Subscribe: CircleID
http://www.circleid.com/rss/rss_all/
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
domain names  domain  fcc  internet  names  net neutrality  net  network  neutrality  policy  security  service  udrp  users 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: CircleID

CircleID



Latest posts on CircleID



Updated: 2017-11-23T11:56:00-08:00

 



Canadian Prime Minister Justin Trudeau Says FCC's Roll Back Plan on Net Neutrality Makes No Sense

2017-11-23T11:56:00-08:00

Canadian Prime Minister Justin Trudeau on Wednesday told reporters that President Donald Trump's plan to roll back net neutrality protections for the internet "does not make sense". He'll be looking into what he can do to defend net neutrality for the whole internet, Trudeau said. Trudeau's statements from Justin Ling's report in Motherboard: "I am very concerned about the attacks on net neutrality ... Net neutrality is something that is essential for small businesses, for consumers, and it is essential to keep the freedom associated with the internet alive. ... We need to continue to defend net neutrality. And I will." Trudeau did not comment directly on whether he would convey the message to Trump directly and is quoted saying: "We are just absorbing the position the president has taken and looking at the impact it's going to have in the United States and in Canada."

Follow CircleID on Twitter

More under: Access Providers, Net Neutrality, Policy & Regulation




Internet Religious Wars: Net Neutrality Episode

2017-11-23T10:39:00-08:00

Turning network technical protocols into religion seems like an inherently bad idea — transient and unstable at best. However, it happens. More than 40 years ago, the world of legacy telecommunications and network design formalism started the tendency with OSI (Open Systems Interconnection) and ISDN (Integrated Services Digital Networks). A few years later, the academic research community did it with their myriad host-to-host datagram protocols — eventually calling one "the Internet." A little later, still more researchers did the same thing with information exchange protocols — eventually calling one of them "the Web." Battles were waged for years for supremacy as the one true "internet" or "Web." Some of the factions turned their protocols into religious tenets; and personalities, in bouts of self-aggrandizement, went forth as Moses-like patriarchs handing down religious commandments and rewriting history. Young acolytes entering the technical, legal, and political professions were drawn to the mantras that promised unbounded wealth and world peace to the followers. Some companies and countries reaped enormous monetary and political benefits. The latest episodes in this unfortunate techno-religious proclivity are now emerging. One involves an especially egregious hyperbolic excess of the Internet Wars known as Net Neutrality. The winning internet protocol religious faction, having infused the Washington political system with their Templar Knights in 2009, baked their commandments into the embarrassing December 2010 Report & Order of the FCC as "preserving the free and open internet." "Today the Commission takes an important step to preserve the Internet as an open platform for innovation, investment, job creation, economic growth, competition, and free expression." Nevermind that they never actually defined "the Internet." They simply believed that whatever it was, the FCC as a federal government agency needed to "preserve" it as a religious belief to be imposed upon everyone. Five years later in 2015, the FCC went further and declared that preserving the prevailing internet beliefs required that "no person" providing broadband access, could "unreasonably interfere with or unreasonably disadvantage (i) end users' ability to select, access, and use broadband Internet access service or the lawful Internet content, applications, services, or devices of their choice, or (ii) edge providers' ability to make lawful content, applications, services, or devices available to end users." Just how this religious tenet turned into law would be imposed on the world outside the Commission's jurisdiction was simply ignored. Furthermore, the generic function was that of other government agencies — the Federal Trade Commission or in extreme circumstances, the Dept. of Justice. The FCC also reversed the course of network regulatory history by decreeing that anyone providing access was effectively a public utility and describing the regulatory bundle using the oxymoron term NetNeutrality. It was, of course, only "net neutrality" for providers on the edges — some of whom have ironically become the functional equivalent of public utilities. It wasn't as if the potential for abuse within transport paths might not exist. However, as many observers commented, it was an extreme solution to the problem by the wrong federal agency. Now, two years later, with the Internet Knights Templar expelled from Washington, this episode of the internet religious wars seems to be drawing to a close. Network religious agnosticism is ensuing at the FCC with its no longer "respecting an establishment of 'network protocol' religion." With a little luck with Commission action in December and the rapid implementation of new network protocols and technologies going forward, the NetNeutrality episode in the continuing Internet Wars should draw to a close. The first internetworking protocols were used to interoperate communication networks almost 170 years ago. For the most part, even as new [...]



FCC Plans to Order States Not to Impose Laws Regulating Broadband Service, Senior Officials Revealed

2017-11-22T12:56:00-08:00

In a phone briefing with reporters on Tuesday, Senior FCC officials revealed plans whereby state and local governments will not be able to impose local laws regulating broadband service. A development following FCC Chair's release of the draft on "Restoring Internet Freedom Order." Jon Brodkin reporting in Ars Technica: "FCC Chairman Ajit Pai's proposed order finds that state and local laws must be preempted if they conflict with the US government's policy of deregulating broadband Internet service, FCC officials said. ... It isn't clear yet exactly how extensive the preemption will be. ... but it could also prevent state laws related to the privacy of Internet users or other consumer protections."

