Subscribe: CircleID
Added By: Feedage Forager Feedage Grade B rated
Language: English
amazon  apt  circleid twittermore  circleid  data  domain  follow circleid  internet  net neutrality  new  top level  urs 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: CircleID


Latest posts on CircleID

Updated: 2017-07-21T10:51:00-08:00


Kansas System Hacked, Social Security Numbers of Millions Accessed Spanning 10 States


Hackers breached a Kansas Department of Commerce data system used across multiple states and gained access to more than 5.5 million Social Security Numbers, according to local news sources. The agency had to pay for credit monitoring services for all victims. From the report:"The number of SSNs exposed across the 10 states whose data was accessed has not been previously reported. The Kansas News Service, a collaboration of KCUR, Kansas Public Radio, KMUW and High Plains Public Radio, obtained the information through an open records request. More than half a million of the SSNs were from Kansas, according to the Department of Commerce. The data is from websites that help connect people to jobs."

Follow CircleID on Twitter

More under: Cyberattack, Cybercrime Inc Given New Chance to Secure .AMAZON TLD


An arbitration panel has given Inc. a new shot at securing the .amazon top-level domain which the company has been fighting for since 2014. Alexis Kramer from BNA News reports: "The independent review panel ordered the Internet Corporation for Assigned Names and Numbers board to 'promptly re-evaluate'’s domain application in a July 10 declaration published late July 17 on ICANN’s website. ... The e-commerce giant has been fighting for the .amazon domain since its application was first denied in May 2014 based on consensus advice from government advisors. Representatives from Brazil and Peru, leading opponents of Amazon’s application, argued that the name has strong geographic ties to the Amazon ecological habitat. The panel said the board failed to independently determine that there were public policy reasons for denying the application." In a special report on the story in The Register, Kieren McCarthy writes: "Unfortunately, this is just the latest example of ICANN's notoriously poor accountability and its tendency to do what it thinks is in its own best interests, regardless of any rules, procedures and bylaws. It is also the third time that ICANN has been called out on its propensity for doing whatever the world's governments ask of it."

Follow CircleID on Twitter

More under: ICANN, Internet Governance, Policy & Regulation, Top-Level Domains

The URS Also Applies to These Top-Level Domains


The Uniform Rapid Suspension System (URS) is often described as a domain name dispute policy that applies to the new gTLDs. While that's true, the URS is actually broader than that. The URS (a quick and inexpensive policy that allows a trademark owner to obtain the temporary suspension of a domain name) applies to more than just the new gTLDs, that is, those top-level domains that are a part of ICANN's 2012 domain name expansion. Indeed, the first URS case was not for a new gTLD but instead was for .pw, the country-code top-level domain (ccTLD) for the Republic of Palau, a group of islands in the North Pacific Ocean. The determination, for the domain name , was issued on September 27, 2013, almost five months before the first URS decision for domain names within new gTLDs (for and ). Nearly all (if not actually all) of the URS determinations since then have involved new gTLDs (with .xyz, .club and .email among those that have appeared frequently). But, in addition, to .pw, six other TLDs have adopted the URS, and one other has adopted a variation of it. Here's the complete list: .cat .jobs .mobi .pro .pw .travel .xxx Plus, .us domain names are subject to the usTLD Rapid Suspension Dispute Policy (usRS), a similar but more lenient version of the URS that has been invoked only 14 times in the past three years. The URS Remains Unpopular If the URS (and usRS) applies to these top-level domains, why have we seen so few cases? I can think of at least three reasons: The URS (and usRS) are not very attractive to trademark owners because they have a limited remedy (temporary suspension) and a high burden of proof (clear and convincing evidence). Many of the TLDs that have adopted the URS have done so only recently, so there simply hasn't been much time for trademark owners to take advantage of the URS (and the TLDs listed above are just not popular). Trademark owners may be unaware that the URS applies to the TLDs listed above. Interestingly, it appears as if the Forum (the largest provider of URS services) doesn't publicize the fact that any top-level domains other than the new gTLDs are subject to the URS (and MFSD, a small URS provider, includes only a minor reference). Indeed, the URS has been adopted by some registry operators only in recent months. For example, the .pro and .travel registries adopted the URS as part of their renewals with ICANN in October 2015, while the .xxx registry adopted the URS as part of an amendment to its agreement with ICANN in February 2017. Will the URS Expand Further? The slow expansion of the URS has been opposed by many domainers, who apparently see it as a potential threat to their livelihood, especially if the URS should one day apply to .com domain names. For example, in 2015 one blogger wrote that applying the URS to top-level domains beyond the new gTLDs represented "a fundamental change to the ownership rights to all those who own the hundreds of millions of legacy domain names on which most of the Internet is built." Whether additional TLDs will adopt the URS is unclear. But in the meantime, any trademark owner facing a cybersquatter in one of the TLDs listed above should consider the URS (or usRS) when deciding whether and how to enforce its rights. Written by Doug Isenberg, Attorney & Founder of The GigaLaw FirmFollow CircleID on TwitterMore under: Cybersquatting, Domain Names, Intellectual Property, Law, Top-Level Domains [...]

