Featured Blogs

Most Viewed  –  Last 30 Day  |  Last 12 Months  |  All Time

The Hack Back Bill in Congress is Better Than You'd Expect

Rep's Graves and Sinema recently introduced H.R. 4036, the catchily named Active Cyber Defense Certainty Act or ACDC act which creates some exceptions to criminal parts of computer crime laws. Lots of reports have decried "hack back" but if you read the bill, it's surprisingly well targeted. The first change is to what they call Attributional Technology, and says it's OK to put bait on your computer for an intruder intended to identify the intruder. more

Sorry, Not Sorry: WHOIS Data Must Remain Public

In March, I posted a call to action to those of us in the community who have the inclination to fight against a movement to redact information critical to anti-abuse research. Today, I felt compelled to react to some of the discussions on the ICANN discussion list dedicated to the issue of WHOIS reform: Sorry, not sorry: I work every working hour of the day to protect literally hundreds of millions of users from privacy violating spam, phish, malware, and support scams. more

Slovaks Worry About the Future of Their Country's .SK TLD

Almost every country code Top-Level Domain (ccTLD) has had some kind of rough and clumsy start at its sunrise. Internet was young, everything was new, and whoever took the national TLD first, got power over it. The situation eventually sorted out, and now most ccTLDs are drama free, well-operated for the benefit of people and the Internet communities in those countries. Unfortunately, not in Slovakia. more

Preliminary Thoughts on the Equifax Hack

As you've undoubtedly heard, the Equifax credit reporting agency was hit by a major attack, exposing the personal data of 143 million Americans and many more people in other countries. There's been a lot of discussion of liability; as of a few days ago, at least 25 lawsuits had been filed, with the state of Massachusetts preparing its own suit. It's certainly too soon to draw any firm conclusions... but there are a number of interesting things we can glean from Equifax's latest statement. more

Equifax Breach: 9 Fraud Prevention Steps Everyone Should Take

The U.S. Internet Revenue Service now says that criminals already had most of the information that credit bureau Equifax lost in a breach that revealed personal information about nearly 150 million people. The incident at Equifax and the IRS' mid-October admission of how much-stolen data was already in criminal hands may force changes in how the world handles personal information. more

The Darkening Web: Is there Light at the end of the Tunnel?

In his book "The Darkening Web: The War for Cyberspace" (Penguin Books, New York 2017), Alexander Klimburg, an Austrian-American academic, gives "Internet Dreamers" a "Wake Up Call". He tells us the background-story why people start to be "anxious about the future of the Internet", as the recent ISOC Global Internet Report "Paths to Our Digital Future" has recognized. Klimburg refers to Alphabets CEO Erich Schmidt, who once said that "the Internet is the first thing that humanity has built that humanity does not understand". more

Legal Controls on Extreme End-to-End Encryption (ee2ee)

One of the most profoundly disruptive developments occurring in the cyber security arena today is the headlong rush by a set of parties to ubiquitously implement extreme End-to-End (e2e) encryption for communication networks using essentially unbreakable encryption technology. A notable example is a new version of Transport Layer Security (TLS) known as version 1.3. The activity ensues largely in a single venue... more

The IoT Needs a Paradigm Shift from Security to Safety of Connected Devices

Building IoT ventures from scratch by prototyping hardware devices and their backend systems as well as working for a large company that tries to sell IoT devices itself, we learned a lot about the pitfalls and problems concerning security in the IoT. Nearly every connected device out there proved to be vulnerable to attacks. Researchers showed that it's possible to remotely take control over autonomous vehicles, implanted medical devices were manipulated, voting machines compromised and of course all sorts of other "smart" devices... more

8 Reasons Why Cybersecurity Strategy and Business Operations are Inseparable

In modern society, there is one fact that is unquestionable: The hyper-connectivity of the digital economy is inescapable. A financial institution without an online presence or omni-channel strategy will cease to be competitive. Universities (for-profit or non-profit) must develop and continuously evolve their online learning capabilities if they are to stay relevant. Online retailers are quickly outpacing and rendering their 'brick-and-mortar' counterparts irrelevant. more

Shedding Light on How Much Energy the Internet and ICTs Consume

Ever since I published an essay exploring the relationship between climate change and the Internet, I have endeavored to bring this subject to the fore as often as possible (and in relevant fora and discussions) since the responsibility of creating a more sustainable world falls on all communities and stakeholder groups. It is particularly pressing now -- at a time when international interest in curbing climate change is strengthening, while it is juxtaposed with the receding commitments of the United States government... more

Domain Names Are Fading From User View

The internet has changed and evolved ever since it's ancestors first came to life in the late 1960's. Some technology fades away and is forgotten; other aspects continue but are overlaid, like geological sediments, so that they are now longer visible but are still present under the surface. The Domain Name System - both the technology of DNS and the deployed naming hierarchy we all use - are among those aspects of the internet that, although they feel solid and immutable, are slowly changing underneath our feet. more

5G (and Telecom) vs. The Internet

5G sounds like the successor to 4G cellular telephony, and indeed that is the intent. While the progression from 2G to 3G, to 4G and now 5G seems simple, the story is more nuanced. At CES last month I had a chance to learn more about 5G (not to be confused with the 5Ghz WiFi) as well as another standard, ATSC 3.0 which is supposed to be the next standard for broadcast TV. more

Amazon's Letter to ICANN Board: It's Time to Approve Our Applications for .AMAZON TLDs

When ICANN launched the new gTLD program five years ago, Amazon eagerly joined the process, applying for .AMAZON and its Chinese and Japanese translations, among many others. Our mission was -- and is -- simple and singular: We want to innovate on behalf of our customers through the DNS. ICANN evaluated our applications according to the community-developed Applicant Guidebook in 2012; they achieved perfect scores. more

Two More Crypto Holes

If you work in computer security, your Twitter feed and/or Inbox has just exploded with stories about not just one but two new holes in cryptographic protcols. One affects WiFi; the other affects RSA key pair generation by certain chips. How serious are these? I'm not going to go through the technical details. For KRACK, Matthew Green did an excellent blog post; for the other, full details are not yet available. There are also good articles on each of them. What's more interesting are the implications. more

Abusive and Malicious Registrations of Domain Names

When ICANN implemented the Uniform Domain Name Dispute Resolution Policy (UDRP) in 1999, it explained its purpose as combating "abusive registrations" of domain names which it defined as registrations "made with bad-faith intent to profit commercially from others' trademarks... Bad actors employ a palette of stratagems, such as combining marks with generic qualifiers, truncating or varying marks or by removing, reversing, and rearranging letters within the second level domain (typosquatting). more

Latest Blogs

Recently Discussed

Most Discussed – Last 30 Days

Topics

Domain Names

Sponsored byVerisign

New TLDs

Sponsored byAfilias

IP Addressing

Sponsored byAvenue4 LLC

Mobile Internet

Sponsored byAfilias

Cybersecurity

Sponsored byVerisign