Follow CircleID on Twitter

More under: Access Providers, Broadband, Net Neutrality, Policy & Regulation




Caribbean Businesses Can Make Good Use of Free DNS Security

2017-11-22T12:26:00-08:00

IBM Security, Packet Clearing House (PCH) and Global Cyber Alliance (GCA) unveiled a free Domain Name System (DNS) service designed to protect all Internet users from a wide range of common cyber threats. Launched on November 16 with simultaneous press events in London, Maputo and New York, the public DNS resolver has strong privacy and security features built-in, and can be enabled with a few changes to network settings, as outlined on the organization's website. Using the IP address 9.9.9.9, the aptly named Quad9 service leverages IBM X-Force threat intelligence and further correlates with more than a dozen additional threat intelligence feeds from leading cybersecurity firms, in order to help keep individual users' data and devices safe. It automatically protects users from accessing any website or internet address identified as dangerous. "Leveraging threat intelligence is a critical way to stay ahead of cybercriminals," Jim Brennan, Vice President Strategy and Offering Management, IBM Security, said in a release. "Consumers and small businesses traditionally didn't have free, direct access to the raw data used by security firms to protect big businesses. With Quad9, we're putting that data to work for the industry in an open way and further enriching those insights via the community of users. Through IBM's donating use of the 9.9.9.9 address to Quad9, we're applying these collaborative defense techniques while giving users greater privacy controls." The open, free service became the latest to provide security to end users on a global scale by leveraging the DNS system to deliver a smart threat intelligence feed. "Quad9 is a free layer of protection that can put the DNS to work for all Internet users," said John Todd, executive director of Quad9. "It allows optional encryption of the query between the user and the server, and it minimises the amount of data that can leak to unknown destinations. And it uses DNSSEC to cryptographically validate the content of the DNS answers that it's passing back to users for domain names that implement this security feature." It allows users to select from secure and unsecured service, the latter being for more advanced users who may have specific reasons they want to get to malware or phishing sites, or who want to perform testing against an unfiltered DNS recursive resolver. The service can also be extended to IoT devices, which face vulnerabilities such as botnet command-and-control requests. Not only does Quad9 help Internet users avoid millions of malicious websites, but it also promises to help keep their browsing habits private. Deep-pocketed online advertisers are constantly investing in ways to take personal data from unsuspecting Internet users, in order to edge out competitors and expand markets. Frequently, low-security DNS servers are used to build extensive personal profiles of Internet users, including their browsing habits, location and identity.  Many DNS providers, including many larger ISPs, are already in the lucrative business of storing personal data for resale to market research firms or digital advertising groups.  A further blow was struck in April when the US Federal Communications Commission repealed broadband privacy rules that would have required Internet service providers to get consumer consent before selling or sharing personal information with advertisers and other companies. But the fight is far from over. With the launch of Quad9, a group of Internet non-profits has made available a free service specifically designed to put Internet users back in control of their personal data. The service is deliberately engineered to not store or analyze personally identifiable information (PII). Todd said that decision was, in part, a deliberate stance against the ingrained practice among Internet service providers (ISPs) who collect and resell private information to commercial data brokers such as online marketers. "Our foremost goal is to protect Internet user[...]



The FCC is Taking the Right Step

2017-11-21T15:03:00-08:00

Today's announcement from the Commission that it intends to roll back the exercise of Title II utility-style regulation over "any person engaged in the provision of broadband internet access service" at its 14 December meeting is the right step. As a veteran of 40 years of internet related regulatory wars in the FCC and numerous other venues, the Commission's decision and the actual Rules promulgated in the February 2015 Report & Order stand among the most ill-considered application of authority and regulatory gerrymandering ever witnessed. The Commission's first explicit consideration of the treatment of "host-to-host protocols for data communication networks" based on TCP/IP occurred when the Undersecretary of Defense's newly released Internet Protocol Implementation Guide of August 1982 was transmitted to the FCC's Office of Science and Technology that year. It occurred in part because the head of that Office and FCC Chief Scientist, Steve Lukasik, was previously the long-time DARPA Director who had authorized, funded, and controlled the development of those internet protocol technologies. I still have the material on my library shelf because I had requested it through Steve in conjunction with related policy-making proceedings at the Commission for which I was a responsible staff member in the early 80s. The council provided by the staff and reflected in the Commission's decisions and rules at that time emphatically eschewed Title II jurisdiction over internet protocol based networks as both unwise and unreasonable. It was considered unwise because it would throttle innovation and network development. It was deemed unreasonable because this class of "connectionless networks" are simply too ephemeral and abstruse to be defined or bounded. Those views prevailed as guides of every domestic and international regulatory action for more than 30 years. Even the US Patent and Trademark Office appellate decision in February 2000 on the long-held copyright ownership of the term "internet" by a banking consortium for their ATM protocol network, resulted in a finding that "the word INTERNET is not inherently distinctive." Nonetheless, the unfortunate attempt to assert Title II jurisdiction over "any person engaged in the provision of broadband internet access service" via the February 2015 Order occurred as an exercise in regulatory and technological folly. The definition adopted was simply a string of undefined abstractions: "a mass-market retail service by wire or radio that provides the capability to transmit data to and receive data from all or substantially all Internet endpoints, including any capabilities that are incidental to and enable the operation of the communications service, but excluding dial-up Internet access service." And, just to add more fuzziness to the boundary, the Commission tossed in "this term also encompasses any service that the Commission finds to be providing a functional equivalent of the service described in the previous sentence, or that is used to evade the protections set forth in this Part." One is tempted to ask "what the hell are they talking about." The action makes no sense whatsoever from the perspective of network technological change. The most profound contemporary networking development in which industry worldwide is engaged is the virtualization and orchestration of all network infrastructure and instantiated out of cloud data centers. It is known as NFV-SDN (Network Functional Virtualisation — Software Defined Networks), including being manifested as 5G on global mobile network infrastructures with seamless wireline and cable network interoperability. End-points are also virtualized and their addresses using different transport protocols leased as needed. The entire fiction of "the Internet" goes away. FCC's Title II order only makes technological sense if one assumes that the technology is frozen in a world of Internet Kool-Aid that manifests itself only[...]



Could SNET Become Cuba's Guifi.net?

2017-11-21T14:55:00-08:00

Guifi.net growth (source)Community networks like SNET and Guifi.net are compatible with Cuba's tradition of innovation subject to constraints and socialist values. In an earlier post, I described Havana's community network, SNET, and wondered what it could become if the government and ETECSA were willing to legitimatize and support it. Spain's Guifi.net provides a possible answer to that question. Guifi.net is said to be the largest community network in the world. It began in 2004 and has grown to have 34,165 nodes online with 16,758 planned, 407 building, 612 testing and 4,043 inactive. The nodes are linked by WiFi and fiber, and there are over 50,000 users throughout Spain. (See the chart and map below) Guifi.net geographic reach (source) Community networks like SNET and Guifi.net are compatible with Cuba's tradition of innovation subject to constraints and socialist values. Could SNET grow to serve people throughout Cuba if it had access to ETECSA fiber and the global Internet? While community networks may not be a long-run solution for Cuba, they should be considered as an interim, stopgap means of extending affordable Internet connectivity. For a technical description of Guifi.net, see A Technological Overview of the Guifi.net Community Network. (Send me a note if you would like to see it, but do not have access). I also recommend the Internet Society policy brief Spectrum Approaches for Community Networks. It is a concise document with specific recommendations. For example, the section on spectrum management recommends allocating unlicensed spectrum, dynamic sharing of licensed spectrum and innovative licensing like granting licenses for social purposes or small rural communities and give examples of networks employing each of these. There are similar sections with recommendations and examples for policymakers, network organizers, and network operators. The report also has a list of links to other resources and annotated endnotes. RFC 7962, Alternative Network Deployments: Taxonomy, Characterization, Technologies, and Architectures also provides context and spells out options for potential regulators and network developers and operators and has an extensive list of references. I hope someone at ETECSA is reading these documents. Written by Larry Press, Professor of Information Systems at California State UniversityFollow CircleID on TwitterMore under: Access Providers, Internet Governance, Networks, Policy & Regulation [...]



FCC Chair Releases Draft to Abandon Net Neutrality, Says Gov't Must Stop Micromanaging the Internet

2017-11-21T09:35:00-08:00

Federal Communications Commission Chairman Ajit Pai today released a statement on his draft "Restoring Internet Freedom Order", circulated to Commissioners this morning and will be voted on at the FCC's Open Meeting on December 14. "Today, I have shared with my colleagues a draft order that would abandon this failed approach and return to the longstanding consensus that served consumers well for decades," says FCC Chairman Ajit Pai. "Under my proposal, the federal government will stop micromanaging the Internet. Instead, the FCC would simply require Internet service providers to be transparent about their practices so that consumers can buy the service plan that's best for them and entrepreneurs and other small businesses can have the technical information they need to innovate."

Former Democratic FCC chairman Tom Wheeler, who drafted the 2015 net neutrality rules has called Tuesday's move "tragic." Wheeler told the Washington Post: "The job of the FCC is to represent the consumer. If you like your cable company, you'll love what this does for the Internet, because it gives Internet service providers the same kind of control over content and price as cable operators have today."