Mid-Year .brands Review: 2017 Off to a Brilliant Start


If you've read my blogs in the past, you'll know that I'm really passionate about the benefits that .brands can deliver to organizations and their customers. We are now half way through 2017 which provides us with an opportunity to have a good hard look at the data and reflect on the last six months in the .brands space. Here is the punchline — it's pretty damn impressive, and for a variety of reasons. Let's be frank — supporting an innovation such as the .brand movement is not for the faint hearted, and the continual momentum we're experiencing is great reward for those of us that have 'stayed the course' (with only maybe the occasional wavering!). .brands are asking questions, and moving ahead I'm privileged to be one of the few who has a job that is completely dedicated to this type of .brand engagement, but I can tell you that we are being asked more and more informed and targeted questions about how to optimize their .brand strategies each and every day. All the while, organizations like Google, Audi, CERN, Bloomberg, Canon, Microsoft, and Lamborghini have launched .brand sites this year already and continue to pave the way — and that's just a handful of them. I think that the most important elements of .brand domain names also include the diversification of usage. Building microsites on .brand domains are still strong, but the use of .brands in alternative methods such as vanity/redirect strategies, social media, internal tools, email and full site transitions are also growing significantly. To illustrate my point, check out the Showcase at MakeWay.World where we highlight the variety of global examples of .brand usage. It's growing every day, and the stats below speak for themselves. The facts behind the facts As noted above, the number of brands that have gone beyond creating the mandatory 'NIC' page and have registered at least one other domain under their .brand since January 1 has grown by 17 percent. Importantly, there's also been a greater than 23 percent increase in the number of .brands with more than 20 domain names registered — showing that there is growth at the upper end of the spectrum as well. This includes brands such as Microsoft, Bentley, Philips, AXA, Saxo Bank and BMW to name a few. Some of the more active industries include insurance, which collectively have now registered over 1,800 domains; automotive with over 1,000 domains and information technology with just shy of 1,000. We're more thrilled than ever that we were able to launch the Stats Hub on MakeWay.World earlier this year, as the numbers paint a very clear picture of the .brands space and are now available to anyone to explore. .brands making headlines The .brands space has also received some great coverage in industry and broader media so far this year. ClickZ published a three-part series on .brands that culminated in a webinar featuring myself, Matt Dorville of Major League Baseball and Katie Hankinson of VaynerMedia. India's biggest bank announced its plans to move to .sbi, which was reported on by Domain Incite. Domain Name Wire looked at how Major League Baseball is planning to use its .mlb domain names. Domain Pulse reported on the French national railway's plans to move to its .brand TLD. I was published in B&T commenting on the Australian Football League's use of .afl for its historic women's league competition. Moving forward In just the last couple of weeks, we've seen new .brand sites from the likes of Google, Audi, Leclerc and Allstate, which says to me that the .brands space isn't slowing anytime soon. Of equal importance is the fact that the majority of conversations we're having with .brand owners are more and more about how to use their .brands, rather than why. They're looking for practical advice on integrating with social media channels, rolling out email addresses and communicating with staff and clients about changes to web addresses. That will be our focus for [...]

