/ Recently Commented

The Geo-Politics of ICANN vs ITU

Over the past couple of years I have had the opportunity to talk to US policy makers and have seen how ITU and ICANN have emerged as proxies for a much wider diplomatic dispute over who is going to control cyberspace. The Internet is now the engine of the new global economy. It is a communication infrastructure. Both have been correctly regarded as national security interests of the very highest level of priority. Some of the participants in the ICANN/ITU world are former participants in arms limitation circles. Their mode of thinking is illustrated by the frequent use of phrases such as 'why would we give up...'. more

Russian Hackers Have Penetrated U.S. Electric Utilities

U.S. federal government officials have revealed Russian hackers have been able to gain access to the networks of electric utilities in the country, according to a report by The Wall Street Journal. more

Why Government Agencies Use Ugly, Difficult to Use Scanned PDFs - There's More Than Meets the Eye

Sometimes, a government agency will post a PDF that doesn't contain searchable text. Most often, it's a scan of a printout. Why? Don't the NSA, the Department of Justice, etc., know how to convert Word (or whatever) directly to PDF? It turns out that they know more than some of their critics do. The reason? With a piece of paper, you know much more about what you're actually disclosing. more

The Impact of Rising Sea Level on Internet Infrastructure

A recent study predicts that rising sea level might result in as much as 4,067 miles of fiber conduit being under water and 1,101 nodes (data centers, Internet exchanges, cable landing points, etc.) surrounded by water in U. S. coastal cities in 15 years. Paul Barford, professor of computer science at the University of Wisconsin, and his colleagues have been compiling data on the physical Internet and making it available to the research community at the Internet Atlas Web portal since 2011. more

IPv4 Exhaustion, 5 Implications for Africa Running out Last

I spend most of my time teaching engineers in different countries how to plan and deploy IPv6 networks. Over the last two years, I have been speaking more and more to non-engineers. These are either technology executives who sense that they need to do something about this "IPv6" thing, or government IT leaders who want to understand what the problem is and more importantly, what they could do. The most impactful part of these these exchanges is when I get these managers to understand the implications of IPv4 address exhaustion to their organisations. more

Should Domain Names be Considered 'Contracts for Service' or 'Property Rights'?

The legal status of domain names is one of the most hotly debated topics with regards to evolving property rights and how they should be applied to technological and intellectual property 'innovations' in cyberspace. At present, there are two opposing factions on this topic: On one hand, there are those who maintain that domain names should be considered as contracts for services, which originate from the contractual agreement between the registrant and the registrar. more

Trump's Tweets Flouting the Cybercrime Treaty Curbs on Racist and Xenophobic Incitement

The existence of the 2001 Cybercrime Convention is generally well known. The treaty has now been ratified/acceded to by 60 countries worldwide, including the United States. Less well known is the existence of the Additional Protocol to the Convention "concerning the criminalization of acts of a racist and xenophobic nature committed through computer systems." more

Comcast Sneaks in Another Billing Line Item and "Earns" an Additional $1 Billion

My Comcast bill arrived today with a sneaky new $2.68 charge, $2.50 for leasing one (and only one) set-top box and $0.18 for the remote. This new billing line item, like the many others Comcast has introduced, adds to its bottom line with no additional capital expenditure. It shows how resisting the obligation to return to accepting set-top box free, "cable ready" sets was a smart strategy. more

It's About Whois Display And Access

The need for an access model for non-public Whois data has been apparent since GDPR became a major issue before the community well over a year ago. Now is the time to address it seriously, and not with half measures. We urgently need a temporary model for access to non-public Whois data for legitimate uses, while the community undertakes longer-term policy development efforts. more

Why You Must Learn to Love DNSSEC

It's been nearly two months since the high profile BGP hijack attack against MyEtherwallet, where crypto thieves used BGP leaks to hijack MEW's name servers, which were on Amazon's Route53, and inserted their own fake name servers which directed victims to their own fake wallet site, thereby draining some people's wallets. It generated a lot of discussion at the time... What isn't fully appreciated is that attack has, in fact, changed the game somewhat... more

IPv6 Deployment Around the World: A New Digital Divide?

Alain Durand, Principal Technologist at ICANN, visited Georgia Institute of Technology last week for a talk on the global adoption of Internet Protocol version 6 (IPv6). The Internet Governance Project organized the talk in cooperation with Atlanta's Technology Development Center (ATDC) and the Institute for Information Security and Privacy. Durand, who was involved in the IPv6 standardization efforts at IETF back in the early to mid-1990s, offered a clear eyed assessment of the protocol's critical flaw... more

Google Engineer Ben McIlwain on Why HSTS Could Be a Perfect Fit for .Brands Security

The Google-run .app TLD was always destined to draw attention and scrutiny, from the moment it fetched a then-record ICANN auction price of $25 million. Since it reached General Availability in May it has gained more than 250,000 registrations making it one of the world's most successful TLDs. However perhaps more interesting was Google's choice to add the .app TLD and its widely used .google extension to the HTTP Strict Transport Security (HSTS) Top-Level Domain preload list, offering an unprecedented level of security for all domains under .google and .app. more

ICANN vs EPAG: ICANN Seeks Appeal Plus Pushes for ECJ Referral

As I predicted ICANN is pursuing its case against EPAG. They're now not only appealing the case to a higher court in Germany but are also trying to get the entire thing referred to the European Court of Justice. In an announcement late last night ICANN made it very clear what their intentions are. While they're pursuing the appeal in the higher court in the German region, which makes sense at some level, it's also very clear that they're not taking "no" for an answer. more

US Govt Formally Asks Whether It Should Reassert Its Control of Internet, Reversing ICANN Handover

A formal inquiry released by the US National Telecommunications and Information Administration (NTIA) on Tuesday questions whether IANA Stewardship Transition should be "unwound." more

Leveraging Traffic Statistics to Manage Corporate Domain Portfolios

Corporate domain name portfolios often consist of domain names that do not resolve to relevant content. In fact, it's not uncommon for less than half of corporate domains to point to live content. Sure there are domains such as those that point to "sucks" sites or those registered anonymously for future use that purposely do not resolve, but those are the exception to the rule. more