External commentary

McDowell, commissioner of the Federal Communications Commission, in an op-ed in the Wall Street Journal writes: "On Feb. 27, a diplomatic process will begin in Geneva that could result in a new treaty giving the United Nations unprecedented powers over the Internet. Dozens of countries, including Russia and China, are pushing hard to reach this goal by year's end. As Russian Prime Minister Vladimir Putin said last June, his goal and that of his allies is to establish "international control over the Internet" through the International Telecommunication Union (ITU), a treaty-based organization under U.N. auspices."

Follow CircleID on Twitter

More under: ICANN, Internet Governance

With the new top-level domain (gTLD) application process down to the last two months, here are three last minute tips on how to submit a successful gTLD application to ICANN:

1. Show your work
2. Don't go negative
3. Make your application stand alone

Show your work. Sometimes the most obvious information is also the most important. In ICANN's supplemental notes under the "Best Practices" section, the first best practice ends with the parenthetical statement (i.e., show your work). For an applicant, these may be the three most important words in all the ICANN guidance.

Your written application and attachments are the only means to communicate with the panel evaluators reviewing your application. And any individual panel evaluator may review 10 to 50 applications. Remember back in algebra when your teacher made you write your math calculations on each side of the equation? It is the same idea here. Make it easy on the evaluator to understand your rationale.

Not sure if your Continuing Operations Instrument (COI) calculation is "correct" because you are choosing between straight-line, stepped-level or tax-table method of COI guidance table interpretation?

Are all of your calculations hidden away in a mass of spreadsheet attachments to each financial answer?

Put key tables or equations in-line with your answers so that the evaluators can easily understand your calculations. That will help simplify their review of your gTLD application. If your answer is "not applicable," explain why or why it is zero. Show your work.

Don't go negative. It is not only a political campaign strategy. It is also a worst-case scenario principle.

When you evaluate your worst-case scenario, make sure that your cash balances never go negative during any month of the three years of operation. That would be a bright red flag to the financial evaluators that you have not resourced your string adequately. Worst-case scenarios should include significant cash inflow reductions coupled with reasoned cash outflow reactions.

The key characteristic to be demonstrated is sustainability of the registry. If the cash balance goes negative, it's game over. Increase your initial cash funding to cover the shortfall or take more drastic action to cut costs. Don't go negative.

Make your application stand-alone. Let's say that you are applying for three top- level domains and have a parent company that is allocating cost down to the three applications. Each application absorbs one-third of the parent cost and all things are good. Right? Wrong. You have now just made the cost structure of your application dependent upon the approval of another application. What if only one of your applications passes initial evaluation? Does that mean that ICANN should burden each application with 100% of the parent cost structure as a worst-case scenario?

How you organize your parent business is important. But how you determine the method to allocate those costs to multiple applications is more important. First, start with the unique elements of each individual registry and develop the cost rationale for independently running each string. Then find comparative cost structures in the industry and provide your evaluators a clear rationale for your estimates.

The total cost of your individual applications will likely add up to more than your planned parent company allocated, but now each application stands alone in its cost structure. This also provides a more conservative cost estimate for the application. Make your application stand-alone.

These are basic tips but ones that can help make your application more reader friendly to the panel evaluators. Submitting an application by April 12 is only the first stage of a long race. But only those who pass initial or extended evaluation have the opportunity to go on to the next stage. To increase your odds of participating in the next state, the old adage still rings true: "put yourself in someone else's shoes," in this case of course, the shoes are those of the panel evaluators. Remember to show your work, don't go negative and make your application stand-alone.

Written by John Matson, Co-Founder and COO of Architelos

Follow CircleID on Twitter

More under: ICANN, Top-Level Domains

Щях да подмина темата, но след като и в “Сега” има статия, няма как. Впрочем, вчера един приятел ме насочи и към обширния материал на Люба Манолова.

Темата е защо на поканата за приема, даван от посолството ни в САЩ е написано “С любезната покана на:” и са поставени фирмените знаци на четири щатски компании.

