Internet and e-mail policy and practice
including Notes on Internet E-mail


2014
Months
Oct
Nov Dec

Click the comments link on any story to see comments or add your own.


Subscribe to this blog


RSS feed

Add to My Yahoo!

Subscribe with Bloglines


[Valid RSS]

Home :: Internet

24 May 2014

Why do we accept $10 security on $1,000,000 data? Internet

Last week we heard of yet another egregious security breach at an online provider, as crooks made off with the names, address, and birth dates of eBay users, along with encrypted passwords. They suggest you change your password, which is likely a good idea, and you better also change every other place you used the same password. But that's not much help since you can't change your name, address, and birth date, which are ever so handy for phishing and identity theft.

There is plenty not to like about the way that eBay handled it, but a more important question is why we tolerate big allegedly sophisticated companies treating our personal information so casually.

See more ...


posted at: 23:06 :: permanent link to this entry :: 1 comments
Trackback link is http://jl.ly/Internet/badsec.trackback

13 Apr 2014

Open Source software is the worst kind except for all of the others Internet

Heartbleed, for anyone who doesn't read the papers, is a serious bug in the popular OpenSSL security library. Its effects are particularly bad, because OpenSSL is so popular, used to implement the secure bit of https: secure web sites on many of the most popular web servers such as apache, nginx, and lighttpd.

A few people have suggested that the problem is that OpenSSL is open source, and code this important should be left to trained professionals. They're wrong. The problem is that writing and testing cryptographic software is really, really hard.

See more ...


posted at: 00:39 :: permanent link to this entry :: 3 comments
Trackback link is http://jl.ly/Internet/openssl.trackback

15 Mar 2014

The Name Collision Conference Internet
Earlier this week Verisign sponsored a two day conference on name collisions in the DNS. Despite the very short time frame in which it was organized, only a month from announcement to meeting, there were some very good presentations. I'll just hit some highlights here; all of the papers and slides are on their web site at
namecollisions.net.

See more ...


posted at: 13:06 :: permanent link to this entry :: 0 comments
Trackback link is http://jl.ly/Internet/collide.trackback

15 Oct 2013

About those anonymous bitcoins Internet
Recent press reports say that Silk Road, an online marketplace for illegal goods, was shut down by the FBI, who seized the servers and
about 26,000 bitcoins in multiple wallets. They also apparently have all of the site's records of transactions among about 4,000 sellers and 150,000 buyers. If you're one of these buyers or sellers, now what?

See more ...


posted at: 10:29 :: permanent link to this entry :: 0 comments
Trackback link is http://jl.ly/Internet/btanon.trackback

12 Sep 2013

Plumbing Neutrality Internet

I've been having arguments about Network Neutrality with a lawyer. My position is that you can't adequately regulate ISPs to be neutral, because there's no agreement what "neutral" means in practice. He points out that the courts aren't interested in technical details like what packets are dropped, it's that all traffic has to be treated the same, and ISPs should just figure out how to do that.

So I contemplated a city with Plumbing Neutrality with the simple rule that all people must be treated the same

See more ...


posted at: 12:58 :: permanent link to this entry :: 3 comments
Trackback link is http://jl.ly/Internet/plumbingneutral.trackback

Topics


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

CAUCE
CASL Comes into Force
116 days ago

A keen grasp of the obvious
Progress in e-mail
37 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse



© 2005-2014 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.