Follow CircleID on Twitter

More under: Access Providers, Net Neutrality, Policy & Regulation




Transparency: The Internet's Only Currency

2017-11-21T08:48:01-08:00

I don't know about you, but I am angry. I am angry with the state of the world and our incapacity to do something about it. I am angrier because, in all this, I thought that the Internet would be the place where we would see collective action at its best. But, that's not going to happen. At least, anytime soon. Is it time to admit that the Internet has turned toxic? No. But, it is time to ask ourselves the question: is the Internet today the one we subscribed to originally? (This place of openness, freedom, innovation and creativity — a value proposition of democracy) When I heard earlier this month that, during the US Presidential elections, as many as 126 million people were lied to, misinformed and subjected to propaganda, I got angry. Is this the Internet I want to be part of? Of course not! And, I am pretty sure it's not the Internet that these 126 million people want to be part of. But, I also realized that we are equally responsible for the current state of how we understand the Internet. Let's start with the fact that we chose convenience over human values. Over the past years, our ability to debate and, even hold an opinion, seems to be getting out of our hands. And, it is getting progressively worse. Social media platforms and Internet intermediaries make decisions daily on our behalf on what we should agree or disagree with. The proliferation of propaganda has chipped away our right to question the facts. Companies, with focus unrelated to content infrastructure, remove controversial domain name sites and they prevent us from engaging in an intellectual argument about extremism. In a glimpse of a second, private companies can silence the conversation. And, we accept this. There is nothing new or shocking about this. According to Jürgen Habermas, the role social media platforms can play in democracies can be less than conspicuous. Notwithstanding their ability to destabilize authoritarian regimes, they can also wear away the public sphere of democracies. And, there are examples of social media platforms undemocratically silencing different conversations. Although the idea of private companies determining issues like speech had always many concerned, the user sentiment was that they represented basic democratic values. It was, after all, Facebook that was celebrated for its contribution during the Arab Spring; it was Twitter that stood up to Turkey's pressures on censorship a few years ago; and, it was Google that ceased censoring its Chinese search engine, costing its exile from China. All these acts were applauded for how these private actors represented the liberal ideals of democracy; how they advocated for everyone to express themselves and be part of this global conversation. It was fascinating. And, for many years, our faith in them seemed to be having great results. We felt safe that these companies were protecting and were standing up for our beliefs. We idolized them and, because of that, we also became complacent and we stopped paying attention. It is not that big Internet companies lied to us or suddenly stopped supporting liberal ideals. In the end, profit took precedent. Speech got into the second priority lane. Information became diluted. In such cases normally, the government would intervene to ensure that fundamental rights are appropriately and freely applied. But, just like us, governments are also guilty of becoming complacent. For many different issues and for years, governments have been outsourcing a lot of the decisions to the private sector. And, that is not good enough. That is fundamentally not good enough. So, for many years, private Internet companies were loose. They grew both in size and in the services they offered to users. And, as they did that, they became more powerful and more untouchable. But, then something changed. A lot of things changed actually. The[...]



Vulnerabilities of Weak Marks and Uncurated Websites

2017-11-20T08:07:01-08:00

Dictionary words, alone, combined as phrases, modified by other parts of speech, and single letters that function as marks also retain in parallel their common associations that others may use without offending third-party rights. As a rule of thumb, generic terms are not registrable as marks until they perceivably cross a threshold to suggestive and higher classifications. Even then, if terms are capable of multiple associations (even though distinctive in a trademark sense) and there is no evidence of trespassing on complainant's rights, registrations of domain names identical or confusingly similar to marks will not violate the Uniform Domain Name Resolution Policy (UDRP). But where domain names attract visitors for their trademark association or the resolving pages contain links to competitive products or services then they are infringing even if actual knowledge of complainant or the mark is denied. In all UDRP disputes, there are factors that weigh heavily in one direction or the other. That a domain name registrant may claim letters are random or word combinations innocently chosen does not foreclose proof they are infringing. This raises the interesting question of weak marks and uncurated content. In the interplay between marks, domain names, and content, weak marks, and uncurated content favor complainants. By curation, I mean pruning content to avoid suggesting any association with the complainant or its competitors. This puts a premium on curated content. The ultimate test of abusive registration in a proceeding under the UDRP is not identity or confusing similarity (which is merely a first step in establishing standing) but bad faith registration and use where respondents are shown to lack rights or legitimate interest in the domain names. This is to say that marks on the lower end of the spectrum may be distinctive when they specifically relate to goods or services, but generic when the connection to the marketplace is weak. The letters "k" and "p" and "i," "m" and "i" (discussed below, already decided) and multiple other two or three letter domain names ("ktg" and "ivi" pending adjudication), that to mark owners are their distinctive indicators but to others are simply random letters, can be both, or more one than the other,depending on respondents' business model and use. Similarly with word combinations such as "herb" and "farm" or "print" and "factory" both of which are composed of common language parts, yet "herb" when prefixed with an "i" (the dominant part of the mark) stands higher on the classification scale as more inventive, which is not to say that under the right factual circumstances even that combination cannot be used by someone else, lawfully, but the Panel held it was not in iHerb, Inc. v. nathan hatter / blackonomics global trust group, FA1710001754609 (Forum November 16, 2017). I will return to this case in a moment. The issue of letter strings and curation is played out in a particularly intriguing dispute between the mark IMI and the domain name. Respondent in Irving Materials, Inc. v. Black, Jeff / PartnerVision Ventures, FA1710001753342 (Forum November 7, 2017) registered the domain name in 1994 (23 years ago, although the mark predated the registration by decades!). Respondent did not appear to defend itself and lost. Why? It was not (according to the Panel) because of the default but because of the contents of the website (disclosure, the Panel, Neil Anthony Brown, QC authored the Foreword to my treatise, Domain Name Arbitration). I put this down to a curation problem; if a valuable domain name is identical or confusingly similar to a weak mark, it is necessary to attend to its contents. The Panel noted that Complainant's screenshot confirms [that] ... the domain name contains various IMI related links and descriptions of the content located at the l[...]



ICANN Issues Guidance to Domain Registrars and Registries in Light of Hurricane Maria

2017-11-18T11:45:00-08:00

ICANN has issued a guidance notice to registrars and registries in relation to Hurricane Maria, which caused massive damage throughout the Caribbean. * * * Dear gTLD Registries and Registrars, As you know, Hurricane Maria caused catastrophic damage in the Caribbean and surrounding areas. We have also heard from community members that ongoing issues with electric power grids and the telecommunications infrastructure are affecting the ability of some registrants to renew their domain names. In order to assist registrars and registries in providing continuity of service to affected customers, ICANN hereby approves Hurricane Maria and other similar natural disasters as an extenuating circumstance under RAA section 3.7.5.1. "3.7.5.1 Extenuating circumstances are defined as: UDRP action, valid court order, failure of a Registrar's renewal process (which does not include failure of a registrant to respond), the domain name is used by a nameserver that provides DNS service to third-parties (additional time may be required to migrate the records managed by the nameserver), the registrant is subject to bankruptcy proceedings, payment dispute (where a registrant claims to have paid for a renewal, or a discrepancy in the amount paid), billing dispute (where a registrant disputes the amount on a bill), domain name subject to litigation in a court of competent jurisdiction, or other circumstance as approved specifically by ICANN." Based on this approval, registrars will be permitted to temporarily forebear from canceling domain registrations that were unable to be renewed as a result of the natural disaster. This and other devastating events highlight the potential need for a policy initiative to protect registrants when they are unable to renew their domains as a result of natural disasters or other extraordinary circumstances. In the interim, we encourage you to take these circumstances into consideration when reviewing renewal delinquencies from affected areas. Thank you for your attention. Please let me know if you have any questions, or if there is anything else ICANN might be able to do to assist you in providing continuity of service to customers affected by Hurricane Maria or other natural disasters. Sincerely, Akram Atallah President, Global Domains Division * * * This isn't the first time that this has happened, with a previous incident in Asia triggering action from both registrars and registries to give domain name registrants impacted by the natural disaster breathing space. Several people within the broader ICANN community had raised the issue related to Caribbean registrants in the last couple of weeks. ICANN giving registrars and registries a "green light" means that there shouldn't be any issues with contractual compliance should a registrar or registry give people extra leeway. Written by Michele Neylon, MD of Blacknight SolutionsFollow CircleID on TwitterMore under: Domain Management, Domain Names, ICANN, Registry Services [...]



Berners-Lee Talks Net Neutrality in Washington, "ISPs Should be Treated More Like Utilities"

2017-11-17T12:34:00-08:00

Tim Berners-Lee is in Washington urging lawmakers to reconsider the rollback of net neutrality laws — while remaining optimistic, he sees a "nasty wind" blowing amid concerns. Olivia Solon reporting in The Guardian writes: "These powerful gatekeepers ... control access to the internet and pose a threat to innovation if they are allowed to pick winners and losers by throttling or blocking services. It makes sense, therefore, that ISPs should be treated more like utilities. ... 'Gas is a utility, so is clean water, and connectivity should be too,' said Berners-Lee. 'It's part of life and shouldn't have an attitude about what you use it for — just like water.'"

Follow CircleID on Twitter

More under: Access Providers, Net Neutrality, Policy & Regulation




U.S. Government Takes Steps Towards Increased Transparency for Vulnerabilities Equities Process

2017-11-16T18:47:00-08:00

The White House has released a charter offering more transparency into the Vulnerabilities Equities Process. Tom Spring from ThreatPost reports: "On Wednesday it released the 'Vulnerabilities Equities Policy and Process' [PDF] charter that outlines how the government will disclose cyber security flaws and when it will keep them secret. The release of the charter is viewed as a positive by critics and a step toward addressing private-sector concerns that the VEP's framework is to secretive."

Follow CircleID on Twitter

More under: Cybersecurity, Policy & Regulation




IBM Launches Quad9, a DNS-based Privacy and Security Service to Protect Users from Malicious Sites

2017-11-16T17:58:00-08:00

In a joint project, IBM Security along with Packet Clearing House (PCH) and The Global Cyber Alliance (GCA) today launched a free service designed to give consumers and businesses added online privacy and security protection. The new DNS service is called Quad9 in reference to the IP address 9.9.9.9 offered for the service. The group says the service is aimed at protecting users from accessing malicious websites known to steal personal information, infect users with ransomware and malware, or conduct fraudulent activity. Quad9 is said to provide these protections without compromising the speed of users' online experience. From the announcement: "Leveraging PCH's expertise and global assets around the world, Quad9 has points of presence in over 70 locations across 40 countries at launch. Over the next 18 months, Quad9 points of presence are expected to double, further improving the speed, performance, privacy and security for users globally. Telemetry data on blocked domains from Quad9 will be shared with threat intelligence partners for the improvement of their threat intelligence responses for their customers and Quad9." — The Genesis of Quad9: "Quad9 began as the brainchild of GCA. The intent was to provide security to end users on a global scale by leveraging the DNS service to deliver a comprehensive threat intelligence feed. This idea lead to the collaboration of the three entities: GCA: Provides system development capabilities and brought the threat intelligence community together; PCH: Provides Quad9's network infrastructure; and IBM: Provides IBM X-Force threat intelligence and the easily memorable IP address (9.9.9.9)." — Philip Reitinger, President and CEO of the Global Cyber Alliance: "Protecting against attacks by blocking them through DNS has been available for a long time, but has not been used widely. Sophisticated corporations can subscribe to dozens of threat feeds and block them through DNS, or pay a commercial provider for the service. However, small to medium-sized businesses and consumers have been left behind — they lack the resources, are not aware of what can be done with DNS, or are concerned about exposing their privacy and confidential information. Quad9 solves these problems. It is memorable, easy to use, relies on excellent and broad threat information, protects privacy, and security and is free." Follow CircleID on TwitterMore under: Cyberattack, Cybercrime, DNS, DNS Security, Malware, Privacy, Web [...]



UDRPs Filed - Brand Owners Take Note

2017-11-16T13:27:00-08:00

After being in the domain industry for over 15 years, there aren't too many things that catch me by surprise, but recently a few UDRP filings have me scratching my head. Both ivi.com and ktg.com have had UDRPs filed against them, and I have to say for anyone holding a valuable domain name, it's a cautionary tale and one that should have folks paying attention to the outcome of each. Just as a refresher, to be successful in a UDRP filing, the complainant must prove the following: the domain name is identical or confusingly similar to a trademark or service mark in which the complainant has rights; and the registrant has no rights or legitimate interests in respect of the domain name; and the domain name has been registered and is being used in bad faith. With that in mind, let's look a little closer at the details of these two troubling UDRP filings. Ivi.com is registered to WebMD, LLC, a long-time provider of health and wellness information on the Internet, and the domain has been registered since 1992. The domain name currently doesn't resolve to any content, so it's not actively being used. The complainant is Equipo IVI SL, an assisted reproduction group based in Spain. They appear to operate their company off of the domain ivi-fertility.com. According to their website, IVI appears to have been initially founded in 1990 in Valencia. The domain ktg.com is registered to HUKU LLC which appears to be an entity based in Belize and has been registered since at least 2001. According to a reverse WHOIS lookup, this entity owns a few hundred generic domain names in a variety of extensions. The domain ktg.com resolves to a Domain Holdings page with a message stating that this domain may be for sale. The complainant is a company called Kitchens To Go which operates off the kitchenstogo.com domain which was registered in 1998. They also appear to operate the k-t-g.com domain name as well. Based on prima facie evidence, I'm doubtful that either of these UDRP filings should be successful — but then again the domain imi.com was recently handed over to the complainant in a case which appears to have very similar circumstances to these latest two. It should be noted though in that case, the registrant did not even respond to the UDRP. What can brand owners do to ensure that they don't find themselves losing a domain in a questionable UDRP filing? A few things: Ensure your WHOIS information is up-to-date and accurate so that any correspondence sent to the contacts is received. People think nothing of value comes to those published contacts, but UDRP filings would certainly be something you'd want to make sure you received. If you do find a long-held domain being subject to a UDRP (or any UDRP for that matter), make sure you file a response so that you don't leave the complainant as the only voice in front of the UDRP panelists. Make sure that your registrar has a procedure in place to notify you of any UDRP filing they may receive for your domains. In addition to communication to the domain owner, the registrar of record also receives notification, and they should be passing those notifications on to their clients. It will be very interesting to see how these two UDRP filings play out, and we'll be sure to report back once the decisions have been made public. Written by Matt Serlin, SVP, Client Services and Operations at BrandsightFollow CircleID on TwitterMore under: Domain Names, Intellectual Property, UDRP [...]



When UDRP Consolidation Requests Go Too Far

2017-11-16T07:25:00-08:00

Although including multiple domain names in a single UDRP complaint can be a very efficient way for a trademark owner to combat cybersquatting, doing so is not always appropriate. One particularly egregious example involves a case that originally included 77 domain names — none of which the UDRP panel ordered transferred to the trademark owner, simply because consolidation against the multiple registrants of the domain names was improper. The UDRP case, filed by O2 Worldwide Limited, is an important reminder to trademark owners that they should not overreach when filing large complaints — at least when the disputed domain names are held by different registrants. The Same Domain-Name Holder Under the UDRP rules, a "complaint may relate to more than one domain name, provided that the domain names are registered by the same domain-name holder." As a result, many UDRP complaints include multiple domain names — from two to as many as more than 1,500. While this UDRP rule may seem straightforward, it can become more complicated in practice, especially as some clever cybersquatters try to hide behind aliases to frustrate trademark owners. Where the registrants appear to be different, the WIPO Overview of WIPO Panel Views on Selected UDRP Questions, Third Edition, says that UDRP panels often consider the following in considering whether it is proper to include multiple domain names in a single complaint: "whether (i) the domain names or corresponding websites are subject to common control, and (ii) the consolidation would be fair and equitable to all parties." The Overview adds: "Procedural efficiency would also underpin panel consideration of such a consolidation scenario." Not Procedurally Efficient In the O2 case, the panel found that consolidation was not appropriate, based on a most unusual set of facts. O2 had argued that "unifying features… link all of the domains" and that a single individual "maintain[ed] common control" over all of the domain names. But the panel strongly disagreed, noting that 25 different entities were named as respondents for the 77 domain names in the original complaint. Incredibly, the panel said: The administrative procedure that the [WIPO] Center was required to undertake as a result of this filing involved: (i) numerous communications with four different Registrars; (ii) the withdrawal of the Complaint against 11 of the domain names due to the fact that they were no longer registered; (iii) the receipt of 20 separate communications, from 12 different Respondents or Other Submissions, respectively, each of whom appeared to be operating independently of the others and whose positions were not identical; (iv) the receipt of two separate formal Responses; and (v) the filing of one unsolicited Supplemental Filing by the Complainant. This, the panel wrote, created an "administrative burden" that was "undue — and certainly not procedurally efficient." Further, the panel said that because "the Respondents appear to be separate persons whose positions are not necessarily identical," treating them alike in a single proceeding "is unlikely to be fair and equitable." Not only did the panel reject O2's consolidation arguments, but it also rejected O2's request to proceed against any of the disputed domain names: In the Panel's view, what the Complainant has sought to do is throw a large number of disputed domain names registered by a large number of separate Respondents into one Complaint, request consolidation on the basis of a general assertion of connectedness, rely on the Center to verify the situation of every disputed domain name and Respondent to identify those against w[...]



Russia Targeted British Telecom, Media, Energy Sectors, Reveals UK National Cyber Security Centre

2017-11-15T12:14:00-08:00

Speaking at The Times Tech Summit in London, Ciaran Martin, chief of the National Cyber Security Centre (NCSC), warned Russia is seeking to undermine the international system. "I can't get into too much of the details of intelligence matters, but I can confirm that Russian interference, seen by the National Cyber Security Centre, has included attacks on the UK media, telecommunications and energy sectors. ... The government is prioritising cyber security because we care so much about the digital future of the country. We're doing it broadly on the themes that will come up today — defend networks, deter attackers and develop the skills base."

Follow CircleID on Twitter

More under: Cyberattack, Cybersecurity, Policy & Regulation




Airplanes Vulnerable to Hacking, Says U.S. Department of Homeland Security

2017-11-15T10:03:00-08:00

Researchers have been able to successfully demonstrate a commercial aircraft can be remotely hacked. Calvin Biesecker reporting in Avionics reports: "A team of government, industry and academic officials successfully demonstrated that a commercial aircraft could be remotely hacked in a non-laboratory setting last year, a U.S. Department of Homeland Security (DHS) official said Wednesday at the 2017 CyberSat Summit in Tysons Corner, Virginia. [U.S. Department of Homeland Security aviation program manager says] 'We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration ... [which] means I didn't have anybody touching the airplane, I didn't have an insider threat. I stood off using typical stuff that could get through security and we were able to establish a presence on the systems of the aircraft."

Follow CircleID on Twitter

More under: Cyberattack, Cybersecurity




Your Online Freedoms are Under Threat - 2017 Freedom on the Net Report

2017-11-14T08:08:00-08:00

As more people get online every day, Internet Freedom is facing a global decline for the 7th year in a row. Today, Freedom House released their 2017 Freedom on the Net report, one of the most comprehensive assessments of countries' performance regarding online freedoms. The Internet Society is one of the supporters of this report. We think it brings solid and needed evidence-based data in an area that fundamentally impacts user trust. Looking across 65 countries, the report highlights several worrying trends, including: manipulation of social media in democratic processes restrictions of virtual private networks (VPNs) censoring of mobile connectivity attacks against netizens and online journalists Elections prove to be particular tension points for online freedoms (see also Freedom House's new Internet Freedom Election Monitor). Beyond the reported trend towards more sophisticated government attempts to control online discussions, the other side of the coin is an increase in restrictions to Internet access, whether through shutting down networks entirely, or blocking specific communication platforms and services. These Internet shutdowns are at the risk of becoming the new normal. In addition to their impact on freedom of expression and peaceful assembly, shutdowns generate severe economic costs, affecting entire economies [1] and the livelihood of tech entrepreneurs, often in regions that would benefit the most from digital growth. We need to build on these numbers as they open a new door to ask governments for accountability. By adopting the U.N. Sustainable Developed Goals (SDGs) last year, governments of the world have committed to leveraging the power of the Internet in areas such as education, health and economic growth. Cutting off entire populations from the Internet sets the path in the wrong direction. Mindful that there is urgency to address this issue, the Internet Society is releasing today a new policy brief on Internet shutdowns, which provides an entry into this issue, teases various impacts of such measures and offers some preliminary recommendations to governments and other stakeholders. Of course, this can only be the beginning of any action and we need everyone to get informed and make their voices heard on shutdowns and other issues related to online freedoms. Here is what you can do: Follow the live video stream of the launch event for Freedom House's 2017 Freedom on the Net report. The Internet Society's Vice President of Global Policy Development, Sally Wentworth, is among the panelists. (14 November 2017, 9:30 am EDT) Read the new Freedom on the Net report and pay particular attention to country reports relevant to you. Ask people to spread the word that Internet shutdowns cost everyone. Governments should stop using Internet shutdowns and other means of denying access as a policy tool: we must keep the Internet on. Tweet using #ShapeTomorrow and #NetFreedom2017. You'll find more tweets on the Internet Society's Twitter account. Read the Internet Society's new Policy brief on Internet shutdowns, and look back at our paper on Internet Content Blocking for a deeper technical assessment on some common content filtering techniques. Read again ISOC's findings on personal rights and freedoms from our 2017 Global Internet Report. Join the Keep It On movement to collectively call for an end to shutdowns [1] Among other similar studies, Brookings assessed a cost of about USD 2.4 billion resulting from shutdowns across countries evaluated between July 1, 2015 and June 30, 2016. Written by Nicolas Seidler, Senior Policy advisorFollo[...]



Telesat - a Fourth Satellite Internet Competitor

2017-11-13T12:58:00-08:00

Telesat will begin with only 117 satellites while SpaceX and the others plan to launch thousands — how can they hope to compete? The answer lies in their patent-pending deployment plan. I've been following SpaceX, OneWeb and Boeing satellite Internet projects, but have not mentioned Telesat's project. Telesat is a Canadian company that has provided satellite communication service since 1972. (They claim their "predecessors" worked on Telstar, which relayed the first intercontinental transmission, in 1962). Earlier this month, the FCC approved Telesat's petition to provide Internet service in the US using a proposed constellation of 117 low-Earth orbit (LEO) satellites. Note that Telesat will begin with only 117 satellites while SpaceX and the others plan to launch thousands — how can they hope to compete? The answer lies in their patent-pending approach to deployment. They plan a polar-orbit constellation of six equally-spaced (30 degrees apart) planes inclined at 99.5 degrees at an altitude of approximately 1,000 kilometers and an inclined-orbit constellation of five equally-spaced (36 degrees apart) planes inclined at 37.4 degrees at an approximate altitude of 1,248 kilometers. Telesat's LEO constellation will combine polar (green) and inclined (red) orbits. This hybrid polar-inclined constellation will result in global coverage with a minimum elevation angle of approximately 20 degrees using their ground stations in Svalbard Norway and Inuvic Canada. Their analysis shows that 168 polar-orbit satellites would be required to match the global coverage of their 117-satellite hybrid constellation and according to Erwin Hudson, Vice President of Telesat LEO, their investment per Gbps of sellable capacity will be as low, or lower than, any existing or announced satellite system. They also say their hybrid architecture will simplify spectrum-sharing. An inter-constellation route (source)The figure (right) from their patent application illustrates hybrid routing. The first hop in a route to the Internet for a user in a densely populated area like Mexico City (410) would be to a visible inclined-orbit satellite (420). The next hop would be to a satellite in the polar-orbit constellation (430), then to a ground station on the Internet (440). The up and downlinks will use radio frequencies, and the inter-satellite links will use optical transmission. Since the ground stations are in sparsely populated areas and the distances between satellites are low near the poles, capacity will be balanced. This scheme may result in Telesat customers experiencing slightly higher latencies than those of their competitors, but the difference will be negligible for nearly all applications. They will launch two satellites this year — one on a Russian Soyuz rocket and the other on an Indian Polar Satellite Launch Vehicle. These will be used in tests and Telesat says a number of their existing geostationary satellite customers are enthusiastic about participating in the tests. They will launch their phase 2 satellites beginning in 2020 and commence commercial service in 2021. They consider 25 satellites per launch vehicle a practical number so they will have global availability before their competitors. Their initial capacity will be relatively low, but they will add satellites as demand grows. Like OneWeb, Telesat will work with strategic partners for launches and design and production of satellites and antennae. They have not yet selected those partners, but are evaluating candidates and are confident they will be ready in time fo[...]



Google Now a Target for Regulation

2017-11-13T11:35:00-08:00

Headline in the Washington Post: "Tech companies pushed for net neutrality. Now Sen. Al Franken wants to turn it on them." 9 Nov 2017 The time was — way back around the turn of the century — when all Internet companies believed that the Internet should be free from government regulation. I lobbied along with Google and Amazon to that end (there were no Twitter and Facebook then); we were successful over the objection of traditional telcos who wanted the protection of regulation. The Federal Communications Commission (FCC) under both Democrats and Republicans agreed to forbear from regulating the Internet the way they regulate the telephone network; the Internet flourished, to put it mildly. Fast forward to 2015. Google and other Internet giants and their trade group, the Internet Association, were successful in convincing the Obama FCC to reverse that policy and regulate Internet Service Providers (ISPs) under the same regulation which helped to stifle innovation in telephony for decades. The intent, according to the Internet Association, was to protect Net Neutrality (a very good name) and assure that ISPs didn't either censor or prefer their own content over the content of others — Google, for example. The regulation was acknowledged to be preemptive - ISPs weren't discriminating but they might. This spring Trump's FCC Chair, Ajit Pai, announced the beginning of an effort to repeal the 2015 regulations and return the Internet to its former lightly regulated state. The Internet Association and its allies mounted a massive online campaign against deregulation in order, they said, to protect Net Neutrality. One of their allies was the Open Market Initiative, which was then part of The New America Foundation. More about them below. I blogged to Google: "You run a fantastically successful business. You deliver search results so valuable that we willingly trade the history of our search requests for free access. Your private network of data centers, content caches and Internet connections assure that Google data pops quickly off our screen. Your free Chrome browser, Android operating system, and gmail see our communication before it gets to the Internet and gets a last look at what comes back from the Internet before passing it on to us. You make billions by monetizing this information with at least our implied consent. I mean all this as genuine praise. "But I think you've made a mistake by inviting the regulatory genie on to the Internet. Have you considered that Google is likely to be the next regulatory target?" It didn't take long. In August the European Union declared a penalty against Google. Barry Lynn of the Open Market Initiative posted praise for the EU decision on the New America website. According to the NY Times: "The New America Foundation has received more than $21 million from Google; its parent company's executive chairman, Eric Schmidt; and his family's foundation since the think tank's founding in 1999. That money helped to establish New America as an elite voice in policy debates on the American left and helped Google shape those debates… "Hours after this article was published online Wednesday morning, Ms. Slaughter announced that the think tank had fired Mr. Lynn on Wednesday for 'his repeated refusal to adhere to New America's standards of openness and institutional collegiality.'" Mr. Lynn and his colleagues immediately founded The Open Market Institute. The front page of their websites says: "Amazon, Google and other online super-monopolists, armed[...]