DNS

Blogs

ICANN Should Keep Content Regulation and Other Arbitrary Rules Out of Registry Contracts

The domain name system is not the place to police speech. ICANN is legally bound not to act as the Internet's speech police, but its legal commitments are riddled with exceptions, and aspiring censors have already used those exceptions in harmful ways. This was one factor that made the failed takeover of the .ORG registry such a dangerous situation. But now, ICANN has an opportunity to curb this abuse and recommit to its narrow mission of keeping the DNS running... more

Holiday Shoppers Beware: Tips on Protecting Brand Owners and Consumers from Domain Security Threats

With the COVID-19 pandemic persisting, online shopping will be the preferred method for the 2020 holiday shopping season. While staying home to shop is the safest option right now, it means consumers are more vulnerable to online fraud, counterfeits, and cyber crime. Increased online activity provides opportunities for unscrupulous infringers to abuse trusted brand names to drive visitors to their own fraudulent content. more

Authenticated Resolution and Adaptive Resolution: Security and Navigational Enhancements to the DNS

The Domain Name System (DNS) has become the fundamental building block for navigating from names to resources on the internet. DNS has been employed continuously ever since its introduction in 1983, by essentially every internet-connected application and device that wants to interact online. Emerging from an era where interconnection rather than information security was the primary motivation, DNS has gradually improved its security features. more

An Investigative Analysis of the Silent Librarian IoCs

The Silent Librarian advanced persistent threat (APT) actors have been detected once again, as the academic year started in September. With online classes increasingly becoming the norm, the group's phishing campaigns that aim to steal research data and intellectual property could have a high success rate. Dozens of phishing domain names have been reported, although some may have already been taken down. more

ICANN Doubles Down on Technical Internet Governance Label: What Are the Implications?

Back in September of 2020, ICANN CEO Göran Marby wrote a blog post discussing the implementation of "a common strategy for Internet governance (IG) and technical Internet governance (TIG)", raising the question of whether the ICANN org. intended to pursue this distinction moving forward, as debated in a previous article. This was proven to be the case during the 2020 IGF's Open Forum #44: "ICANN Open Forum - Technical Internet Governance", organized by ICANN itself... more

Another ICANN Meeting Concluded With No Action on DNS Abuse or Privacy/Proxy Policy

The ICANN 69 meeting has come to a close, with no progress on DNS abuse or implementation of the Privacy/Proxy Services Accreditation policy (PPSAI). While ICANN is uniquely positioned to do so, it refuses to do anything proactive about DNS abuse, with its executives overtly attempting to limit its role to data collection. Moreover, its refusal to implement community-driven initiatives such as the PPSAI points to a growing trend where ICANN is backing away from its public interest responsibilities, to the detriment of the Internet and its users. more

A Brief Look at the Domain Attack Surface of Streaming Media Companies

The term "attack surface" is often heard in cybersecurity conversations. It refers to the sum of all possible attack vectors or the vulnerabilities that threat actors can exploit to penetrate a target network or damage an organization somehow. An unused and forgotten subdomain, for instance, can become an attack vector when taken over. Certain categories of companies have very large attack surfaces. Such is the case of streaming media businesses like Netflix and HBO Max. more

A Look at DNS Trends and What the Future May Hold

We used to think of computer networks as being constructed using two fundamental common infrastructure components: names and addresses. Every connected device had a stable protocol address to allow all other devices to initiate a communication transaction with this device by addressing a data packet to this protocol address. And every device was also associated with a name, allowing human users and human use applications to use a more convenient alias for these protocol addresses. more

2020 Hindsight After 20 Years at ICANN

After two decades of involvement with ICANN, I am stepping down from the Board of Directors, where I served for nine years. I have spent considerable time of late reflecting on the past 20 years, and I have isolated some memories that help frame my time with ICANN. ... November 2000, ICANN07 in Marina del Rey, California - With only a scant idea of what ICANN is all about, I am warmly welcomed by the flag-wearing country code top-level domain (ccTLD) community, who come to ICANN to ensure that nothing happens to affect the independence of ccTLDs... more

US Election-Related Web Properties Prone to Fraud and Misinformation Due to Lack of Domain Security

