Slashdot Mirror

An anonymous reader writes: This week marks the 50th anniversary for the Internet "Request for Comments" (RFC) series, which started in April 1969 with the publication of RFC1 titled "Host Software" authored by Stephen D. Crocker. The early RFCs were meant to be requests for comments on ideas and proposals, says Heather Flanagan, RFC Series Editor. Today over 8500 RFCs have been published, ranging from best practice information, experimental protocols, informational material, to Internet standards. An RFC has been published to mark the fiftieth anniversary to include retrospective material from individuals involved at key inflection points, as well as a review of the current state of affairs.

An anonymous reader shares a report: Neustar, the registry operator of the .US domain and NTIA have reversed course, allowing the inclusion of previously restricted "seven dirty words" from future .US domain name registrations. The decision came after EFF and the Cyberlaw Clinic at Harvard Law School intervened in the cancelation of a domain name containing a restricted word. The domain name -- fucknazis.us -- registered by Mr. Rubin was suspended by Neustar calling it a violation of an NTIA "seven dirty words" policy -- "a phrase with particular First Amendment significance," said EFF. Further reading: EFF: Yes, You Can Name A Website "Fucknazis.us".

penciling_in writes: There are no silver bullets in Internet security, warns Paul Vixie in a co-authored piece along with Cyber Security Specialist Frode Hommedal: "Just as 'data' is being sold as 'intelligence', a lot of security technologies are being sold as 'security solutions' rather than what they really are: very narrow-focused appliances that, as a best case, can be part of your broader security effort." We have to stop playing "cops and robbers" and pretending that all of us are potential targets of nation-states, or pretending that any of our security vendors are like NORAD, warn the authors.

Vixie adds, "We in the Internet security business look for current attacks and learn from those how to detect and prevent those attacks and maybe how to predict, detect, and prevent what's coming next. But rest assured that there is no end game — we put one bad guy in prison for every hundred or so new bad guys who come into the field each month. There is no device or method, however powerful, which will offer a salient defense for more than a short time. The bad guys endlessly adapt; so must we. Importantly, the bad guys understand how our systems work; so must we."

benfrog writes "The security bug that has been stalling the 'dot-word TLD land grab' might be fixed, but ICANN says it needs another week 'to sift through its mountains of TAS logs, in order to figure out which applicants' data was visible to which other applicants.' Needless to say, some are less than thrilled about the further delay."

penciling_in writes "Paul Vixie shares his personal account of the DNSChanger takedown operation, working with the FBI and a worldwide team. He also explains the delay issues in identifying and notifying victims, which resulted in the FBI asking the judge for an extension. They were given four more months. 'On July 9 2012 the replacement DNS servers operated by ISC will be shut down and any victims who still depend on these servers will face new risks,' he warns. A half-dozen national Internet security teams around the world have created special websites that will display a warning message to potential victims of the DNS Changer infection. The full list of these 'DNS Checking' websites is published by the DNS Changer Working Group."

Wednesday is here, and with it sites around the internet are going under temporary blackout to protest two pieces of legislation currently making their way through the U.S. Congress: the Stop Online Piracy Act (SOPA) and the Protect-IP Act (PIPA). Wikipedia, reddit, the Free Software Foundation, Google, the Electronic Frontier Foundation, imgur, Mozilla, and many others have all made major changes to their sites or shut down altogether in protest. These sites, as well as technology experts (PDF) around the world and everyone here at Slashdot, think SOPA and PIPA pose unacceptable risks to freedom of speech and the uncensored nature of the internet. The purpose of the protests is to educate people — to let them know this legislation will damage websites you use and enjoy every day, despite being unrelated to the stated purpose of both bills. So, we ask you: what can you do to stop SOPA and PIPA? You may have heard the House has shelved SOPA, and that President Obama has pledged not to pass it as-is, but the MPAA and SOPA-sponsor Lamar Smith (R-TX) are trying to brush off the protests as a stunt, and Smith has announced markup for the bill will resume in February. Meanwhile, PIPA is still present in the Senate, and it remains a threat. Read on for more about why these bills are bad news, and how to contact your representative to let them know it.

Note: This will be the last story we post today until 6pm EST in protest of SOPA. Why is it bad?

The Stop Online Piracy Act is H.R.3261, and the Protect-IP Act is S.968.

The intent of both pieces of legislation is to combat online piracy, giving the Attorney General and the Department of Justice power to block domain name services and demand that links be stripped from sites not involved in piracy. The problem is that the legislation, as written, is vague and overly-broad. For one thing, it classifies internet sites as "foreign" or "domestic" based entirely on their domain name. A site hosted abroad like Wikileaks.org could be classified as "domestic" because the .org TLD is registered through a U.S. authority. By defining it as "domestic," Wikileaks would then fall under the jurisdiction of U.S. laws. Other provisions are worded even more poorly: in Section 103, SOPA lays out the definition for a "foreign infringing site" as one where "the owner or operator of such Internet site is committing or facilitating the commission of criminal violations punishable under [provisions relating to counterfeiting and copyright infringement]." The problematic word is facilitating, as it opens the door to condemning sites that simply link to other sites.