Somalia's Extended Internet Outage Results in Millions of Dollars of Loss per Day, Says Government


Somalia's internet connection was finally restored on Monday after weeks of outage due to a severed undersea cable. The event has cost the nation millions of dollars a day according to the government's assessment. Reuters reports: "Businesses had to close or improvise to remain open during the shutdown and the telecoms minister told state radio it cost the equivalent of about $10 million in daily economic output. Information Minister Abdirahman Omar Osman apologized to citizens on Tuesday for the outage, which hit all landline and mobile users apart from those with access to private satellite connections, and called for them to have back-up plans."

Follow CircleID on Twitter

More under: Access Providers, Telecom

Rightside, Donuts Merger Gets the Green Light from ICANN


New top-level domain registry operators, Rightside Group, Ltd. (NASDAQ:NAME) and Donuts Inc. have received ICANN's express consent on their merger plans announced last month. As part of the announced agreement, Donuts will acquire Rightside for $10.60 per share in an all-cash tender offer, for an aggregate purchase price of approximately $213MM. The Merger Agreement was unanimously approved by Rightside's Board of Directors following a comprehensive review of strategic and financial alternatives that Rightside announced in the first quarter of 2017. Analyzing the acquisition, Andrew Allemann from Domain Name Wire writes: "Rightside had to sell. There was no question that Rightside was going to be acquired or go private in some way. After selling eNom to Tucows for $83.5 million earlier this year, the company was just too small to remain public. It also had lots of pressure to perform… It had to sell eNom because it was about to lose its biggest customer."

Follow CircleID on Twitter

More under: Domain Names, ICANN, Registry Services, Top-Level Domains

Nation Scale Internet Filtering — Do's and Don'ts


If a national government wants to prevent certain kinds of Internet communication inside its borders, the costs can be extreme and success will never be more than partial. VPN and tunnel technologies will keep improving as long as there is demand, and filtering or blocking out every such technology will be a never-ending game of one-upmanship. Everyone knows and will always know that determined Internet users will find a way to get to what they want, but sometimes the symbolic message is more important than the operational results. In this article, I will describe some current and prior approaches to this problem, and also, make some recommendations doing nation-state Internet filtering in the most responsible and constructive manner. History, Background, and SOPA For many years, China's so-called Great Firewall has mostly stopped most law-abiding people including both citizens and visitors from accessing most of the Internet content that the Chinese government does not approve of. As a frequent visitor to China, I find it a little odd that my Verizon Wireless data roaming is implemented as a tunnel back to the USA, and is therefore unfiltered. Whereas, when I'm on a local WiFi network, I'm behind the Great Firewall, unable to access Facebook, Twitter, and so on. The downside of China's approach is that I've been slow to expand my business there — I will not break the law, and I need my employees to have access to the entire Internet. Another example is Italy's filtering policy regarding unlicensed (non-taxpaying) online gambling, which was blocked not by a national "Great Firewall" but rather SOPA-style DNS filtering mandated for Italian ISP's. The visible result was an uptick in the use of Google DNS ( and by Italian gamblers, and if there was also an increase in gambling tax revenue, that was not widely reported. The downside here is the visible cracks in Italian society — many of Italians apparently do not trust their own government. Furthermore, in 2013 the European Union ruled that this kind of filtering was a violation of EU policy. In Turkey up until 2016, the government had similar protections in place, not about gambling but rather pornography and terrorism and anti-Islamic hate speech. The filtering was widely respected, showing that the Turkish people and their government were more closely aligned at that time than was evident during the Italian experiment. It was possible for Turkish internet users to opt-out of the government's Internet filtering regime, but such opt-out requests were uncommon. This fit the Internet's cooperation-based foundation perfectly: where interests are aligned, cooperation is possible, but where interests are not aligned, unilateral mandates are never completely effective. In the years since the SOPA debacle in the United States, I've made it my priority to discuss with the entertainment and luxury goods industries the business and technical problems posed to them by the Internet. Away from the cameras, most executives freely admit that it's not possible to prevent determined users from reaching any part of the Internet they might seek, including so-called "pirate" sites which may even be "dedicated to infringement". I learned however that there is a class of buyers, of both music and movies and luxury goods, who are not interested in infringement per se, and who are often simply misled by "pirate" Internet sites who pretend to be legitimate. One estimate was that only 1/3rd of commercial music is bought legally, and the remaining 2/3rd is roughly divided between dedicated (1/3rd) and accidental (1/3rd) infringement. If so, then getting the accidental infringers who comprise 1/3rd of the market to buy their music legally wouldn't change the cost of music for those buyers, but could raise the music industry's revenues by 100%. We should all think of that as a "win-win-win" possibility.[...]

Over 190 Internet Engineers, Pioneers, Technologists File Comments with FCC on Net Neutrality


A group of over 190 Internet engineers, pioneers, and technologists today filed joint comments with the Federal Communications Commission (FCC) explaining "Technical Flaws in the FCC's Notice of Proposed Rule-making and the Need for the Light-Touch, Bright-Line Rules from the Open Internet Order." From the filed statement: "The undersigned submit the following statement in opposition to the Federal Communications Commission's Notice of Proposed Rulemaking ... which seeks to reclassify Broadband Internet Access Service (BIAS) providers as 'information services,' as opposed to 'telecommunications services.' Based on certain questions the FCC asks in the Notice of Proposed Rulemaking (NPRM), we are concerned that the FCC (or at least Chairman Pai and the authors of the NPRM) appears to lack a fundamental understanding of what the Internet's technology promises to provide, how the Internet actually works, which entities in the Internet ecosystem provide which services, and what the similarities and differences are between the Internet and other telecommunications systems the FCC regulates as telecommunications services. Due to this fundamental misunderstanding of how the technology underlying the Internet works, we believe that if the FCC were to move forward with its NPRM as proposed, the results could be disastrous: the FCC would be making a major regulatory decision based on plainly incorrect assumptions about the underlying technology and Internet ecosystem." More details reported today by Erica Portnoy from EFF.

Follow CircleID on Twitter

More under: Access Providers, Broadband, Censorship, Net Neutrality, Networks, Policy & Regulation, Telecom

U.S. Cyber Command to Split Off from NSA


The Unites States is finalizing plans to revamp the nation’s military command for defensive and offensive cyber operations in hopes of intensifying America’s ability to wage cyberwar against the Islamic State group and other foes, according to U.S. officials. Lolita Baldor reporting today in PBS: "Under the plans, U.S. Cyber Command would eventually be split off from the intelligence-focused National Security Agency. ... The officials weren’t authorized to speak publicly on the matter so requested anonymity. The goal, they said, is to give U.S. Cyber Command more autonomy, freeing it from any constraints that stem from working alongside the NSA."

Follow CircleID on Twitter

More under: Cybersecurity

Extreme Cyberattack Could Cost as Much as Superstorm Sandy, Says Insurer Lloyd's of London


A global cyberattack has the potential to cost $120bn in economic losses, roughly the equivalent of a catastrophic natural disaster like 2012’s Superstorm Sandy, a scenario described in new research by Lloyd’s of London and Cyence, a cyber-risk analytics modeling firm. Findings also reveal that despite the increase in cyber-insurance demand, majority of losses are not currently insured, leaving an insurance gap of tens of billions of dollars.

— "For the cloud service disruption scenario in the report, average economic losses range from US$4.6 billion from a large event to $53 billion for an extreme event. This is the average in the scenario, because of the uncertainty around aggregating cyber losses this figure could be as high as $121 billion or as low as $15 billion."

"In the mass software vulnerability scenario, the average losses range from US$9.7 billion for a large event to US$28.7 billion for an extreme event. And the average insured losses range from US$762 million to US$2.1 billion."

Follow CircleID on Twitter

More under: Cyberattack

APT: The Cancer Within


Unless you have a team employing the latest proactive threat-hunting techniques, the stealthy Advanced Persistent Threat (APT) hiding in your network can pass by completely unnoticed. There are as many definitions of APT as experts writing about the topic, so let's boil it down to the simple essentials: APTs are usually implanted and maintained by a team of malicious actors with the intention of living long term in your network while extracting valuable private information. APTs are increasing not only in intensity but also in scope, targeting your company for specific assets of value to the criminal or nation state group. Victimized companies are often blissfully unaware of the "low and slow" APT network activity, sometimes persisting for months or years before discovery. Ignoring the danger that APTs pose will almost surely result in harm to your organization. Most APTs utilize encrypted communications rendering network content inspection ineffectual. Still, the more your organization can understand about its network traffic from all vectors — including cloud services — the better you will be able to spot anomalies. So what current best practices are effective? Focus on tracking something the malicious actors cannot hide: anomalous external host connections. An APT is quite different from the static traditional attacks that have caused breaches in recent months. First, the APT is very target-aware. They invest time and effort to understand your organization and build custom malware to increase the chance of a successful attack. Second, they are more sophisticated and backed with better resources. Malicious actors employing APT methodologies tend to be organized and structured into teams with defined responsibilities. Where the APT is backed by a nation state, the groups are likely to be the best available talent. The resulting teams are competent, highly motivated, and have all the resources needed to succeed. Malware used in these invasive attacks is very stealthy to achieve maximum impact. Chances are you are being attacked at this present time and don't know it. The good news is that once you understand the nature of the APT threat and focus in on your organization's vulnerabilities, you can defend against the APT with a proactive threat-hunting initiatives. Characteristics of APT The APT is stealthy, targeted, and data-focused. Here are the most important characteristics of the APT that might be lurking in your servers as you read this: 1. APT will target any type of organization. Both government and non-government entities are vulnerable. When it comes to the Internet, the lines between the government and the private sector are blurring rapidly. Anything that could cause harm to a corporation or give an adversary an advantage is an appealing target for APT. Consider who your customers are when you consider why an adversary may gain from information or access your network provides. 2. While the threat APT poses to your network is complex, the entry point for many attacks is as basic as convincing a user to open an attachment or click on a link. Once the APT gains entry to your system, it is very sophisticated in what it does and how it works. Signature analysis is not an effective protection against it. Advanced attacks change constantly, recompiling on the fly to bypass even the latest anti-virus detection updates. 3. Most organizations make the mistake of thinking of APT attacks like the weather: there will be some stormy days and there will be some sunny days. However, on the Internet, there is a storm brewing every day. In the past, attackers would periodically attack an organization. Today the attacks are persistent and constant. If your organization lets its guard down for any period of time, the chance of a c[...]

"Net Neutrality" Protects New Monopolies from Old


Over the next decade which companies do you think will be better able to exercise monopoly power? Amazon, T&T, Comcast, Facebook, Google, Regional phone companies, or Verizon? If you'd asked me this question in 2000, I would've picked AT&T, Comcast, Verizon, and regional phone companies. They are part of local duopolies for wired infrastructure. They had a comfortable relationship with the FCC which regulated them nationally and with most of the state regulators. They saw the Internet as potentially disruptive and would've preferred to have its potential for innovation slowed by regulation. Amazon and Google (and most of the Internet community of the day) were against FCC regulation of the Internet exactly because that would chill innovation. The Internet won; the FCC chose only the lightest of regulation. We got innovation; Facebook and Twitter happened; Google and Amazon grew enormously. And then guess what. In 2014 at the urging of Google, Amazon, and the rest of the Internet establishment, the FCC decided it needed to regulate the Internet after all. In an Orwellian twist, this regulation was given the attractive name of Net Neutrality. Its stated purpose is to protect us from abuses that AT&T, Verizon, Comcast and the like "might" commit. Are the telcos more powerful than they were in 2000? Of course not; even their landline duopolies are less powerful as more and more last mile access to content is wireless and wireless becomes more and more competitive. Are Google and Amazon more in need of protection now than they were then? Sounds absurd but they're the establishment now. They are strong enough so they can't be toppled by smaller competitors with the same products. The only commercial threat to them — as it always is with dominant players — is disruptive innovation. And what better way to slow innovation than regulation? Note also that regulation is usually favored by those who think they can control the regulators (telcos in 2000; dominant Internet players in 2014). "Net Neutraility" forbids telcos for charging content providers a premium for "fast lanes". But Google, Amazon, et al already have private fast lanes and local data centers and data caches so that their content can reach consumers faster than content from anyone else. Conveniently Net Neutrality regs don't cover the private internet expressways. In fact if you pay Amazon to host your site, you too can have a fast lane. But you can't buy that fast lane from AT&T ala carte without the hosting because they're not allowed to sell it. What if someone were to provide a drone-mesh-based fast lane and charge more the faster you want your content to go? Would that be a threat to us? No. Would it be a threat to Amazon and Google? A little; it might be disruptive. Better, in their minds, to subject that service to the strait jacket of regulation. What if telemedicine requires a guaranteed faster service than the public Internet provides? Does it just have to wait until the whole Internet gets faster to start saving lives? Why shouldn't AT&T or the drone-based ISP be able to sell the faster service at a premium? If all the ins-and-outs of the Net Neutrality debate are hard to follow, just ask yourself in 2017 if Google's search dominance is more of a present danger than AT&T's eroding monopoly. I'm not for regulating Google or Amazon purely because of their size; but I'm certainly against regulation like so-called Net Neutrality which protects their dominance. Written by Tom EvslinFollow CircleID on TwitterMore under: Access Providers, Broadband, Net Neutrality, Policy & Regulation [...]

CENTR Awards to Include Best Domain Name Registry as Chosen by Registrars


CENTR, the body which represent of European domain registries, will be holding its annual awards again this year. What's different for 2017 however is that they've added a new category: "Registry of the Year Award"

And unlike with the other award categories, this one is open for voting to the registrar channel.

(image) The question registrars are being asked is:

Based on the quality of customer service (availability, response time) and quality of the business relationship in general, how would you rate the following registries?

The online voting or ranking is open now and is open to registrars who have a direct relationship with the registries. So if you are directly accredited in a ccTLD you can rank it, but if you're reselling indirectly then you can't as you don't have the direct relationship.

Registries will need to get at least 10 votes in order to be considered in the category, so it'll probably work better for the larger registries that have a big and established registrar channel.

Of course to avoid gaming registrars will only get one submission each.

Full details here. Voting is open until September 14th 2017.

Written by Michele Neylon, MD of Blacknight Solutions

Follow CircleID on Twitter

More under: Domain Names, Registry Services

After 21 Years, Actor David Duchovny Wins His Domain Name


Actor David Duchovny wins his domain name davidduchovny.comWhile plenty of UDRP decisions have made clear that a trademark owner's delay in bringing an action against a cybersquatter (often referred to as "laches") is typically not a defense, actor David Duchovny's decision to file a UDRP complaint nearly 21 years after the domain name was registered may set a record for the longest wait in a domain name dispute. Duchovny is perhaps best known for his role as FBI Special Agent Fox Mulder in the science fiction TV series The X-Files, which ran from 1993 to 2002. The series was revived in 2016 and, recently, renewed for the 2017-18 TV season. The domain name was created when Duchovny was popular on TV in 1996, in the early days of cybersquatting and before the UDRP was even created. (The first UDRP decision was not issued until January 14, 2000.) Jeff Burgar, Bruce Springsteen and Other Celebs The original registrant of the domain name, "Alberta Hot Rods c/o Jeff Burgar" ("Burgar"), is no stranger to domain name disputes. Burgar may perhaps be best known as the registrant of the domain name , which he successfully defended against the singer in an early (January 2001) UDRP decision. I often refer to the decision when talking about the history of domain name disputes and the lack of certainty that exists in the UDRP system. In that controversial case, Burgar filed what the panel described as "a substantial response." A divided three-member panel found that Springsteen had failed to prove two of the three required UDRP elements, largely because of Burgar's non-commercial use of the domain name, and allowed Burgar to keep the domain name, which he retains to this day (under the registrant name "Bruce Springsteen Club"), although it does not appear to be used in connection with an active website. Despite Burgar's surprising success in the case, he lost a number of other early UDRP decisions involving celebrity domains, including those for singer Celine Dion, actor Kevin Spacey, and author and director Michael Crichton, all in 2001. But domain name disputes against Burgar have slowed in recent years, perhaps because many of those celebrities who wanted to pursue their claims already had done so (or decided not to do so). Why Duchovny waited until 2017 to act is unclear, though perhaps the renewed interest in The X-Files may have played a factor. (Recently, Duchovny has been using the domain name , which was just registered in 2016.) The Role of Laches Interestingly, despite the passage of nearly 21 years between registration of the domain name and filing of the UDRP complaint, Duchovny apparently never obtained a trademark registration on his own name, as the UDRP decision refers only to common law trademark rights. While the decision says that Duchovny "adequately pled [his] rights and interests" in his own name, it is surprising that the actor did not obtain a trademark registration before filing the complaint — especially considering that he was in no rush to get the domain name. As for the delay itself, the panel certainly took note of it, writing: "This Panel lacks equitable powers; therefore, even a delay of 21 years does not implicate laches." However, the panel did not disregard the potential impact of the delay altogether. In evaluating the bad-faith factor under the UDRP, the panel wrote that it "finds that the record does not support a finding that registration alone of the disputed domain name for 21 years caused any Internet users to be confused as [...]

EFF: Internet Went All Out in Support of Net Neutrality


Yesterday's "Day of Action to Save Net Neutrality," resulted in more than 3.4 million emails to U.S. Congress and more than 1.6 million comments to the Federal Communications Commission. EFF says: "[T]he Internet went all out in support of net neutrality. Hundreds of popular websites featured pop-ups suggesting that those sites had been blocked or throttled by Internet service providers. Some sites got hilariously creative… Together, we painted an alarming picture of what the Internet might look like if the FCC goes forward with its plan to roll back net neutrality protections: ISPs prioritizing their favored content sources and deprioritizing everything else."

Follow CircleID on Twitter

More under: Access Providers, Net Neutrality, Policy & Regulation

Apple Setting Up First Data Center in China to Comply with Tougher Cybersecurity Laws


Apple today reported it is constructing its first data center in China, in partnership with a local internet services company, in order to comply with the tougher cybersecurity laws enacted last month. The data center will be located in the southern province of Guizhou in collaboration with data management firm Guizhou-Cloud Big Data Industry Co Ltd (GCBD). According to a Reuters report, the data center is part of a planned $1 billion investment into the province. "Apple is the first foreign firm to announce amendments to its data storage for China following the implementation of a new cyber-security law on June 1 that requires foreign firms to store data within the country. Overseas business groups said the law's strict data surveillance and storage requirements are overly vague, burdening the firms with excessive compliance risks and threatening proprietary data."

