forced to deploy NATs (Source: Center for Next Generation Internet). NATs are also found in hundreds of thousands of small business and home networks where several hosts must share a single IP address. It has been so successful in slowing the depletion of IPv4 addresses that many have questioned the need for IPv6 in the near future. However, such conclusions ignore the fact that a strategy based on avoiding a crisis can never provide the long-term benefits that solving the underlying problems that precipitated the crisis offers. more

The Internet Infrastructure: Stability vs. Innovation

Stratton Sclavos of VeriSign distills the essence of the SiteFinder controversy in his CNet interview...There is a subtle but essential misunderstanding here. Innovation can and should happen in Internet infrastructure, but there are a handful of core elements that must remain open and radically simple if the Internet is to remain, well, the Internet. These include TCP/IP, SMTP, HTTP, BIND, BGP, and the DNS (especially the .com registry). Any change in these protocols should be very carefully vetted through a consensus-based process. more

Why Do We Care About Names and Numbers?

An article based on the most recent study for the European Commission on the Policy Implications of Convergence in the Field of Naming, Numbering and Addressing written by Joe McNamee and Tiina Satuli of Political Intelligence.

"With relation to the Internet and also IP addresses, the "scarcity" is more complicated: there are not only intellectual property issues with regards to domain names, but there is also an issue of managing the integrity of the system. For any naming or numbering system to work, it is essential that the names and addresses used cannot be confused with any other -- in other words, no one system can have two end-points with the same fully qualified number or name..." more

DNS Gets A Formal Coordination System

CircleID recently interview Paul Vixie, Founder & Chairman of Internet Software Consortium (ISC), to discuss ISC's newly formed Operations, Analysis, and Research Center (OARC). OARC is launched in response to DDoS attacks at the Internet's core infrastructure and the vital requirement for a formal coordination system. OARC is also a part of US homeland security initiatives, such as the formation of Information Sharing and Analysis Centers (ISACs).

"Registries and registrars, ccTLD operators, large corporate NOCs, ISPs and ecommerce companies that host many domain names are all likely candidates. This is also a natural for law enforcement groups that are worried about attacks on the Internet." more

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days

Most Viewed – Last 30 Days

Topics

Cybersecurity

Sponsored byVerisign

Domain Names

Sponsored byVerisign

DNS Security

Sponsored byAfilias

New TLDs

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC