Click the comments link on any
story to see comments or add your own.
Subscribe to this blog
 RSS feed
|
Home
20 Nov 2018
Forty five what? Forty five abandoned top level domains.
On November 7, ICANN received a notice from the Communication Regulatory Authority of the State of Qatar that they are terminating the registration agreement for .DOHA.
Two weeks before that, the Zadco company terminated .ZIPPO.
See more ...
Stable link is https://jl.ly/ICANN/dead45.html
22 Oct 2018
M3AAWG, the Messaging, Malware, and Mobile, Anti-Abuse Working Group
and APWG, the Anti-Phishing Working Group, surveyed their members about
recent WHOIS changes. With over 300 results from security researchers, it's the
broadest report yet on WHOIS use.
See more ...
Stable link is https://jl.ly/ICANN/m3apsurvey.html
05 Sep 2018
I have recently become aware of
a blog post
from Recorded Future that
attempts to analyse the effects of the GDPR on online security.
Unfortunately, it starts by asking an irrelevant question, and then
goes on to use irrelevant metrics to come to a meaningless answer.
The premise of Recorded Future's article -- that spammers would send
more spam and register more domains because GDPR came into effect --
tells us nothing useful about how GDPR affects anything. It's the
wrong question, it's not a question most security people are concerned
with, and it ignores how spam and spammers work.
See more ...
Stable link is https://jl.ly/Internet/recorded-future.html
13 Aug 2018
When you're standing close to ICANN, the domain business may seem pretty big,
but when you stand farther away, not so much.
See more ...
Stable link is https://jl.ly/ICANN/dombiz.html
22 Jul 2018
Carl Malamud's Public.Resource.Org
has for over 20 years been putting public documents online so they are easier
to find and use. He's been quite successful in getting documents online that were formerly
available only on paper, or only by paid subscription.
One project involves putting US laws online. In a lot of cases, laws
refer to standards maintained by private organizations. For example,
most state building codes require new construction to comply with the
National Electrical Code published by the private National Fire
Protection Association. There are thousands of standards used in laws
around the US, and in many cases the only way to find out what the standard
says, and hence what the law says, is to buy a copy from the publisher, or
at best to go to a library and read a paper copy.
PRO has been scanning and publishing standards on the theory that in the US, laws
are not copyrighted, so if a standard's part of the law, it's not copyrighted either.
Unsurprisingly, the standards publishers disagreed.
See more ...
Stable link is https://jl.ly/Copyright_Law/publicstandard.html
21 May 2018
Bruce Schneier is a famous cryptography expert and
Orin Kerr a famous cyberlaw professor.
Together they've published a law journal
article on
Encryption Workarounds.
It's intended for lawyers so it's quite accessible to
non-technical readers.
See more ...
Stable link is https://jl.ly/Security/encwork.html
20 May 2018
On Friday I was on a surprisingly interesting session at Rightscon 2018 in Toronto about GDPR
and WHOIS. The panel consisted of Eleeza Agoopian from ICANN staff;
Avri Doria who was recently appointed to the ICANN board; Elliot Noss
who runs large registrar Tucows;
Stephanie Perrin who has done a lot
of privacy work for the Canadian government and as an ICANN volunteer,
and me; Milt Mueller, who is now at Georgia Tech, moderated.
There
was a lot of overlap of roles on the panel. For example, I was there
as a security researcher, but I've also resold Tucows' service for
almost 20 years.
See more ...
Stable link is https://jl.ly/ICANN/reggdpr.html
06 May 2018
Hmmn.
$ whois -h whois.donuts.co women.forsale
Domain not found.
This premium domain is available for purchase. If you would like to make an offer, please contact platinums@donuts.email.
$ whois -h whois.donuts.co girls.forsale
Domain not found.
This premium domain is available for purchase. If you would like to make an offer, please contact platinums@donuts.email.
$ whois -h whois.donuts.co teens.forsale
Domain not found.
This premium domain is available for purchase. If you would like to make an offer, please contact platinums@donuts.email.
