We all know how easy it can be to ignore or underestimate the possibly, or even likelihood, of a terrorist attack; just remember what happened on 9-11. That seems to be just what the U.S. is doing when it comes to a possible Cyber-Attack, no not in other countries, but right here at home where targets like private sector companies, who provide vital economic and emergency services to our population using broadband infrastructure, and are woefully under-secured for such attacks. more
I wonder how much botnets reuse IP addresses. Do they infect a system and spam, get blocked, discard the IP and move onto the next (new) one? This means that they have a nearly unlimited supply of IP addresses. Or do they infect a system and spam, get blocked, and then let it go dormant only to awaken it some time later? I decided to take a look. more
"Facebook reported in its SEC filing that it owns 'network equipment' valued at $1.016 billion at the close of 2011," reports Rich Miller of Data Center Knowledge. "The number reflects the expense of rapidly building a massive Internet infrastructure, including Facebook's shift from buying vendor gear and leasing data centers to building its own servers, racks and custom data centers." more
It shouldn't be a big surprise to hear that phishing is a big problem for banks. Criminals send email pretending to be a bank, and set up web sites that look a lot like a bank. One reason that phishing is possible is that e-mail has no built in security, so that if a mail message comes in purporting to be from, say, [email protected], there's no easy way to tell whether the message is really from bankofamerica.com, or from a crook. more
I read with interest that ICANN opened up yet another comment period on new TLDs. I believe that I speak for many when I question whether ICANN is opening up these comment periods in good faith, or instead whether these are smokescreens, mere distractions to pretend that ICANN is "listening" to the public while staff and insiders proceed with predetermined outcomes. more
Recently ICANN published a report on inaccurate registration data in her own databases. Now the question is presented to the world how can we mitigate this problem? There seems to be a very easy solution. ... The question to this answer seems simple. To know who has registered with an organisation. This makes it possible to contact the registered person or organisation, to send bills and to discuss policy with the members. more
Why in the world would any company sign-up for a "New gTLD Application Monitoring Service" when ICANN intends to publicly post all applications on May 1st? Domain Name Watching and Trademark Watching Services make perfect sense when new registrations and applications are being submitted and granted on a daily basis. I think that we can all easily agree that trying to understand new domain name and trademark registrations without an automated service would be nearly impossible. more
The trade press is abuzz today with reports about a security breach at Verisign. While a security breach at the company that runs .COM, .NET, and does the mechanical parts of managing the DNS root is interesting, this shouldn't be news, at least, not now. Since Verisign is a public company, they file a financial report called a 10-Q with the SEC every quarter. According to the SEC's web site, Verisign filed their 10-Q for June through September 2011 on October 28th. more
Coalition for Responsible Internet Domain Oversight, or CRIDO, released a plan they called a "peacemaker" three days before the Jan. 12th, 2012 launch, which would allow brands to begin the ICANN application process but would allow organizations and companies the opportunity to place their brand names, without cost, on a temporary "do not sell" list. ICANN so far has not responded to the "do not sell" list, and CRIDO is getting restless and threatening lawsuits. more
ICANN has started its historic and controversial program to expand the number of generic Top-Level Domains (gTLDs). This essay outlines the factors needed for the program to create economic value, warns against a cognitive trap that complicates selection of a new gTLD and considers the value contribution of the registries. I will not go into relevant macro measures, but I examine the problems associated with the popular measure of simply counting the number of registrations. more
There has been a lot of recent discussions and questions about reputation, content and delivery of email. I started to answer some of them, and then realized there weren't any basic reference documents I could refer to when explaining the interaction. So I decided to write some. This post is about IP address reputation with some background on why IPs are so important and why ISPs focus so heavily on the sending IP. more
I, for one, have been a proponent of new gTLDs from the early days of their policy development process within ICANN. I always believed that the existing gTLDs -- and mainly the .com space -- have created artificial scarcity, which is primarily responsible for much of the cybersquatting and the abuse trademarks experience. I do not share the same fears as those who argue that new gTLDs will create intolerable levels of cybersquatting or will necessitate defensive registrations from brand and trademark owners alike. more
The Stop Online Piracy Act (SOPA) and its defeat call attention to a delicious irony in public discourse on Internet governance. Even those who don't want the Internet to be an exception from traditional forms of regulation and law are forced to admit that something new and exceptional must be done to bring it under control, such as massive departures from traditional concepts of territorially bounded sovereignty through the use of in rem jurisdiction. more
"While SOPA may be dead (for now) in the U.S., lobby groups are likely to intensify their efforts to export SOPA-like rules to other countries," says Michael Geist in a blog post today. Geist writes: "With Bill C-11 back on the legislative agenda at the end of the month, Canada will be a prime target for SOPA style rules. In fact, a close review of the unpublished submissions to the Bill C-32 legislative committee reveals that several groups have laid the groundwork to add SOPA-like rules into Bill C-11 ..." more
While Canada was dragging the chain when it came to introducing anti-spam legislation, it is now making up for lost time. Ottawa's new law -- expected to be operational early this year -- has severe fines for violations and is viewed by some as too tough. Known as CASL, the new law aims to crack down on spammers and mailing list companies but in doing so, tightly regulates the way businesses can market to prospective customers via email and online. more
A World-Renowned Source for Internet Developments. Serving Since 2002.