The most obvious implication of this is that search engines would suddenly be responsible for monitoring and policing everything they index. Google indexed its trillionth concurrent URL in 2008. Can you imagine how many people it would take to double check all of them for infringing content? But the job wouldn't end at simply looking at them — Google would have to continually monitor them. Google would also have to somehow keep track of the billions of new sites that spring up daily, many of which would be trying to avoid close scrutiny. Of course, it's an impossible task, so there would need to be automated solutions. Automation being imperfect, it would leave us with false positives. Or perhaps sites would need to be "approved" to be listed. Either way, we'd then be dealing with censorship on a massive scale, and the infringing sites themselves would continue to pop up.

But the problems don't end there; in fact, SOPA defines "Internet search engine" as a service that "searches, crawls, categorizes, or indexes information or Web sites available elsewhere on the Internet" and links to them. That's pretty much what we do here at Slashdot. It's also something the fine folks at Wikipedia and reddit do on a regular basis. The strength of all three sites is that they're heavily dependent on user-generated content. Every day at Slashdot, readers deposit hundreds and hundreds of links into our submissions bin. Thousands of comments are made daily. We have a system to surface the good content, but the chaff still exists. If we suddenly had a mandate to retroactively filter out all the links to potentially copyright-infringing sites in our database, we wouldn't have many options. We're talking about reviewing hundreds of thousands of submissions, and every comment on 117,000+ stories. And we're far from the biggest site around — imagine social networks needing to police their content, and all the privacy issues that would raise.

Small sites and new sites would be hurt, too. A website isn't a single, discrete entity that exists on its own. A new company starting up a site would have to worry about its webhost, registrar, content provider, ISP, etc. The legislation would also raise significant financial obstacles. New companies need investments, and that would be much less likely (PDF) if the company could be held liable for content uploaded by users. On top of that, if the site was unable to live up to the vague standards set by the government and the entertainment industry, they could be on the receiving end of a lawsuit, which would be expensive to fight even if they won (and such laws would never, ever be abused). It's hard to conceptualize the internet without noting its unrivaled growth, and SOPA/PIPA would surely stifle it.

This legislation hits near and dear to the hearts of many Slashdotters; if SOPA/PIPA pass, IT staff for companies small and large are going to have their hands full making sure they aren't opening themselves to legal action or government intervention. Mailing lists, used commonly and extensively among open source software projects, would be endangered. Code repositories would need be scoured for infringing content; the bill allows for the strangling of revenue sources if its anti-infringement rules aren't being met. VPN and proxy services become only questionably legal. The very nature of the open source community — as the EFF puts it, "decentralized, voluntary, international" — is not compatible with the burdens placed on internet sites by SOPA and PIPA.

What can we do?

So, what can we do about it? There are two big things: contact your representative, and spread the word. Slashdot readers, on the whole, are more technically-minded than the average internet user, so you're all in a position to share your wisdom with the less internet-savvy people in your life, and get them to contact their representative, too. Here's some useful information for doing so:

Propublica has a list of all SOPA/PIPA supporters and opponents.
Here is the Senate contact list and the House contact list.
You can also use the EFF's form-letter, the Stop American Censorship form-letter, or sign Google's petition.
If you don't live in the U.S., you can petition the State Department. (And yes, you have a dog in this fight.)
SOPAStrike has a list of companies participating in the protest, and this crowd-sourced Google Doc tracks companies that support the legislation. Tell those companies what you think.

Further reading: Wikipedia has left their SOPA and PIPA pages up. The EFF has a series of articles explaining in more depth what is wrong with the bills. Here are some protest letters written to Congress from human rights groups, law professors, and internet companies.

Go forth and educate.

penciling_in writes "A group of DNS heavyweights have released a paper detailing serious concerns over the proposed DNS filtering requirements included as part of the bill recently introduced in the US Senate named Preventing Real Online Threats to Economic Creativity and Theft of Intellectual Property Act of 2011 (PROTECT IP Act). The group which includes Paul Vixie, Dan Kaminsky, Steve Crocker, David Dagon and Danny McPherson, have detailed several serious technical and security concerns in the event that the mandated DNS filtering is enacted into law. Dan Kaminsky says: 'There are efforts afoot to manipulate the DNS on a remarkably large scale. The American PROTECT IP act contains several reasonable and well targeted remedies to copyright infringement. One of these remedies, however, is to leverage the millions of recursive DNS servers that act as accelerators for Internet traffic, and convert them into censors for domain names in an effort to block content.'"

netzar writes "CAUSE executive director Neil Schwartzman, in a post on CircleID, urges governments and law enforcement to treat cyber crime as what it really is: 'crime': 'When someone is mugged, harassed, kidnapped or raped on a sidewalk, we don't call it "sidewalk crime" and call for new laws to regulate sidewalks. It is crime, and those who commit crimes are subject to the full force of the law. For too long, people have referred to spam in dismissive terms: just hit delete, some say, or let the filters take care of it. Others — most of us, in fact — refer to phishing, which is the first step in theft of real money from real people and institutions, as "cyber crime." It's time for that to stop... This isn't just email. This isn't a war. This isn't "cyber." This is crime.'"

penciling_in writes "CircleID reports that the Internet Corporation for Assigned Names and Numbers (ICANN) has announced its approval of non-Latin string evaluation of 'Iran.' This approval will allow the availability of Iran's top-level domain in its own native language, Persian, also known as Farsi (that is, the domain name .IRAN, in non-Latin characters). According to ICANN, there are currently 33 requests for Internationalized Domain Names (IDN) country code Top-Level Domains (ccTLDs), representing 22 languages, out of which 18 countries/territories have so far been approved."