The risks of fraud and disinformation in the U.S. election process have been hiding in plain sight. CSC's new research finds that a large majority of web domains closely linked to the campaign websites for Joe Biden and Donald Trump lack basic domain security protocols and are prone to domain spoofing tactics. This makes them a potential target for hackers looking to spread disinformation ahead of the election, and criminals who want to take advantage of voter intentions... more

Phishing 2020: A Concentrated Dose of Badness

How much phishing is there? Where is it occurring, and why? How can it be reduced? I and my colleagues at Interisle Consulting have just published a new study called Phishing Landscape 2020, designed to answer those questions. We assembled a deep set of data from four different, respected threat intelligence providers and enriched it with additional DNS data and investigation. The result is a look at phishing attacks that occurred in May through July 2020. more

The Whois Wars Go On

There is a lot of discussion about the Expedited Policy Development Process (EPDP) Phase 2 report on evaluating a System for Standardized Access/Disclosure (SSAD) to non-public gTLD registration data after the decisions taken by the GNSO Council on September 24th. Notably, the Business Constituency (BC) and the Intellectual Property Constituency (IPC) have voted against the adoption of the Final Report of the EPDP team. more

The Competition to Become the Next .eu TLD Registry Is Now Open

I am glad to announce that the European Commission has officially launched the process to select the next Registry for the .eu Top-Level Domain (TLD). This is done through a competitive procedure that will be concluded, by October 2021, with the signature of a service concession contract between the European Commission and the entity that will be entrusted with the organisation, administration and management of the .eu TLD. more

Scaling the Root of the DNS

The DNS is a remarkably simple system. You send it queries, and you get back answers. Within the system, you see exactly the same simplicity: The DNS resolver that receives your query may not know the answer, so it, in turn, will send queries deeper into the system and collects the answers. The query and response process is the same, applied recursively. Simple. However, the DNS is simple in the same way that Chess or Go are simple... more

A Failed Whois Policy

ICANN's two-year effort to purportedly preserve the Whois public directory to the greatest extent possible while complying with GDPR has failed. Under the latest proposal, the Whois database, once a contractually-required directory of domain name registrants, will be gutted to the point of virtual worthlessness, as registrars, registries, academics, and hand-wringing others ignored the public interest and imposed ever-higher barriers to legitimate, GDPR-compliant access to registration data. more

News Briefs

CENTR Has Released an Animated Video on ccTLDs and Their Technical Role Concerning Content

New Digital Services Act Should Not Disrupt Internet's Technical Operations, Warn RIPE NCC, CENTR

Trump Admin Ramping Up Attacks on GDPR – Says It Helps Cybercrime, Threatens Public Health

Firefox Starts the Roll Out of DNS Over HTTPS (DoH) by Default for US-Based Users

The Number Resource Organization (NRO) Issues Inspection Request to ICANN Concerning the .ORG Sale

Microsoft Announces Plans to Adopt DoH in Windows

EFF: For ISPs to Retain Power to Censor the Internet, DNS Needs to Remain Leaky

Leading Domain Registries and Registrars Release Joint Document on Addressing 'DNS Abuse'

The U.S. House Judiciary Committee Is Investigating Google's Plans to Implement DNS Over HTTPS

New Zealand’s Domain Name Commission Wins Appeal in Lawsuit Against US DomainTools

Mozilla Named "Internet Villain" for Supporting DNS-Over-HTTPS by a UK ISP Association

Use of DNS Firewalls Could Have Prevented More Than $10B in Data Breach Losses Over the Past 5 Years

A New Project Called Handshake Wants to Decentralize DNS, Says It's Unlike Previous Attempts

State-Sponsored Attack Is Manipulating DNS Systems of National Security Organizations

Unexpected Behaviour Observed With DNS Root Servers After Cryptographic Change

ICANN Makes Urgent Call for Full Deployment of Domain Name System Security Extensions (DNSSEC)

ISC Assesses DNS Flag Day

Domain Holders Urged to Ensure Their Domains Are Ready for 'DNS Flag Day'

An Investigation Shows How Bomb Threat Scammers Hijacked Thousands of Big-Name Domains

US Department of Homeland Security Issues Emergency Directive Ordering Agencies to Audit DNS Records

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

When Registrars Look the Other Way, Drug-Dealers Get Paid

Squeegee Domains

Ask Vint Cerf: The Road Ahead for Top-Level Domains

Industry Updates

Participants – Random Selection