Namecoin Decentralized DNS Research
Feb 07, 2014 12:37 PM PST
The holidays open up a block of time to catch up on "I meant to read that" bookmarks, RSS feeds, and all the favorited and forgotten tweets. I made it through 50 before a NormanShark blog post kicked off a research project. The analysts found a malware sample which was using .bit domains in their communications infrastructure, but .bit ... what is that? .bit is a TLD operating outside of ICANN. Some would say they are TLD squatting, but I leave that opinion up to the reader. more»
Feb 07, 2014 10:26 AM PST
I've often found truth in the famous George Santayana quote, "Those that cannot remember the past are doomed to repeat it." That's an apt warning for what is currently happening - again - with the hundreds of new generic Top Level Domains (gTLDs) that are launching ... and failing to work as expected on the Internet. First, a quick refresher: As most CircleID readers know, in the early 2000s, seven new gTLDs were launched: .AERO, .BIZ, .COOP, .INFO, .MUSEUM, .NAME and .PRO. Aside from Country Code TLDs (ccTLDs), these were the first top-level changes to the DNS since the early days of the Internet. more»
Feb 06, 2014 10:55 AM PST
By design, the Internet core is stupid, and the edge is smart. This design decision has enabled the Internet's wildcat growth, since without complexity the core can grow at the speed of demand. On the downside, the decision to put all smartness at the edge means we're at the mercy of scale when it comes to the quality of the Internet's aggregate traffic load. Not all device and software builders have the skills - and the quality assurance budgets - that something the size of the Internet deserves. more»
Feb 04, 2014 1:47 PM PST
According to the Online Etymology Dictionary, the verb collide is derived from the Latin verb collidere, which means, literally, "to strike together": com- "together" + lædere "to strike, injure by striking." Combined instead with loquium, or "speaking," the com- prefix produces the Latin-derived noun colloquy: "a speaking together." So consider WPNC 14 - the upcoming namecollisions.net workshop - a colloquium on collisions: speaking together to keep name spaces from striking together. more»
Jan 31, 2014 1:21 PM PST
BGP. Border Gateway Protocol. The de-facto standard routing protocol of the Internet. The nervous system of the Internet. I don't think I can overstate the importance, the criticality of BGP to the operation of the modern Internet. BGP is the glue that holds the Internet together at its core. And like so many integral pieces of the Internet, it, too, is designed and built on the principle of trust... The folks who operate the individual networks that make up the Internet are generally interested in keeping the Internet operating, in keeping the packets flowing. And they do a great job, for the most part. more»
Jan 30, 2014 7:57 AM PST
Recently the 2013 revisions of the internationally acclaimed standard for information security management, ISO27001 and accompanying 27002, 'Code of practice for information security management controls' were released. Whether you're new to this or are looking for a smooth transition, it's important to reflect on the changes made. Being compliant with the latest information security standards is becoming more and more important these days. more»
Jan 23, 2014 1:39 PM PST
Many years ago on my first trip to London, I encountered for the first time signs that warned pedestrians that vehicles might be approaching in a different direction than they were accustomed to in their home countries, given the left-versus-right-side driving patterns around the world. (I wrote a while back about one notable change from left-to-right, the Swedish "H Day," as a comment on the IPv6 transition.) more»
Jan 17, 2014 10:34 AM PST
Not long after the message that Microsoft will stop updating Windows XP from 8 April onwards, after extending it beyond the regular life cycle for over a year already, came the soothing message that malware will be monitored for another year. That may be good news to some, but the fact remains that this is not the same as patching. Remaining on XP leads to a vulnerable state of the desktop, lap top and any other machine running on XP; vulnerable to potential hacks, cyber crimes, becoming part of a botnet, etc. more»
Jan 16, 2014 1:13 PM PST
How can the open standards organizations of the IETF and W3C "strengthen the Internet" against large-scale pervasive monitoring? That is the topic up for discussion at the "Strengthening the Internet Against Pervasive Monitoring (STRINT)" workshop planned for February 28 and March 1, 2014, and jointly sponsored by the Internet Architecture Board (IAB) and the W3C. The workshop is by invitation-only and has a deadline of Monday, January 20, 2014 (by 11:59 UTC) for submission of either position papers or Internet drafts. more»
Jan 13, 2014 1:52 PM PST
The worldwide public discussion about surveillance produced by the Snowden revelations has so far largely missed a major strategic fault with national security arguments for continued mass surveillance: that economic damage to the technology sector but more fundamentally to the wider economy is a likely result. This damage is also likely to undermine security far more than any potential gains from continuing as we are - or continuing but with some transparency or narrowing that leaves the existing industrial scale surveillance system largely unchecked. more»
Jan 08, 2014 2:24 PM PST
Here we are with CircleID's annual roundup of top ten most popular posts featured during 2013 (based on overall readership). Congratulations to all the participants whose posts reached top readership and best wishes to the entire community for 2014. more»
Dec 18, 2013 1:16 PM PST
In Part One of this series, we examined internal server, network and infrastructure monitoring applications. Now let's take a look at another way to capture DDoS information: external performance monitoring... Unlike network/infrastructure tools - which are usually installed inside a customer's network - external performance monitoring solutions are typically provided by a third party and leverage monitoring locations from around the world. more»
Dec 09, 2013 1:23 PM PST
Most cloud DDoS mitigation services are offered on demand meaning that customers can enable the service when they are the victim of a DDoS attack. But how can a company find out -- quickly -- that it is under attack? Sometimes it is difficult to know. In this three part series, we will examine multiple monitoring tools companies can use to capture DDoS, which can help determine whether you are under a DDoS attack. more»
Dec 01, 2013 6:21 PM PST
Given its engineering background, many positive contributions can be made by the engineering community in the broader ICT world to assist in addressing some of the broader internet issues, often addressed within the more limited telecoms environment.. Of course some of this is already happening; however much more work would be needed to strengthen the technical foundations of the internet. Just as an example, the type of issues that could be addressed by a broader ICT engineering foundation could include... more»
Nov 21, 2013 1:21 PM PST
ICANN's second level domain (SLD) blocking proposal includes a provision that a party may demonstrate that an SLD not in the initial sample set could cause "severe harm," and that SLD can potentially be blocked for a certain period of time. The extent to which that provision would need to be exercised remains to be determined. However, given the concerns outlined in Part 2 and Part 3 of this series, it seems likely that there could be many additions (and deletions!) from the blocked list given the lack of correlation between the DITL data and actual at-risk queries. more»