Stable link is https://jl.ly/ICANN/wokereg.html
05 May 2018
A recent story in Medium describes yet again quite well why blockchains don't solve any real
problems:
Blockchain is not only crappy technology but a bad vision for the future.
So what is their irresistable appeal?
Bitcoins remind me of a story from the late chair of the Princeton University
astronomy department. In 1950 Immanuel Velikovsky published
Worlds
in Collision, a controversial best selling book that claimed that
3500 years ago Venus and Mars swooped near the earth, causing
catastrophes that were passed down in religions and mythologies.
See more ...
Stable link is https://jl.ly/Money/bccrud.html
03 May 2018
Recently I've been working on EAI mail, looking at what software is
available (Gmail and Outlook/Hotmail both handle it now) and what
work remains to be done.
A surprisingly tricky part is assigning EAI addresses to users.
In traditional ASCII mail, the local part of the address, what
goes before the @ sign, can be any printable ASCII characters.
Although an address like %i()/;~f@examp1e.com is valid, and
mail systems will handle it, users don't want addresses like
that.
A good address is one that is easy to remember, easy to tell someone over the phone,
and easy to type.
Mail systems all give senders some help
when interpreting addresses. If an address is Bob@example,
they'll accept bob@ or BOB@. If the address is joe.smith@,
they'll accept Joe.Smith@ and often variations in punctuation
like joesmith@ without the dots.
The flip side of this is that you don't assign different addresses
that are too similar. While it is techincally possible that BOB@
and bob@ could deliver to different mailboxes, nobody does that.
Similarly, nobody makes joesmith@ and joe.smith@ different.
(They may not both work, but if they do, they're the same mailbox.)
The domain (the part of the address after the @ sign) has to follow the
DNS rules, which don't allow any fuzzy matching other than ASCII upper
and lower case.
How does all this extend into EAI mail?
See more ...
Stable link is https://jl.ly/Email/eaiaddr.html
15 Mar 2018
I have learned about a dandy new cryptocurrency called Paypals.
How does it stack up against Bitcoin and other currencies?
See more ...
Stable link is https://jl.ly/Money/bitpal.html
12 Feb 2018
One of the chronic features of the Bitcoin landscape is that Bitcoin
exchanges screw up and fail, starting with Mt. Gox. There's nothing
conceptually very hard about running an exchange, so what's the problem?
See more ...
Stable link is https://jl.ly/Internet/bithard.html
01 Feb 2018
An aquaintance wrote:
I think it's an open
question as to whether that belief can sustain a meaningfully high
Bitcoin price. There has never been a currency or asset that has been so
easily tradable among every person in the world (even among anonymous
people). ...
See more ...
Stable link is https://jl.ly/Internet/bitsome.html
28 Jan 2018
Unicode's goal, which it meets quite well, is that whatever text you want to represent
in whatever language, dead or alive, Unicode can represesnt the characters or
symbols it uses.
Any computer with a set of Unicode type faces and suitable layout software can display
that text.
In effect, Unicode is primarily a typesetting language.
Over in the domain name system, we also use Unicode to represent non-ASCII identifiers.
That turns out to be a problem, because an identifier needs a unique form,
something that doesn't matter for typesetting.
See more ...
Stable link is https://jl.ly/Internet/uniid.html
22 Jan 2018
Today's papers are full of puffy pieces about
the wonderous new Amazon Go (pronounced, I
hope, Ama-Zongo) in which you tap your phone as you enter and cameras watch what you
do, figure out what you've put in your bag, and charge you for it when you leave.
There's certainly no check-out lanes
and few visible staff but the whole thing smells to me like a gimmick.
See more ...
Stable link is https://jl.ly/Money/amazongo.html
|
Topics
My other sites
Who is this guy?
Airline ticket info
Taughannock Networks
Other blogs
CAUCE Online Clairvoyance Platforms Sanctioned for GDPR Violations 76 days ago
A keen grasp of the obvious Italian Apple Cake 881 days ago
Related sites
Coalition Against Unsolicited Commercial E-mail
Network Abuse Clearinghouse
My
Mastodon feed
|