The IETF met in November 2022 in London. Among the many sessions that were held in that meeting was a session of the Decentralised Internet Infrastructure Research Group, (DINRG). The research group's ambitions are lofty: DINRG will investigate open research issues in decentralizing infrastructure services such as trust management, identity management, name resolution, resource/asset ownership management, and resource discovery. more
As many in the ICANN community prepare to depart for the sunny beaches of Cancun, Mexico, it appears the ICANN 76 meeting could be significant when it comes to the long-awaited next application window for gTLDs. It's been over 11 years since applicants were last able to apply for a gTLD (and some of those strings are still launching into the marketplace all these years later), and the community work to review that initial process has never really stopped. more
Every few months, an important ceremony takes place. It's not splashed all over the news, and it's not attended by global dignitaries. It goes unnoticed by many, but its effects are felt across the globe. This ceremony helps make the internet more secure for billions of people. This unique ceremony began in 2010 when Verisign, ICANN and the U.S. Department of Commerce's National Telecommunications and Information Administration collaborated... more
I am often asked by cities about the option of building a municipal fixed wireless broadband network. As a reminder, fixed wireless, in this case, is not a cellular system but is the point-to-multipoint technology used by wireless Internet service providers (WISPs). My response has been that it's possible but that the resulting network is probably not going to satisfy the performance goals most cities have in mind. more
When I was first advocating home networking at Microsoft, we encountered a problem. The existing systems and applications had implicitly assumed they were inside a safe environment and didn't consider threats from bad actors. Early Windows systems hadn't yet provided file system with access control and other protections though there were some attempts to have separate logins to keep some settings separate. more
While threat actors can use any domain across thousands of top-level domains (TLDs), they often have favorites. For instance, you may be familiar with Spamhaus's 10 most-abused TLDs for spamming. WhoisXML API researchers recently built on this list by analyzing 40,000 newly registered domains (NRDs) that sported some of the listed unreputable TLDs. We called this study "DNS Abuse Trends: Dissecting the Domains Under the Most-Abused TLDs." more
Brand impersonation happens much more often than people realize. In CSC's latest Domain Security Report, we found that 75% of domains for the Global 2000 that contained more than six characters from the brand names were not actually owned by the brands themselves. The intent of these fake domain registrations is to leverage the trust placed on the targeted brands to launch phishing attacks, other forms of digital brand abuse, or IP infringement... more
In a recent article in LightReading, Mike Dano cites data from industry analyst Cowan that shows that some of the largest fiber builders in the United States have already trimmed back their construction plans for 2023. AT&T has the largest retrenchment and is trimming 2023 plans from 3.5 to 4 million passings back to 2 to 2.5 million. The company says that it is not changing its long-term goal to reach 30 million passings with fiber, but a cutback of this size means it won't likely reach that target in 2025. more
The DNS Abuse Institute recently published our sixth monthly report for our project to measure DNS Abuse: DNSAI Compass ('Compass'). Compass is an initiative of the DNS Abuse Institute to measure the use of the DNS for phishing and malware. The intention is to establish a credible source of metrics for addressing DNS Abuse. We hope this will enable focused conversations, and identify opportunities for improvement. more
Domain tasting is a long-established practice involving the short-lived existence of a domain, which is allowed to lapse a few days after its initial registration. The practice arose in response to an Internet Corporation for Assigned Names and Numbers (ICANN) policy allowing a domain to be cancelled -- with all fees refunded -- within a five-day grace period, intended to address the issue of accidental registrations1. However, the practice is open to abuse by infringers. more
A World-Renowned Source for Internet Developments. Serving Since 2002.