penciling_in writes "ISC has made the announcement that they have developed a technology that will allow 'cooperating good guys' to provide and consume reputation information about domain names. The release of the technology, called Response Policy Zones (DNS RPZ), was announced at DEFCON. Paul Vixie explains: 'Every day lots of new names are added to the global DNS, and most of them belong to scammers, spammers, e-criminals, and speculators. The DNS industry has a lot of highly capable and competitive registrars and registries who have made it possible to reserve or create a new name in just seconds, and to create millions of them per day. ... If your recursive DNS server has a policy rule which forbids certain domain names from being resolvable, then they will not resolve. And, it's possible to either create and maintain these rules locally, or, import them from a reputation provider. ISC is not in the business of identifying good domains or bad domains. We will not be publishing any reputation data. But, we do publish technical information about protocols and formats, and we do publish source code. So our role in DNS RPZ will be to define 'the spec' whereby cooperating producers and consumers can exchange reputation data, and to publish a version of BIND that can subscribe to such reputation data feeds. This means we will create a market for DNS reputation but we will not participate directly in that market.'"

An anonymous reader writes "A couple of weeks ago Sourcefire announced end-of-life for version 0.94 of its free ClamAV antivirus package (and in fact has been talking about it for six months). The method that Sourcefire chose to retire 0.94 was to shut down the server that provided its service. Those who had failed to upgrade are scrambling now. Many systems have no choice but to disable virus checking in order to continue to process email. I am very glad I saw the announcement last week!"

netczar writes "Former US cybersecurity chief Rod Beckstrom has been selected as the new ICANN president and CEO. The decision was publicly announced during ICANN's 35th meeting in Sydney, Australia on Friday. Beckstrom will be replacing Dr. Paul Twomey, who had been serving this position since March 2003 and announced his resignation earlier this year. Beckstrom recently made headlines for his sudden resignation from his post at NCSC, criticizing the lack of funding from the NSA and its move to try to 'rule over' the NCSC." Reader darthcamaro notes a story which quotes Beckstrom as saying, "The system on [the] whole is healthy, but also strained, and part of the strains are natural and part of the democratic process. The process may be noisy, but a stable Internet is what has come out of ICANN. This is massively complex — wouldn't run well top-down. We would not reach the same balance of decisions to propagate through the network. All of us are humbled by the process. No one is in control, so everyone is in control."

netczar writes "According to a post by John Levine on CircleID, as well as other sources, the US Court of Appeals for the Ninth Circuit has reversed a lower court decision which threw out an antitrust lawsuit several years ago by the Coalition for ICANN Transparency (CFIT) against VeriSign. Levine writes: 'Back in 2005 an organization called the Coalition for ICANN Transparency burst upon the scene at the Vancouver ICANN meeting, and filed an anti-trust suit against VeriSign for their monopoly control of the .COM registry and of the market in expiring .COM domains. They didn't do very well in the trial court, which granted Verisign's motion to dismiss the case. But yesterday the Ninth Circuit reversed the trial court and put the suit back on track.'"

netizen writes "CircleID is reporting a large-scale DDoS attack affecting all of Network Solutions' name servers for the past 48 hours, potentially affecting millions of websites and emails around the world hosting their domain names on the company's servers. The NANOG mailing list indicates that it is due to a very large-scale UDP/53 DDoS which Network Solutions has also confirmed: 'There is a spike in DNS query volumes that is causing latency for the delay in web sites resolving. This is a result of a DDOS attack. We are taking measures to mitigate the attack and speed up queries.""

miller60 writes "Three undersea cables in the Mediterranean Sea have failed within minutes of each other in an incident that is eerily similar to a series of cable cuts in the region in early 2008. The cable cuts are already causing serious service problems in the Middle East and Asia. See coverage at the Internet Storm Center, Data Center Knowledge and Bloomberg. The February 2008 cable cuts triggered rampant speculation about sabotage, but were later attributed to ships that dropped anchor in the wrong place."

nnfiber writes "What if home owners could also own their Internet connection? Tim Wu, of New America Foundation and Derek Slater, Google's Policy Analyst, say this can be a new effective way to encourage broadband deployment — an important issue in 'America's economic growth.' In his post, Timothy B. Lee says: 'That might sound like a crazy idea at first blush, but Wu and Slater do a great job of explaining how it might work. The key idea is "condominium fiber," an arrangement in which a number of neighboring households pool their resources to install fiber to all the homes in their neighborhoods. Once constructed, each home would own its own fiber strand, while the shared costs of maintaining the "trunk" cable from the individual homes to a central switching location would be managed in the same way that condominium and homeowners' associations currently manage the shared areas of condos and gated communities.'"

circleid writes "The Obama-Biden transition team on Friday named two long-time net neutrality advocates to head up its Federal Communications Commission Review team. Susan Crawford, a professor at the University of Michigan Law School, member of the board of directors of ICANN, and OneWebDay founder, as well as Kevin Werbach, former FCC staffer, organizer of the annual Supernova technology conference, and a Wharton professor, will lead the Obama-Biden transition team's review of the FCC. 'Both are highly-regarded outside-the-Beltway experts in telecom policy, and they've both been pretty harsh critics of the Bush administration's telecom policies in the past year.' The choice of the duo strongly signals an entirely different approach to the incumbent-friendly telecom policy-making that's characterized most of the past eight-years at the FCC." Reuters has a related story about Senator Byron Dorgan (D-ND), who plans to introduce net neutrality legislation in January.

