This article is the first in an occasional series on DKIM/ADSP edge cases that may not be generally recognized or understood. Many people advocate DKIM/ADSP adoption without fully recognizing potential implementation and operational issues. The fact is that the email messaging environment is fraught with opportunities for poor outcomes because of common practices that need to be considered or poorly understood implementations that are not considered... more
ENUM (E.164 NUmber Mapping) is a technology that has been around for a little while that has promised much and, so far, delivered little to the average user. As Nominet has recently been awarded the contract to administer the UK 4.4.e164.arpa delegation, I thought it was time that I put my thoughts on this subject down in writing. I'm going to cover the potential of ENUM in the telecoms industry and what it could mean to you, along with how it is currently being used and what potential security issues surround ENUM. more
Once you've determined that you can trust the signer of a message, as we discussed in part 3, it's easy to extrapolate that various portions of the message are equally trustworthy. For example, when there's a valid DKIM signature, we might assume that the From: header isn't spoofed. But in reality, DKIM only tells us two basic things... more
In this multipart series I will be presenting some of the leading industry-standard best practices for enterprise network security using Cisco technologies... In Part 3 of this series I began to discuss Cisco technologies as a standard for enterprise data security. In this article we take a look at how Cisco firewall and packet filtering technologies can be used at the network perimeter to enhance enterprise security. more
Earlier this month, I had the opportunity to attend the The Emerging Communications (eComm) 2009 conference in San Francisco which was packed with 3 days of fascinating conversations about the future of communications. I absolutely enjoyed talking to various speakers and attendees giving me a deep level of appreciation and perspective on technical, commercial and political issues at hand -- and what is likely to come in the next few years. And speaking of politics, Lee Dryburgh, who founded eComm in early 2008, has generously allowed us to share with you a fascinating panel discussion which took place on day 3 of the conference called "Spectrum 2.0 - What's really happening?" more
The IANA -- Internet Assigned Numbers Authority -- is, functionally, the boiler room of the Internet. Every protocol in use to shovel data from Tallahassee to Timbuktu? Listed there. IP addresses? They are the root from which all addresses flow. Domain names? They are the Source. The entire operation is chock-full of magic numbers, numbers that form and fuel the digital world we use daily. But there are other, lesser-known numbers... It is of PENs that I write today... more
The Conficker worm will be active again on April 1st, according to an analysis of its most recent variant, Conficker.C, by the net security firm CA. This malicious piece of software, also known as Downup, Downadup and Kido, spreads among computers running most variants of the Windows operating system and turns them into nodes on a multi-million member ‘botnet’ of zombie computers that can be controlled remotely by the worm’s as yet unidentified authors. more
If there's one thing that scares the bejabbers out of me, it's when organized religion -- either directly or via proxies -- attempts to nose its way into technology policy issues. It appears that such a scenario is unfolding currently, with a concerted new effort to fundamentally remake the Internet in a manner befitting the sensibilities of top-down religious hierarchies. An Internet Pope? The Spanish Inquisition? Not exactly -- that's the incorrect religion for this particular case. more
The World Intellectual Property Organization (WIPO) asserted on Monday that new gTLDs from ICANN would unleash a global crime wave. This dire warning was bolstered by an astonishing statistic: a whopping eight per cent (8%) increase in UDRP complaints from 2007 to 2008! But WIPO's press release tells only a very little of the truth. Astonishingly, the UDRP system actually works pretty well... more
The DNSSEC Industry Coalition conducted its first face to face meeting on Friday, March 13, 2009 at Google's Washington, DC office. Google's fun filled meeting room was packed with organizations that share a keen interest in DNS Security through the implementation of DNSSEC. more
The World Intellectual Property Organization put out a release yesterday trumpeting an eight percent increase in domain name disputes handled by WIPO. In 2008 there were 2329 complaints filed with WIPO, the most ever. WIPO uses the increase to raise questions about the possible increase in the number of available generic top-level domains... more
It's coming up on two years since the DomainKeys Identified Mail (DKIM) standard was published. While we're seeing a certain amount of signed mail from Google, Paypal, and ESPs, there's still a long way to go. How hard is it to sign your mail with DKIM? The major hurdle might seem to be getting mail software that can sign outgoing mail. more
Last year, MAAWG published a white paper titled Trust in Email Begins with Authentication [PDF], which explains that authentication (DKIM) is “[a] safe means of identifying a participant-such as an author or an operator of an email service” while reputation is a “means of assessing their trustworthiness.”
more
It has been beaten, butted, and batted around quite a bit in the past few weeks -- let's look at a rough timeline of political issues which bring me to this point. Let's look at the power struggle (I prefer to call it confusion) in the U.S. Government with regards to "Cyber Security" -- in a nutshell. In the latter part of 2008, the U.S. House of Representatives Homeland Security Committee determined that DHS was not capable of providing proper critical infrastructure protection (and other Cyber protection capabilities) due to a number of issues. This may well be a political maneuver, or it may well actually have merit. more
When I was employed, I ran my own mail server and my own BlackBerry Enterprise Server, and I had things tuned pretty much exactly as I wanted them. My incoming mail got some custom processing that looked the sender's address up in my address book and assigned the message a category... I was a very happy email user. Now that I'm on my own, I've decided not to run my own server and all that software, and I've switched to Gmail and the T-Mobile BlackBerry server... Surprisingly, though, I'm mostly still happy... more
Sponsored byDNIB.com
Sponsored byVerisign
Sponsored byIPv4.Global
Sponsored byCSC
Sponsored byVerisign
Sponsored byRadix
Sponsored byWhoisXML API
A World-Renowned Source for Internet Developments. Serving Since 2002.