Follow CircleID on Twitter

More under: Cloud Computing, Data Center, Internet Governance, Policy & Regulation

Cloud Leak Exposes at least 14 Million Verizon Subscribers, Phone Numbers and Account PINs Included


A Verizon partner is reported to have exposed millions of Verizon customer accounts due to a misconfigured cloud-based file. Security firm UpGuard reported the leak this morning: "[A] misconfigured cloud-based file repository exposed the names, addresses, account details, and account personal identification numbers (PINs) of as many as 14 million US customers of telecommunications carrier Verizon, per analysis of the average number of accounts exposed per day in the sample that was downloaded. The cloud server was owned and operated by telephonic software and data firm NICE Systems, a third-party vendor for Verizon. ... The data repository, an Amazon Web Services S3 bucket administered by a NICE Systems engineer based at their Ra’anana, Israel headquarters, appears to have been created to log customer call data for unknown purposes; Verizon, the nation’s largest wireless carrier, uses NICE Systems technology in its back-office and call center operations."

Follow CircleID on Twitter

More under: Access Providers, Cloud Computing, Cybersecurity, Telecom

Complete Internet Shutdown Reported in Syria


While Syria's Internet disruptions in the recent past have been linked to Government's efforts to prevent cheating during national high school exams, today's complete Internet shutdown reported by Dyn Research is unknown and does not appear to be exam-related.

If you have any updates on the situation, let us know.

Follow CircleID on Twitter

More under: Access Providers, Networks

Afghanistan Enacts Law Targeting Online Crime and Militancy


Afghanistan's President Ashraf Ghani has signed into law a cybercrime bill this week targeting online crime and militancy by groups such as the Taliban and Islamic State despite concerns it could limit free speech. AFP report via Arab News: "The Cyber Crime Law criminalizes a range of online activities including hacking, spreading ethnic hatred, distribution of online defamatory speech, exposing government secrets, and cyber-terrorism within the provisions of the newly reviewed penal code. The law has 28 articles and it is going to control all cybercrimes. All criminals will be tracked and referred to courts ... [However] the law could have a detrimental effect on access to information in Afghanistan, which was ranked 120th out of 180 countries in the 2017 World Press Freedom Index compiled by Reporters Without Borders."

Follow CircleID on Twitter

More under: Cybercrime, Internet Governance, Law, Policy & Regulation, Privacy

U.S. Critical Infrastructure Will Be Attacked Within 2 Years, According to 2017 Black Hat Survey


According to a 2017 Black Hat Attendee Survey, cyberattacks on U.S. enterprise and critical infrastructure are coming soon, and in most cases defenders are not prepared. Published for this year's Black Hat event in Las Vegas, a report titled "Portrait of an Imminent Cyberthreat," portrays a dark picture of tomorrow's cyber defenses. "In essence, the survey is a warning from the industry's most experienced and responsible IT security professionals that successful cyber attacks on essential infrastructure and business could be imminent, but defenders do not have the resources and training they need to efficiently respond." Other findings from the survey include: — 60% of respondents believe that a successful cyber attack on US critical infrastructure will occur in the next two years. Only 26% are confident that U.S. government and defense forces are equipped and trained to respond appropriately. — 69% of IT security professionals believe that state-sponsored hacking from countries such as Russia and China has made US enterprise data less secure. — Only 26% of information security pros believe that the new White House administration will have a positive impact on cybersecurity policy, regulation, and law enforcement over the next four years. — About two-thirds of respondents think it's likely that their own organizations will have to respond to a major security breach in the next 12 months. Sixty-nine percent say they don't have enough staff to meet the threat; 58% believe they don't have adequate budgets. — IT security professionals' greatest concerns are around phishing and social engineering (50%) and sophisticated attacks targeted directly at their own organizations (45%). — The increased use of ransomware remains the most serious new threat faced by cybersecurity professionals, cited by 36% of respondents. Follow CircleID on TwitterMore under: Cyberattack, Cybercrime, Cybersecurity, DDoS, Malware [...]