circleid writes "The Obama-Biden transition team on Friday named two long-time net neutrality advocates to head up its Federal Communications Commission Review team. Susan Crawford, a professor at the University of Michigan Law School, member of the board of directors of ICANN, and OneWebDay founder, as well as Kevin Werbach, former FCC staffer, organizer of the annual Supernova technology conference, and a Wharton professor, will lead the Obama-Biden transition team's review of the FCC. 'Both are highly-regarded outside-the-Beltway experts in telecom policy, and they've both been pretty harsh critics of the Bush administration's telecom policies in the past year.' The choice of the duo strongly signals an entirely different approach to the incumbent-friendly telecom policy-making that's characterized most of the past eight-years at the FCC." Reuters has a related story about Senator Byron Dorgan (D-ND), who plans to introduce net neutrality legislation in January.

circleid writes "The Obama-Biden transition team on Friday named two long-time net neutrality advocates to head up its Federal Communications Commission Review team. Susan Crawford, a professor at the University of Michigan Law School, member of the board of directors of ICANN, and OneWebDay founder, as well as Kevin Werbach, former FCC staffer, organizer of the annual Supernova technology conference, and a Wharton professor, will lead the Obama-Biden transition team's review of the FCC. 'Both are highly-regarded outside-the-Beltway experts in telecom policy, and they've both been pretty harsh critics of the Bush administration's telecom policies in the past year.' The choice of the duo strongly signals an entirely different approach to the incumbent-friendly telecom policy-making that's characterized most of the past eight-years at the FCC." Reuters has a related story about Senator Byron Dorgan (D-ND), who plans to introduce net neutrality legislation in January.

syncro writes "The recent massive, multi-vendor DNS patch advisory related to DNS cache poisoning vulnerability, discovered by Dan Kaminsky, has made headline news. However, the secretive preparation prior to the July 8th announcement and hype around a promised full disclosure of the flaw by Dan on August 7 at the Black Hat conference has generated a fair amount of backlash and skepticism among hackers and the security research community. In a post on CircleID, Paul Vixie offers his usual straightforward response to these allegations. The conclusion: 'Please do the following. First, take the advisory seriously — we're not just a bunch of n00b alarmists, if we tell you your DNS house is on fire, and we hand you a fire hose, take it. Second, take Secure DNS seriously, even though there are intractable problems in its business and governance model — deploy it locally and push on your vendors for the tools and services you need. Third, stop complaining, we've all got a lot of work to do by August 7 and it's a little silly to spend any time arguing when we need to be patching.'"

netizenz writes "At a press conference yesterday, FCC Chairman Kevin Martin has clarified his earlier statements on Comcast. According to the CircleID post by Richard Bennett, he 'will not seek a fine against Comcast. Rather, he will simply impose some reporting requirements on them and order them to do what they've already started to do, phase out the current traffic management system in favor of an application-agnostic one. This is second story in a row where the AP have got the facts backwards. Hence, both sides may now officially claim victory.'"

penciling_in writes "The Internet Corporation for Assigned Names and Numbers (ICANN) has approved the relaxation of the rules for the introduction of new Top-Level Domains — a move that could drastically change the Internet. 'We are opening up a new world and I think this cannot be underestimated,' said Roberto Gaetano, an ICANN board member. The future outcome of this decision was discussed on Slashdot a few days ago. It also seems, based on this post on CircleID from last month, that ICANN was already in preparation mode of mass TLD introductions. The new decision will allow companies to register their brands as generic top-level domain names (TLDs). For instance, Microsoft could apply to have a TLD such as '.msn', Apple apply for '.mac', and Google for '.goog'... The decision was taken unanimously on Thursday, June 26, 2008 at the 32nd ICANN Meeting in Paris."

penciling_in writes "CircleID has a post by Richard Bennett, one of the panelists in the recent Innovation forum on open access and net neutrality — where Google announced their upcoming throttling detector. From the article: 'My name is Richard Bennett and I'm a network engineer. I've built networking products for 30 years and contributed to a dozen networking standards, including Ethernet and Wi-Fi. I was one of the witnesses at the FCC hearing at Harvard, and I wrote one of the dueling Op-Ed's on net neutrality that ran in the Mercury News the day of the Stanford hearing. I'm opposed to net neutrality regulations because they foreclose some engineering options that we're going to need for the Internet to become the one true general-purpose network that links all of us to each other, connects all our devices to all our information, and makes the world a better place. Let me explain ...' This article is great insight for anyone for or against net neutrality."

jgreco writes "A judge in North Dakota has just ruled that requesting a zone transfer from a public DNS server is criminal activity within the meaning of the North Dakota Computer Crimes Law. A zone transfer is a simple request that a DNS server hand over information in bulk, and a DNS server may be configured to allow or deny such requests. That the owner of a DNS server would configure the server to allow such requests, and then claim such requests were unauthorized, is simply stunning."

An anonymous reader writes "In a developing story, registrar Network Solutions has been caught front-running domain names. Any domain names searched via NSI's whois are being immediately purchased by the registrar, thereby preventing a registrant from purchasing the domain at any other registrar. There are multiple reports of this practice over at DomainState.com." Update: 01/09 01:58 GMT by KD : shashib writes to let us know that NSI has issued a response to the accusations of front running.

wayne writes "As reported on CircleID, Vint Cerf has confirmed that ICANN's new contracts for the .org/.biz/.info domain prices can be tiered, so that google.biz could cost $1 million per year, while sex.biz could cost $100,000/year. This is very similar to how the .tv TLD already works. The domain registrar could also could also use pricing for political purposes, claiming that pricing sex.biz high would be to 'protect the children,' while icann.org could be priced at $1/year. Verisign's contract for .com and .net have recently been renewed, so those domains are safe for now, but I'm sure they would want similar treatment."

wayne writes "As reported on CircleID, the nation of Cameroon, which controls the .cm top level domain, has typo-squatted all of the .com domain space. They have placed a wildcard DNS record to redirect all traffic to an ad-based search page. Unlike the earlier case of Verisign putting a wildcard in the real .com domain, ICANN has very little direct control over what a nation can do with their own TLD. Will the owners of .co and .om follow?"

netrover writes "CircleID is reporting on the latest developments on the .XXX top-level domain as the related ICANN meeting is currently underway in Welligton, New Zealand. From the article: 'The .XXX TLD was widely expected to receive its final approval at the ICANN's last meeting held in Vancouver about 4 months earlier but the discussion was unexpectedly delayed as the organization and governments requested more time to review the merits of setting up such a domain.' But as it has been reported, it appears the discussions at ICANN Wellington are in limbo once again."

Slashback tonight brings some corrections, clarifications, and updates to previous Slashdot stories, including a possible iBill framejob, the first steps towards defying the Real ID act, Peter Quinn continues his support for Open Source, Judge flunks lawsuit against spammers, WinXP on a Mac, round 2, Juniper drops message board suit, Vint Cerf answers questions on TLDs, PriceRitePhoto gets relisted, and RIM goes on the offensive for patent reform -- Read on for details.

iBill stolen info a framejob? An anonymous reader writes "The database of stolen credit card information recently discussed on Slashdot appears not to have come from iBill after all. From the article: 'Secure Science's Lance James backed away from his conclusion that iBill, which processes most of its transactions on behalf of adult services, was the source of the leak. He says pornography transaction databases may be considered especially desirable to spammers, and that a criminal may have deliberately mislabeled a database taken from another source.'"

First steps towards defying the Real ID act. An anonymous reader writes "With House Bill 1582, The New Hampshire House of Representatives has taken the first steps towards defying the Federal Government on the infamous Real ID act, which last year passed 100-0. This bill does not express disagreement with the Real ID act, it prohibits the state DMV from amending licensing procedures altogether, and it passed 270-84. Several impassioned testimonies were given at the House, and even those against the bill expressed displeasure with the Real ID act. It now moves on to the 24-member state Senate. The afternoon's proceedings can be viewed or listened to via the NH General Court website under the afternoon of March 8th."

Peter Quinn continues his support of Open Source. Stony Stevenson writes "Computerworld Australia reports that former Massachusetts state government CIO, Peter Quinn is fronting the battle for OpenSource. He believes the cost of government is not sustainable in its present form and any technology leader who is not supporting and implementing open standards should resign and get out of the business. From the article: 'Even though the personal toll from state government experience was huge, Quinn said he would not be silenced. "I will remain very vocal and prominent regarding open standards, open source, especially Open Document Format and all aspects of accessibility for the disabled community," he said.'"

Judge flunks lawsuit against spammers. Hawkeye writes "A federal court in California has just created a huge legal loophole for companies who hire sleazy spammers. Kennedy-Western, an unaccredited university (aka diploma mill) has been absolved for outsourcing its email advertising to 'proxy-abusing, header-forging, hash-busting spammers,' according to the story at Spam Kings. The court ruled that Kennedy-Western didn't violate the CAN-SPAM Act because the plaintiff, a small California ISP named Hypertouch, 'failed to provide any evidence that KWU had actual knowledge or consciously avoided knowledge of a current or future violation of the CAN-SPAM Act by anyone who sent the e-mails at issue.' Perhaps not surprisingly, KWU enlisted as an expert witness Jason Rines, an email marketer who once worked with the notorious Sanford Wallace and who has been listed on the Spamhaus Block List."

WinXP on a Mac, round 2. fan777 writes "Slashdot recently posted a story regarding blurry Flickr photos on what may be the first WinXP installation on a Mac. To those who claimed heavy photochopping, narf2006 has finally released a blurry video (Complete with Mirror || Torrent)."

Juniper drops message board suit. It seems that Juniper Networks has finally come to their senses and dropped the suit against several unidentified LightReading message board users. From the article: "What is still unknown is whether or not Juniper ever uncovered the identities of "Does 1-10." The company's complaint cited several messages that got the company riled up, and most those messages allege that Juniper is bribing lawyers and spying on its employees."

Vint Cerf answers TLD questions. netzer writes "CircleID is running responses they have received from Vint Cerf on the questions submitted to him from the community with regards to top level domains."

