[DNS] auDA domain name news - 4 April

[DNS] auDA domain name news - 4 April

From: David Goldstein <david>
Date: Thu, 4 Apr 2013 12:59:08 +1100
***************************************************

The domain name news is supported by auDA

***************************************************


Revised Registry Agreement Posted for Review
<http://blog.icann.org/2013/04/revised-registry-agreement-posted-for-review/>

ICANN Names Back-up Registry Operators for New gTLDs
<http://www.icann.org/en/news/announcements/announcement-02apr13-en.htm>

Do More to Prevent DNS DDoS Attacks by Dave Piscitello, on behalf of the ICANN Security Team
<http://blog.icann.org/2013/04/do-more-to-prevent-dns-ddos-attacks/>

ICANN tones down power grab in new gTLD contract
<http://domainincite.com/12524-icann-tones-down-power-grab-in-new-gtld-contract>

Verisign Says New gTLD Rollout Not Ready To Proceed
<http://www.domainpulse.com/2013/04/03/verisign-new-gtld-not-ready/>

ICANN selects new gTLD backup providers
<http://domainincite.com/12539-icann-selects-new-gtld-backup-providers>

US Advertising Body Rants Again Against Coming New gTLDs
<http://www.domainpulse.com/2013/04/04/advertising-body-rants-against-gtlds/>

First seven TMCH agents approved
<http://domainincite.com/12533-first-seven-tmch-agents-approved>

Yellowpages domain name ours: Telstra
<http://www.theaustralian.com.au/australian-it/telecommunications/yellowpages-domain-name-ours-telstra/story-fn4iyzsr-1226612360672>

Uncharted entrepreneurship in Africa?s domain name industry
<http://ventureburn.com/2013/04/uncharted-entrepreneurship-in-africas-domain-name-industry/>


**********************
 - ICANN
**********************
Revised Registry Agreement Posted for Review
In the interest of transparency and accountability ICANN is providing the latest revision of the previously posted "Revised New gTLD Registry Agreement" for the community?s information and review.
<http://blog.icann.org/2013/04/revised-registry-agreement-posted-for-review/>

Questions to the Community on Accountability and Transparency within ICANN
Purpose (Brief): With the goal of producing final recommendations by 31 December 2013, the second Accountability and Transparency Review Team (ATRT 2), mandated by paragraph 9.1 of the Affirmation of Commitments (AoC), is currently in the process of defining its scope, roadmap and work program. To inform its work, the ATRT 2 now seeks input from the Community on a set of questions [PDF, 129 KB] compiled for the Community?s consideration. Community participation is essential to the success of the review and all input will be carefully considered. The ATRT 2 welcomes any additional feedback.
<http://www.icann.org/en/news/public-comment/atrt2-02apr13-en.htm>

ICANN Names Back-up Registry Operators for New gTLDs
Marking another milestone in the implementation of the community-developed New gTLD Program, ICANN today announced the selection of three geographically diverse emergency back-end registry operators, or EBEROs. The China Internet Network Information Center (CNNIC), Neustar, Inc. and Nominet were selected to guarantee domain names within a new gTLD continue to resolve in the event of a failure by a new TLD operator.
<http://www.icann.org/en/news/announcements/announcement-02apr13-en.htm>

Do More to Prevent DNS DDoS Attacks by Dave Piscitello, on behalf of the ICANN Security Team
In recent weeks, numerous high profile organizations and financial institutions have been targets of massive service disruption attacks. Several of these attacks are characteristically similar to attacks against top level domain name servers in 2006. ICANN?s Security and Stability Advisory Committee published an Advisory, SAC008: Distributed Denial of Service (DDoS) Attacks, shortly after the 2006 incidents. Recommendations from that Advisory remain relevant today.
<http://blog.icann.org/2013/04/do-more-to-prevent-dns-ddos-attacks/>

Root Zone Scaling Measurements at L-Root
ICANN is the operator of L-Root, one of the thirteen root servers in the Domain Name System (DNS). To better be able to identify any performance impact on L-Root caused by a larger root zone, work has been done to implement additional instrumentation of L-Root's infrastructure.
<http://www.icann.org/en/news/announcements/announcement-03apr13-en.htm>

Lawrence Strickling, Assistant Secretary for Communications and Information | United State Department of Commerce, to Steve Crocker
United States Government's Views on the USPS Objections to .mail gTLD
<http://www.icann.org/en/news/correspondence/strickling-to-crocker-02apr13-en>

ICANN tones down power grab in new gTLD contract
ICANN has published a new version of its Registry Agreement for new gTLD operators that waters down the controversial unilateral right to amend provisions.
<http://domainincite.com/12524-icann-tones-down-power-grab-in-new-gtld-contract>

ICANN 46 ? The Issues at Stake in the Forthcoming Meeting
Afnic will be present at the 46th ICANN meeting in Beijing and is already sharing the major issues that will fuel the discussions.
<http://www.afnic.fr/en/about-afnic/news/general-news/6815/show/icann-46-the-issues-at-stake-in-the-forthcoming-meeting.html>

**********************
 - ccTLD & gTLD NEWS
**********************
Centr March News Roundup Available
The latest edition of the CENTR Monthly Roundup is available and covers the following: Overview of ccTLD news from CENTR Members, Selected findings from a recent CENTR survey entitled "Launch and Use of IDNs", Statistics on CENTR Growth & CENTR Blog details - "Reputational Studies".
<http://centr.org/news/march_roundup>

.CO Announces Asian IDNs Launching 15 April
Hot on the heels of launching internationalised domain names in Scandinavian languages in January, .CO Internet has announced the launch of Asian IDNs including Chinese, Japanese and Korean on 15 April.
<http://www.domainpulse.com/2013/04/03/co-asian-idns-launching/>

Asian Internationalized Domain Names to Launch in April
We are excited to announce the launch of Asian IDNs in the .CO registry including Chinese, Japanese and Korean.  With non-English speaking Internet users and content increasing, providing alternate languages for .CO domain names is expected for the registry and our team.
<http://www.cointernet.co/blog/asian-internationalized-domain-names-launch-april>

.CO Registry Announces Global Launch of Scandinavian Internationalized Domain Names
.CO Internet, the company behind one of the most successful global domain extensions in history today announced the global launch of Scandinavian Internationalized Domain Names (IDNs) in the .CO namespace.
<http://www.cointernet.co/media/press-releases/co-registry-announces-global-launch-scandinavian-internationalized-domain-names>

Top Scots websites among UK domains catalogued by libraries
The homepage of a Scottish bus shelter and a school dinners blog feature on a new list of websites which could help historians of the future learn about life in the early 21st Century. The list of 100 websites has been drawn up by the UK's leading libraries. New legislation gives them the power to archive UK web domain names for the first time.
<http://www.bbc.co.uk/news/uk-scotland-22003372>

**********************
 - NEW TLDS
**********************
ICANN under fire as Verisign warns of rushed domain-name expansion
ICANN's big gTLD rollout, planned for April 23, needs to be delayed because the system isn't ready, Verisign and others are warning ? and ICANN itself has told The Register that the first gTLD domains won't come online until at least August.
<http://www.theregister.co.uk/2013/04/02/gtld_flaws_verisign_icann/>

Groups Say ICANN Unprepared for gTLD Launch [IDG]
The delegation of new gTLDs by ICANN is premature and could cause risks to the security and stability of the DNS and affect the working of the whole Internet, Verisign has warned.
<http://www.cio.com/article/731118/Groups_Say_ICANN_Unprepared_for_gTLD_Launch>
<http://www.computerworld.com.au/article/457877/groups_say_icann_unprepared_gtld_launch/>
<http://www.networkworld.com/news/2013/040213-groups-say-icann-unprepared-for-268325.html>

Verisign Says New gTLD Rollout Not Ready To Proceed
Verisign has submitted a report to ICANN outlining a number of areas of "work that is currently not done, and should be completed before any new gTLDs can be deployed in a safe and secure manner."
<http://goldsteinreport.com/article.php?article=20047>
<http://www.domainpulse.com/2013/04/03/verisign-new-gtld-not-ready/>
<http://www.domainnews.com/en/verisign-says-new-gtld-rollout-not-ready-to-proceed.html>

In wake of top-level domain security criticism, ICANN announces emergency back-up registry operators [IDG]
ICANN has selected three emergency back-end registry operators to guarantee domain names within a new gTLD will resolve in the event of a failure at a new TLD operator, it said on Tuesday.
<http://www.networkworld.com/news/2013/040313-in-wake-of-top-level-domain-268339.html>
<http://www.computerworld.com.au/article/457943/wake_gtld_security_criticism_icann_announces_emergency_back-up_registry_operators/>
<http://computerworld.co.nz/news.nsf/news/icann-announces-emergency-back-up-registry-operators>

ICANN selects new gTLD backup providers
Neustar, Nominet and CNNIC have been picked to provide backup registry services for new gTLDs that fail.
<http://domainincite.com/12539-icann-selects-new-gtld-backup-providers>

ANA calls for new gTLDs delay, again
The Association of National Advertisers has seized upon Verisign?s recent report into the security risks of ICANN?s new gTLD timetable to call for delays to the program.
<http://domainincite.com/12547-ana-calls-for-new-gtlds-delay-again>

US Advertising Body Rants Again Against Coming New gTLDs
They ignored the planning for the introduction of new gTLDs for years. But the Association of National Advertisers has been shaken from its torpor in the last year or so, constantly complaining and saying the end of the world will be nigh if more gTLDs are introduced.
<http://goldsteinreport.com/article.php?article=20049>
<http://www.domainpulse.com/2013/04/04/advertising-body-rants-against-gtlds/>
<http://www.domainnews.com/en/us-advertising-body-rants-again-against-coming-new-gtlds.html>

The Verisign pile on effect
Last week Verisign dropped a bomb on ICANN by releasing a report that said that ICANN was not yet ready for the rollout of new TLDs.
<http://domainnamewire.com/2013/04/03/the-verisign-pile-on-effect/>

Yellowpages domain name ours: Telstra
TELSTRA says it won't back down from the fight for the right to establish the .yellowpages gTLD.
<http://www.theaustralian.com.au/australian-it/telecommunications/yellowpages-domain-name-ours-telstra/story-fn4iyzsr-1226612360672>

The .Domain Change Is Weeks Away; How Marketers Should Prepare by Bob Liodice
We are just weeks away from a new internet era, when there will be a 6,000% expansion of website domains available for internet users. While this level of growth sounds exciting, it may hold more threat than promise for marketers.
<http://adage.com/article/cmo-strategy/domain-change-weeks-prepare/240676/>

The .Domain Change Is Weeks Away; How Marketers Should Prepare [subscription]
Ready or not, ICANN is moving forward with its new gTLD scheme. Here's how you can avoid .trouble.
<http://adage.com/abstract?article_id=240676>

First seven TMCH agents approved
The Trademark Clearinghouse has listed its first seven approved trademark submission agents.
<http://domainincite.com/12533-first-seven-tmch-agents-approved>

Governments expand gTLD objection shortlist
With the start of its meetings in Beijing just a couple of days away, ICANN?s Governmental Advisory Committee has handed out clues as to which new gTLDs it might object to.
<http://domainincite.com/12513-governments-expand-gtld-objection-shortlist>

dot Brand or dot What? Consumers unaware of New Top-Level Domains, including .Google, .Microsoft and .Nike
Afilias Limited ... announced the results of research on consumer attitudes towards the hundreds of new gTLDs that will launch beginning in 2013. The results? At this moment, the major online initiative where companies like Google, Microsoft, Nike and Amazon will create and use their own ?dot Brand? domains to promote their websites has fallen on deaf ears among the UK and US public.
<http://afilias.info/news/2013/04/01/dot-brand-or-dot-what-consumers-unaware-new-top-level-domains-including-google-micro>

Afilias Research Finds Consumers Unaware of Coming gTLDs. So What?
Afilias has released the results of research into consumer attitudes towards the coming new gTLDs that will begin launching later this year. The research finds that only one in five consumers in the US and the UK were aware of them. But the response should be so what? How can consumers be expected to know about them?
<http://goldsteinreport.com/article.php?article=20048>
<http://www.domainpulse.com/2013/04/03/afilias-finds-consumers-unaware-gtlds/>

InternetNZ files submission on 'closed gTLDs'
InternetNZ last month filed a submission with ICANN urging it to permit open ?second level? registrations in its new gTLD programme.
<https://internetnz.net.nz/news/the-browser/2013/March-2013/InternetNZ-files-submission-closed-gTLDs>

What Is the Potential Business Impact of New gTLDs On Existing TLDs? by Dan York
How will the business of existing top-level domains (TLDs) be impacted by the new gTLDs? Someone asked me this simple question and I was very surprised to see that my online searches couldn't easily find many detailed articles or research related to that point.
<http://www.circleid.com/posts/20130402_what_is_the_potential_business_impact_of_newgtlds_on_existing_tlds/>

NameJet and Afternic sign another gTLD launch
NameJet and Afternic will provide launch auctions and premium name distribution for the .build gTLD, should it be approved, the two companies have announced.
<http://domainincite.com/12543-namejet-and-afternic-sign-another-gtld-launch>

Hints and Solution for the Protection of Wine Geographical Indications in the ICANN New gTLD Program by Jean Guillon
This article is a copy of a letter sent today, 3 of April 2013, to the attention of Mr Fadi Chehad?, CEO of ICANN and other members of the ICANN board. Protecting wine Geographical Indications in the new gTLD program is a problem. This letter is also an article providing hints for the protection of Wine Geographical Indications in the ICANN new gTLD program.
<http://www.circleid.com/posts/20130403_hints_and_solution_for_the_protection_of_wine_geographical_gtld/>

39th New gTLD & 3rd IDN Application Withdrawn
Bridgestone Corporation has withdrawn an application for the new gTLD IDN string of ???? with ICANN.
<http://www.thedomains.com/2013/04/03/39th-new-gtld-3rd-idn-application-withdrawn/>

32 Objections To New gTLD Applications Filed; 13 By Verisign, 9 By Google
32 objections on new gTLD applications filed with the International Centre For Dispute Resolution, based string confusion, are now reflected on their website.
<http://www.thedomains.com/2013/04/03/32-objections-to-new-gtld-applications-filed-13-by-verisign-9-by-google/>

**********************
 - DNS SECURITY
**********************
us: Notice of Inquiry: Incentives To Adopt Improved Cybersecurity Practices
The President has directed the Secretary of Commerce to evaluate a set of incentives designed to promote participation in a voluntary program to be established by the Secretary of Homeland Security to support the adoption by owners and operators of critical infrastructure and other interested entities of the Cybersecurity Framework being developed by the National Institute of Standards and Technology (NIST).
<http://www.ntia.doc.gov/federal-register-notice/2013/notice-inquiry-incentives-adopt-improved-cybersecurity-practices>

Explainer: what is hacking?
... So what are hackers and their methods really like? What follows is something of a glossary, to cut out (or at least bookmark) and keep.
<https://theconversation.com/explainer-what-is-hacking-13039>

Open DNS Resolvers - Coming to an IP Address Near You! by Paul Roberts
Three vectors were exploited in the recent DDoS attack against Spamhaus: 1) Amplification of DNS queries through the use of DNSSEC signed data; 2) Spoofed source addresses due to lack of ingress filtering (BCP-38) on originating networks; 3) Utilisation of multiple open DNS resolvers While. 1) is unavoidable simply due to the additional data that DNSSEC produces, and 2) "should" be practised as part of any provider's network configuration, it is 3) that requires "you and I" ensure that systems are adequately configured.
<http://www.circleid.com/posts/20130402_open_dns_resolvers_coming_to_an_ip_address_near_you/>

Don't Blame Open Recursives For DDoS Attacks and Why You Should Implement BCP38 by Chip Marshall
There has been plenty of buzz and chatter on the Internet recently concerning a very large DDoS attack against CloudFlare, with coverage on their blog, the New York Times, and the BBC, among many others. While attacks of this nature are certainly nothing new, the scale of this attack was surprising, reported to hit 120Gbps. For a sense of scale, your average cable modem is only about 20Mbps, or about 0.016% of that bandwidth.
<http://www.circleid.com/posts/20130402_dont_blame_open_recursives_for_ddos_attacks_why_implement_bcp38/>

Spamhaus DDoS Spotlights DNS Server Security Challenge
When the Spamhaus Project was recently hit with a tsunami of distributed denial-of-service attack traffic, the impact of the incident caused a stir in the world of network security.
<http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/240152167/spamhaus-ddos-spotlights-dns-server-security-challenge.html>

US NIST: Industry should lead creation of cybersecurity framework [IDG]
The U.S. government agency leading an effort to create a voluntary cybersecurity framework for companies operating critical infrastructure wants to hear ideas about what to include in those standards.
<http://www.networkworld.com/news/2013/040313-us-nist-industry-should-lead-268366.html>

**********************
 - MISCELLANEOUS
**********************
Network Solutions gets a continuation patent on URL forwarding
Domain forwarding, a.k.a. URL forwarding. Every domain registrar offers it, and most give it away for free to their customers.
<http://domainnamewire.com/2013/04/02/network-solutions-gets-a-continuation-patent-on-url-forwarding/>

**********************
 - WEBHOSTING
**********************
Netcraft April 2013 Web Server Survey
In the April 2013 survey we received responses from 649,072,682 sites, 17.6M more than last month. This month, market leader Apache lost 9.9M sites, or 3 percentage points of market share. A major contributor to this loss was the movement of a large affiliate referral network consisting of around 8M sites now being served by nginx.
<http://news.netcraft.com/archives/2013/04/02/april-2013-web-server-survey.html>

Apache Loses 9.9 Million Sites in Netcraft April 2013 Web Server Survey
Apache lost 9.9 million sites in Netcraft?s April 2013 Web Server Survey, translating to a 3 percentage point loss in overall market share.
<http://www.thewhir.com/web-hosting-news/apache-loses-9-9-million-sites-in-netcraft-april-2013-web-server-survey>

**********************
 - DOMAINING & AFTERMARKET
**********************
Flurry of NDA Sales Leaves Door Open for Lower Level Deals to Take Top Spots on This Week's Chart
In terms of reported sales, this was the slowest week we've seen thus far in 2013 but, as the old saying goes, numbers can be deceiving. Ironically, in a week when there were no publicly reported sales above $30,000, several venues reported brisk business that included several  high end sales that were subject to NDAs (non disclosure agreements).
<http://dnjournal.com/archive/domainsales/2013/20130403.htm>

Uncharted entrepreneurship in Africa?s domain name industry
During the heyday of the domain name business in the late 90s, entrepreneurs snapped up attractive .com domains for cheap. Like real estate, the value of these domain names would balloon over the years as businesses rose to claim not only the smartest word combinations, but also their online identities. Buying and selling domain names turned out to be a very lucrative business for some. Domains like sex.com and insure.com would go on to hold jaw-dropping price tags of US$14-million and US$16-million respectively.
<http://ventureburn.com/2013/04/uncharted-entrepreneurship-in-africas-domain-name-industry/>

VentureBurn Covers Successful Domain Investors Story & Its About Co.za Space, The ccTLD For South Africa
VentureBurn.com just highlighted a domain name investor success story and this time it wasn?t about a .com but about a ccTLD,  Co.Za the country code for South Africa.
<http://www.thedomains.com/2013/04/03/ventureburn-covers-successful-domain-investors-story-its-about-co-za-space-the-cctld-for-south-africa/>

**********************
SOCIAL MEDIA
**********************
au: Small business ?ignoring social media?
Nearly three quarters of small and medium businesses in Australia are failing to use social media as a marketing tool, research conducted by Telstra shows.
<http://www.afr.com/p/technology/small_business_ignoring_social_media_d6Bpr7NlFJDX8WXbXHToMP>

nz: Facebook usage linked to student grades
A New Zealand study has found most students check Facebook each day, and there could be a link to academic performance.
<http://www.nzherald.co.nz/technology/news/article.cfm?c_id=5&objectid=10875314>

*********************************
CHILD PROTECTION & ONLINE SAFETY
*********************************
nz: Cyber bullies face jail under new Govt plan
Cyber bullies could be sent to jail for up to three years under new Government proposals aimed at protecting victims of online bullying.
<http://www.stuff.co.nz/technology/digital-living/8507497/Cyber-bullies-face-jail-under-new-Government-plan>
<http://www.stuff.co.nz/dominion-post/news/politics/8507477/Crackdown-on-cyber-bullies>
<http://www.stuff.co.nz/technology/digital-living/8507497/Cyber-bullies-face-jail-under-new-Govt-plan>

nz: Time's up for cyber bullies [news release]
Justice Minister Judith Collins has announced a raft of new proposals to hold cyber bullies to account for their bullying and harmful online behaviour.
<http://www.beehive.govt.nz/release/time039s-cyber-bullies>

nz: Government speeds up cyber-bullying laws
Inciting someone to commit suicide will be punishable with up to three years in jail under tough new cyber-bullying laws to be unveiled today.
<http://www.bayofplentytimes.co.nz/news/government-speeds-cyber-bullying-laws/1817240/>
<http://www.odt.co.nz/news/politics/251808/cyber-bullies-face-jail-under-new-law>
<http://www.rotoruadailypost.co.nz/news/government-speeds-cyber-bullying-laws/1817240/>
<http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10875273>

nz: Cyber-bullies could soon be locked up
People who incite others to commit suicide could get up to three years in jail under strict new cyber-bullying laws set to be revealed today.
<http://www.newstalkzb.co.nz/auckland/news/nbnat/1498660051-cyber-bullies-could-soon-be-locked-up>

nz: Cyber-bullying epidemic
Cyber bullying is reaching epidemic proportions in Palmerston North's secondary schools, prompting principals to throw their support behind extraordinary measures that could give them the powers to search and seize pupils' phones and iPads.
<http://www.stuff.co.nz/manawatu-standard/news/8496791/Cyber-bullying-epidemic>

nz: Live chat: Cyber bullying expert
With tough new cyber bullying laws to be unveiled today, inciting someone to commit suicide will be punishable with up to three years in jail.
<http://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=10875338>

de: New klicksafe materials on searching the internet ? competent use of search engines
Where and how can you find the right information online? How do you evaluate the content found? How do you discover which sources to trust, and which may be re-used, for example, for presentations? These and many other questions are addressed and answered in the new klicksafe teaching module about search engines
<http://www.saferinternet.org/news-events/news-article?p_p_id=webcontentbrowser_WAR_eunbaseportlet_INSTANCE_w5qZ&p_p_lifecycle=0&p_p_state=normal&p_p_mode=view&p_p_col_id=column-2&p_p_col_count=1&_webcontentbrowser_WAR_eunbaseportlet_INSTANCE_w5qZ_action=view-detail&_webcontentbrowser_WAR_eunbaseportlet_INSTANCE_w5qZ_groupId=10137>

Digital literacy in the UK curriculum
South West Grid for Learning (SWGfL), one of the awareness-raising partners within the UK Safer Internet Centre (SIC), has recognised the need to provide guidance on how schools may develop progressive programmes of digital literacy and citizenship within their curriculum. Taking a US-based programme, SWGfL has mapped this for the UK, producing a series of documents which will signpost schools to the relevant Common Sense Media lesson plans and resources, and to additional relevant materials from the UK, Europe and elsewhere.
<http://www.saferinternet.org/news-events/news-article?p_p_id=webcontentbrowser_WAR_eunbaseportlet_INSTANCE_w5qZ&p_p_lifecycle=0&p_p_state=normal&p_p_mode=view&p_p_col_id=column-2&p_p_col_count=1&_webcontentbrowser_WAR_eunbaseportlet_INSTANCE_w5qZ_action=view-detail&_webcontentbrowser_WAR_eunbaseportlet_INSTANCE_w5qZ_groupId=10137>

**********************
ONLINE TV, MUSIC & PIRACY
**********************
us: Judge rules digital music cannot be sold 'second hand'
A company which allowed customers to resell their digital music "second hand" breached copyright, a US judge has ruled.
<http://www.bbc.co.uk/news/technology-22000668>

Digital media re-sales over internet require rights holders' permission, rules US court
The trade of second-hand copyrighted digital files over the internet is prohibited unless rights holders give their permission to the activity, a US court has ruled.
<http://www.out-law.com/en/articles/2013/april/digital-media-re-sales-over-internet-require-rights-holders-permission-rules-us-court/>

**********************
SECURITY
**********************
us: Notice of Inquiry: Incentives To Adopt Improved Cybersecurity Practices
The President has directed the Secretary of Commerce to evaluate a set of incentives designed to promote participation in a voluntary program to be established by the Secretary of Homeland Security to support the adoption by owners and operators of critical infrastructure and other interested entities of the Cybersecurity Framework being developed by the National Institute of Standards and Technology (NIST).
<http://www.ntia.doc.gov/federal-register-notice/2013/notice-inquiry-incentives-adopt-improved-cybersecurity-practices>

Explainer: what is hacking?
... So what are hackers and their methods really like? What follows is something of a glossary, to cut out (or at least bookmark) and keep.
<https://theconversation.com/explainer-what-is-hacking-13039>

Open DNS Resolvers - Coming to an IP Address Near You! by Paul Roberts
Three vectors were exploited in the recent DDoS attack against Spamhaus: 1) Amplification of DNS queries through the use of DNSSEC signed data; 2) Spoofed source addresses due to lack of ingress filtering (BCP-38) on originating networks; 3) Utilisation of multiple open DNS resolvers While. 1) is unavoidable simply due to the additional data that DNSSEC produces, and 2) "should" be practised as part of any provider's network configuration, it is 3) that requires "you and I" ensure that systems are adequately configured.
<http://www.circleid.com/posts/20130402_open_dns_resolvers_coming_to_an_ip_address_near_you/>

Don't Blame Open Recursives For DDoS Attacks and Why You Should Implement BCP38 by Chip Marshall
There has been plenty of buzz and chatter on the Internet recently concerning a very large DDoS attack against CloudFlare, with coverage on their blog, the New York Times, and the BBC, among many others. While attacks of this nature are certainly nothing new, the scale of this attack was surprising, reported to hit 120Gbps. For a sense of scale, your average cable modem is only about 20Mbps, or about 0.016% of that bandwidth.
<http://www.circleid.com/posts/20130402_dont_blame_open_recursives_for_ddos_attacks_why_implement_bcp38/>

Spamhaus DDoS Spotlights DNS Server Security Challenge
When the Spamhaus Project was recently hit with a tsunami of distributed denial-of-service attack traffic, the impact of the incident caused a stir in the world of network security.
<http://www.darkreading.com/advanced-threats/167901091/security/attacks-breaches/240152167/spamhaus-ddos-spotlights-dns-server-security-challenge.html>

US NIST: Industry should lead creation of cybersecurity framework [IDG]
The U.S. government agency leading an effort to create a voluntary cybersecurity framework for companies operating critical infrastructure wants to hear ideas about what to include in those standards.
<http://www.networkworld.com/news/2013/040313-us-nist-industry-should-lead-268366.html>

**********************
PRIVACY
**********************
nz: Editorial: Tough rules on privacy are right
OPINION: Proposals to crack down on cyber bullying in schools will inevitably meet resistance from those who argue confiscating and searching students' electronic devices is a breach of their personal privacy. Tough.
<http://www.stuff.co.nz/manawatu-standard/opinion/8502941/Editorial-Tough-rules-on-privacy-are-right>

**************************
GOVERNMENT & PUBLIC POLICY
**************************
European data watchdogs target Google over privacy
Six European data protection agencies are contemplating legal action over Google's privacy policy. The threat comes as a four-month deadline to change the policy expires with Google making "no change" to the policy.
<http://www.bbc.co.uk/news/technology-22003551>

Google facing legal threat from six European countries over privacy
Google could face fines from six European countries' privacy regulators, including the UK and Germany, after refusing to reverse changes to its privacy policies made in March 2012.
<http://www.guardian.co.uk/technology/2013/apr/02/google-privacy-policy-legal-threat-europe>

Google Faces More Inquiries in Europe Over Privacy Policy
Instead of facing one European investigation into its privacy policy, Google now has to contend with at least six of them.
<http://www.nytimes.com/2013/04/03/technology/google-to-face-national-regulators-over-privacy-policy.html>

EU data watchdogs take aim at Google
Search giant accused over European privacy rules
<http://www.ft.com/cms/s/0/2b40d8ba-9bae-11e2-a820-00144feabdc0.html>

Google facing regulatory action in six EU countries over privacy policy issues
The UK's Information Commissioner's Office (ICO) and five other data protection authorities (DPAs) based across Europe may serve penalties on Google over alleged failings in the company's privacy policy.
<http://www.out-law.com/en/articles/2013/april/google-facing-regulatory-action-in-six-eu-countries-over-privacy-policy-issues/>

us: Privacy Group Calls for Changes in CISPA Cyberthreat Sharing Bill [IDG]
U.S. lawmakers need to make significant changes to a controversial cyberthreat information sharing bill because the legislation could be used to give federal intelligence agencies backdoor wiretapping powers, the Center for Democracy and Technology said.
<http://www.cio.com/article/731168/Privacy_Group_Calls_for_Changes_in_CISPA_Cyberthreat_Sharing_Bill>
<http://www.computerworld.com/s/article/9238108/Privacy_group_calls_for_changes_in_CISPA_cyberthreat_sharing_bill>

Don?t Ignore The Internet?s Nuts and Bolts by Michele Neylon
The internet as we know it is under constant attack. I don?t mean by DDOS or other ?charming? things, though it?d be incredibly dumb to ignore them. What I?m talking about is the ongoing battle between the ?open? and ?free?. What I?m talking about is the balance between industry ?self-regulation? vs government?s ?top down? regulation (and legislation). What I?m talking about is the balance between protecting intellectual property rights, while maintaining freedom of speech (which isn?t as protected under Irish law as some would like to think).
<http://blog.blacknight.com/dont-ignore-the-internets-nuts-and-bolts.html>

nz: Regulator pushes on with Chorus probe
The Commerce Commission will push on with its review of what Chorus charges internet retailers for some wholesale services, despite Government intervention.
<http://www.nzherald.co.nz/technology/news/article.cfm?c_id=5&objectid=10875086>
<http://www.nzherald.co.nz/business/news/article.cfm?c_id=3&objectid=10875086>

nz: Broadband pricing review to set 'important benchmark'
The Commerce Commission's decision to press ahead with a review of wholesale broadband pricing has been welcomed by Internet NZ.
<http://tvnz.co.nz/business-news/broadband-pricing-review-set-important-benchmark-5393253>

nz: Review of broadband pricing to continue
Internet New Zealand and the Labour Party have praised the Commerce Commission for pressing ahead with a review of wholesale copper broadband pricing, though lower prices for consumers are far from certain.
<http://www.stuff.co.nz/technology/8505638/Review-of-broadband-pricing-to-continue>

------
David Goldstein

 email: david at goldsteinreport.com

 web:   http://goldsteinreport.com/
         http://davidgoldstein.tel/
 phone: +61 418 228 605 - mobile; +61 2 9665 5773 - office/home

"Every time you use fossil fuels, you're adding to the problem. Every time you forgo fossil fuels, you're being part of the solution" - Dr Tim Flannery
Received on Thu Apr 04 2013 - 01:59:08 UTC

This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:11 UTC