PriceRitePhoto gets relisted. Thomas Hawk has an interesting blog entry in which he details how PriceRitePhoto, the online retailer who gained so much recent infamy, has been relisted on Yahoo! shopping after only a three month penance. From the article: "What was interesting to me at the time when the PriceRitePhoto story was going on was that PriceRitePhoto had supposedly been delisted a year earlier from comparison shopping site PriceGrabber. What I never could get is how after being delisted on PriceGrabber that PriceRitePhoto ended back on there a year later to try and rip me off. Of course that first delisting didn't get the visibility that mine did, but not to worry, not only is PriceRitePhoto back in business at Yahoo! Shopping, they are back in business on PriceGrabber as well. This after being delisted there at least twice that I know of."

RIM goes on the offensive for patent reform. flanman writes to tell us it seems that RIM has decided to continue the patent reform fight even after giving up their recent court battle. RIM is running full page ads in a number of US newspapers urging lawmakers to change the way patents are issues and managed. RIM also has more details on the Blackberry site.

netscoop writes "CircleID is running an interesting blog by Meng Wong, best known as the lead developer of the anti-spam authentication scheme, SPF. While touching on various recent hot issues, Meng has this to say about phishing: 'The final solution to the phishing problem requires that people use a whitelist-only, default-deny paradigm for email. Many people already subscribe to default-deny for IM and VoIP, but there is a cultural resistance to whitelist-only email -- email is perceived as the medium of least reserve. I believe that we must move to a default-deny model for email to solve phishing; at the same time we must preserve the openness that made email the killer app in the first place. The tension between these poles creates a tremendous opportunity for innovation and social good if we get things right, and for shattering failure if we get things wrong.' Right or wrong, definitely worth a read."

penciling_in writes "Over at CircleID, Vint Cerf is taking question from the community Slashdot-style with regards to top level domains. 'As most readers are no doubt aware, when it comes to the topic of Top-Level Domains (TLDs), Internet Corporation for Assigned Names and Numbers (ICANN) takes center stage. From the existing .com and .net TLDs to the newly introduced and future releases, in the past years we witnessed the increasing level of discussions around Top-Level Domains painted -- ever so often -- with political, legal and technical debates. Vint Cerf, Google's VP and Chief Internet Evangelist, who has served as chairman of the board of ICANN since the November of 1999 has accepted CircleID's invitation to directly respond to your questions on the topic. This is your opportunity to have your Top-Level Domain related questions responded by Vint Cerf.'"

penciling_in writes "CircleID has reported on a U.S. congress hearing held on November 9th, where "significant focus was projected on 'network neutrality' and a new telecommunications bill affecting the Internet. 'This bill could fundamentally alter the fabulously successful end-to-end Internet,' says Alan Davidson in a related post on Google blog." Vint Cerf was not able to testify because of the Presidential Medal of Freedom award ceremony at the White House, but submitted a letter: "The remarkable social impact and economic success of the Internet is in many ways directly attributable to the architectural characteristics that were part of its design. The Internet was designed with no gatekeepers over new content or services. The Internet is based on a layered, end-to-end model that allows people at each level of the network to innovate free of any central control. By placing intelligence at the edges rather than control in the middle of the network, the Internet has created a platform for innovation. This has led to an explosion of offerings - from VOIP to 802.11x wi-fi to blogging - that might never have evolved had central control of the network been required by design." CircleID post includes full text of the letter."

penciling_in writes "CircleID has reported on a U.S. congress hearing held on November 9th, where "significant focus was projected on 'network neutrality' and a new telecommunications bill affecting the Internet. 'This bill could fundamentally alter the fabulously successful end-to-end Internet,' says Alan Davidson in a related post on Google blog." Vint Cerf was not able to testify because of the Presidential Medal of Freedom award ceremony at the White House, but submitted a letter: "The remarkable social impact and economic success of the Internet is in many ways directly attributable to the architectural characteristics that were part of its design. The Internet was designed with no gatekeepers over new content or services. The Internet is based on a layered, end-to-end model that allows people at each level of the network to innovate free of any central control. By placing intelligence at the edges rather than control in the middle of the network, the Internet has created a platform for innovation. This has led to an explosion of offerings - from VOIP to 802.11x wi-fi to blogging - that might never have evolved had central control of the network been required by design." CircleID post includes full text of the letter."

edsonie writes "CircleID is reporting on the recent Honeynet Project, 'Know your Enemy: Phishing', aimed at discovering practical information on the practice of phishing. The study reports on a number of real world examples of phishing attacks and the typical activities performed by attackers during the full lifecycle of such incidents. The research also suggests that phishing attacks "are becoming more widespread and well organized". Also with regards to the speed of such attacks, "phishing attacks can occur very rapidly, with only limited elapsed time between the initial system intrusion and a phishing web site going online with supporting spam messages to advertise the web site, and that this speed can make such attacks hard to track and prevent." Check out the full report here presenting actual techniques and tools used by phishers."

netpulse writes "Over at CircleID, John Levine shares a letter by Carl Hutzler, AOL Postmaster and Director, blaming irresponsible ISPs as key part of the problem in the long-term fight against spam. Hutzler says: "Spam is a completely solvable problem. And it does not take finding every Richter, Jaynes, Bridger, etc to do it (although it certainly is part of the solution). In fact it does not take email identity technologies either (although these are certainly needed and part of the solution). The solution is getting messaging providers to take responsibility for their lame email systems that they set up without much thought and continue to not care much about when they become overrun by spammers. This is just security and every admin/network operator has to deal with it. We just have a lot of providers not bothering to care.' To which John Levine adds: 'What do we have to do to persuade networks that dealing with their own spam problem, even at significant short term cost, is better for the net and themselves than limping along as we do now?'"

scebo writes "With the first phase of United Nations World Summit (WSIS) held in Dec of 2003 and the next phase to be held in 2005, there have been extensive debates regarding Internet Governance. Can it be governed? Who should govern it? What is Internet governance? Vint Cerf has offered his own opinion on the subject over at CircleID which attempts to answer some of the key questions raised: 'It has been suggested by some participants in the WSIS discussions that the role of ICANN might be undertaken by the traditional International Telecommunications Union (ITU). While the ITU has served the world as the international forum for the handling of many international issues associated with traditional tele-communications, the Internet has disrupted the neat categorization of various telecommunications media. It is the potential bearer of every form of communication. ICANN has evolved international processes and structures over the last six years to cope with a limited set of issues associated with this rich, complex and rapidly evolving infrastructure. The world needs an effective and well-supported ICANN but the participants in the World Summit on the Information Society and the Working Group on Internet Governance now need to turn their attention to the full panoply of public policy issues that, as discussed above, lie outside the mandate of ICANN. These need a thorough and open airing in this next phase of the World Summit on the Information Society.'"

scebo writes "With the first phase of United Nations World Summit (WSIS) held in Dec of 2003 and the next phase to be held in 2005, there have been extensive debates regarding Internet Governance. Can it be governed? Who should govern it? What is Internet governance? Vint Cerf has offered his own opinion on the subject over at CircleID which attempts to answer some of the key questions raised: 'It has been suggested by some participants in the WSIS discussions that the role of ICANN might be undertaken by the traditional International Telecommunications Union (ITU). While the ITU has served the world as the international forum for the handling of many international issues associated with traditional tele-communications, the Internet has disrupted the neat categorization of various telecommunications media. It is the potential bearer of every form of communication. ICANN has evolved international processes and structures over the last six years to cope with a limited set of issues associated with this rich, complex and rapidly evolving infrastructure. The world needs an effective and well-supported ICANN but the participants in the World Summit on the Information Society and the Working Group on Internet Governance now need to turn their attention to the full panoply of public policy issues that, as discussed above, lie outside the mandate of ICANN. These need a thorough and open airing in this next phase of the World Summit on the Information Society.'"

penciling_in writes "CircleID has a great two-part interview with Meng Wong, lead developer of the anti-spam authentication scheme Sender Policy Framework (SPF). He has responded to various questions (which also touches on issues previously raised by Slashdot folks), including the merger with Microsoft's Caller ID, incompatibility of SPF with email forwarding services, and what he thinks about Yahoo's DomainKeys, as well as where he believes the fight against spam is headed. (He has also confirmed that the name SPF and references to sunblock are intentional!) In response to the first question in the interview on how SPF got started, Meng says: 'In 2002 Paul Vixie, the brains behind BIND, wrote a short paper titled 'Repudiating Mail-From'. That inspired two other proposals, 'Reverse MX' by Hadmut Danisch and 'Designated Mailer Protocol' by Gordon Fecyk. In late 2003 I combined the best of both proposals and called the result SPF.' Vixie replies to this reference in comments following the first article."

penciling_in writes "CircleID has a great two-part interview with Meng Wong, lead developer of the anti-spam authentication scheme Sender Policy Framework (SPF). He has responded to various questions (which also touches on issues previously raised by Slashdot folks), including the merger with Microsoft's Caller ID, incompatibility of SPF with email forwarding services, and what he thinks about Yahoo's DomainKeys, as well as where he believes the fight against spam is headed. (He has also confirmed that the name SPF and references to sunblock are intentional!) In response to the first question in the interview on how SPF got started, Meng says: 'In 2002 Paul Vixie, the brains behind BIND, wrote a short paper titled 'Repudiating Mail-From'. That inspired two other proposals, 'Reverse MX' by Hadmut Danisch and 'Designated Mailer Protocol' by Gordon Fecyk. In late 2003 I combined the best of both proposals and called the result SPF.' Vixie replies to this reference in comments following the first article."

penciling_in writes "CircleID has a great two-part interview with Meng Wong, lead developer of the anti-spam authentication scheme Sender Policy Framework (SPF). He has responded to various questions (which also touches on issues previously raised by Slashdot folks), including the merger with Microsoft's Caller ID, incompatibility of SPF with email forwarding services, and what he thinks about Yahoo's DomainKeys, as well as where he believes the fight against spam is headed. (He has also confirmed that the name SPF and references to sunblock are intentional!) In response to the first question in the interview on how SPF got started, Meng says: 'In 2002 Paul Vixie, the brains behind BIND, wrote a short paper titled 'Repudiating Mail-From'. That inspired two other proposals, 'Reverse MX' by Hadmut Danisch and 'Designated Mailer Protocol' by Gordon Fecyk. In late 2003 I combined the best of both proposals and called the result SPF.' Vixie replies to this reference in comments following the first article."

Decius6i5 writes "ICANN is accepting public comments on its three whois privacy and accuracy working groups until July 5th. Some of the proposals from the third working group, on improving whois accuracy, have been described as hostile to internet users. The working group proposes that if DNS Whois registration data for a domain is inaccurate, the domain should be immediately placed on hold, and cancelled if the error is not corrected within 15 days. An article on Circle ID suggests that the DNS Whois system is not the best way to share contact information for networks, and that ICANN should focus its efforts on improving IP Address Whois instead. What do you think?"

netcentr writes "A press release on CircleID has announced that the owner of the Sex.com domain name today has got 'a final settlement with VeriSign (formerly Network Solutions, Inc.), concluding a six-year legal fight that set several important precedents for the future of the Internet. After the Ninth Circuit Court of Appeals granted Sex.Com a sweeping victory that held VeriSign/Network Solutions, Inc. (collectively "VeriSign") strictly responsible for mishandling the famous domain name, Sex.Com and VeriSign have settled Sex.Com's lawsuit against VeriSign.' Gary Kremen was awarded a $65 million judgment against Cohen for stealing the domain name, which the U.S. Supreme Court declined to overturn on June 12, 2003."

morelife writes "ICANN has asked the court to send Verisign a cancellation on their recent lawsuit (breach of contract, violation of the Sherman Act (antitrust), essentially making the point that their interpretation of the contract is different from Verisign's interpretation of it. The story is covered at CircleID ..."

netcentric writes "A post on CircleID has reported about an RFC prepared by Donald E. Eastlake 3rd and Declan McCullagh, CNET News.com's Washington D.C. correspondent, analyzing proposals from various parties to mandate the use of special top level domain names (such as .sex or .xxx) or an IP address bit to flag 'adult' or 'unsafe' material or the like. The analysis explains why these ideas are dangerous and ill considered from legal, philosophical, and technical points of view. Here is the post to this report on CircleID along with some commentaries and link to the entire RFC 3675."

netcentric writes "A post on CircleID has reported about an RFC prepared by Donald E. Eastlake 3rd and Declan McCullagh, CNET News.com's Washington D.C. correspondent, analyzing proposals from various parties to mandate the use of special top level domain names (such as .sex or .xxx) or an IP address bit to flag 'adult' or 'unsafe' material or the like. The analysis explains why these ideas are dangerous and ill considered from legal, philosophical, and technical points of view. Here is the post to this report on CircleID along with some commentaries and link to the entire RFC 3675."

nfocus writes "CircleID has an opinion piece by Brad Templeton, Chairman of the Electronic Frontier Foundation, offering an interesting follow up to the previous discussions here on Slashdot: New Net Battle Over ".mobile" Looming. Brad suggests that 'the only way to get a competitive innovative space is to slowly get rid of the generics and allow a competitive space of branded TLDs for resale. .yahoo, .dunn, .yellowpages, .google, .wipo, and a hundred other branded resellers competing on even footing to create value in their brand and win customers with innovative designs, better service, lower prices and all the usual things. I presume .wipo would offer trademark holders powerful protections within their domain. Let them. ...Let them all innovate, let them all compete.' Also in the article 'The domain will not actually be named .mobile, rumours are they are hoping for a coveted one-letter TLD like .m to make it easier to type on a mobile phone.'"

penciling_in writes "CircleID reports on a second lawsuit filed against ICANN and VeriSign. 'Newman & Newman, the law firm representing an ad hoc coalition of ICANN-accredited domain name registrars, has filed a lawsuit today against ICANN and VeriSign to Stop 'Anti-Consumer, Anti-Competitive' Wait List Service Implementation.' According to the report, "The complaint attacks ICANN and VeriSign based on 1) Unfair Trade Practices Act Violations; 2) Violation of California Business & Professions Code; 3) Unlawful Tying Arrangement; 4) Attempted Monopolization; 5) Violation of Racketeer Influenced and Corrupt Organizations Act; 6) Intentional Interference with Prospective Economic Advantage; 7) Breach of Contract; and 8) Declaratory Relief." Also a related website launched at fightwls.com."

penciling_in writes "In an article on CircleID, Bob Frankston, best known as the co-developer of the legendary VisiCalc and Lotus Express, shares his concern regarding industries desperate effort to control 'the edge' -- VoIP, P2P, Video on Demand... 'The commoditization of the transport is making it increasingly difficult to make money just because you own the pipe. The cable industries have a long history of owning the content and demanding a share in companies whose signals they deign to carry. As gatekeepers they have the ability to command a high fee for passage. The problem is that the scarcity is going away and with the shift to narrowcasting (as in Video on Demand) there is no scarcity. Instead they must own the content themselves if they are to retain any advantage. The Comcast/Disney issue (see: Comcast Family Protects Power) is portrayed as a media consolidation and convergence but that doesn't make sense. With transport becoming increasingly abundant it is easier for new players to enter the market and we should see increasing divergence once millions of people can experiment with new ideas.'"

ixs writes "CircleID has an interesting article by David Monosov about Verisign's plans to reintroduce Sitefinder. The article presents the thesis that the Internet engineering community is partly to blame for Verisign's ability to mess with the .com and .net root zones. According to the author we spend too much time with our systems and not enough with politics. The writeup was previously posted to NANOG and received a favorable response from Paul Vixie."

ixs writes "CircleID has an interesting article by David Monosov about Verisign's plans to reintroduce Sitefinder. The article presents the thesis that the Internet engineering community is partly to blame for Verisign's ability to mess with the .com and .net root zones. According to the author we spend too much time with our systems and not enough with politics. The writeup was previously posted to NANOG and received a favorable response from Paul Vixie."