С други думи, “редно ли е щатски фирми да плащат масрафа на държавата“, както би попитал нашенецът. Всъщност той, нашенецът, ще каже, че това не е масраф на държавата, а е кеф на посланика. Не, не мислете, че не съм прав; за нашенеца държавата е тази, която трябва да се грижи за всичко; щом не е осигурила средства за приеми, значи приемите не са ѝ нужни, следователно това е за кефа на посланика.

Редно е, уважаеми читатели.
Редно е, защото ако не бяха щатските фирми да платят за провеждането на тържеството, такова най-вероятно нямаше да има.
Редно е, защото в това няма нищо нередно. Може би радетелите за чистота на нашите покани (и в двата материала поканата за тържеството е публикувана), вероятно биха написали още по-гневни статии, ако Министерство на външните работи бе публикувало в отчета си* следните разходи: “Посолство в САЩ. За провеждане на коктейли, приеми, тържества и т.н.: $ 80,000″ (може и повече да са, не знам точното число).

Редно е и поради ред други причини:

Организация на американските държави - сградата във Вашингтон

Приемът, който дава нашият посланик в САЩ, е в сградата на Организацията на американските държави (обединяваща всички 35 държави от двете Америки).
Това не е прием, който се дава в нашия Национален исторически музей, превърнат в пропагандно средище**.
Това не е прием, който е в сградата на Посолството, в която повече от 50 човека не могат да се съберат.
Това е прием по случай националния празник на страната, на който се събират стотици гости.
Това е прием, на който миналата година говори вице-премиерът Дянков, а сред присъстващите беше и актьорът Георги Черкелов***, вече покойник. Тук не говоря за това, че е националният празник е чудесна дата, за да се съберат българи от всички щати на едно място, в столицата.

Вместо да сме доволни, че ще има прием, при това спонсориран от сериозни компании, ние се жалваме и тревожим какво значи това. Светльо Терзиев в “Сега” се тюхка, че в Турция пък за приема помагали турски компании, на които може би не им било до празник точно на тази дата. Нормалните хора в нормалните държави не живеят със спомени от преди 130 години; само ние в България го правим, че някои дори живеят със спомените от преди 1300 години.

А що се отнася до съмненията, че като спонсорират приема по случай националния празник, тези фирми ще получат някакво привилегировано отношение, то помислете пак: ако държавата ни се държи като бай Ганьо, сигурно няма да получат никакво специално отношение (келепир е, следователно не бива да има нищо насреща), а пък ако държавата ни се държи като нормален член на ЕС и на НАТО, тогава със сигурност няма да получат никакви привилегии, защото правилата са еднакви за всички.

Отделно бих казал, че човек трябва да е или много наивен, или да търси сензацията, ако си мисли, че посланик с опита и стажа на Елена Поптодорова ще допусне подобен гаф.

Затова моля всички, преди да пишете нещо, колкото и интересно да ви се вижда, не забравяйте, че винаги има и друга гледна точка, а понякога тя може и да е вярната. И, ако става дума за САЩ, драснете ми едно електронно писмо; може пък да чуете и другата гледна точка. И може тя да е вярната.

И вместо край – нещо, което трябва да се напомня редовно на нашенци:
България не е център на Вселената, на света, на Европа, а дори и на Балканския полуостров. България не е най-старата държава в света, нито пък българи са измислили компютъра, радиото, колелото и полета в космоса. В България няма доказани залежи на газ, нефт, злато, платина или скъпоценни камъни. България не е енергиен център на Балканите. Стига сме се заблуждавали как едва ли не цялото човечество се е втурнало да вземе нещата, които уж имаме.

Впрочем, ако Коперник беше българин, а не поляк, вероятно би се опитал докаже на нашенеца, че не всичко се върти около България, но не съм сигурен, че щеше да успее.

______
* – Ако имаше такъв, де, не се хващайте за думата. (Б.а.)
** – Дали си спомняте, че на приемите, давани от Президента, много често неговите опоненти решаваха да не ходят? А за тортата с опълченците на Шипка помните ли? (Б.а.)
*** – И само в скоби да отбележа, че благодарение тъкмо на този факт, в Уикипедия има негова снимка!

Sometimes I hear people or read writers that say things about spam that are incorrect. I thought I would clear those up in this blog post.

1. December is spam season

When the holidays roll around, people start warning other people to watch their inboxes — December is spam season! By that, they mean that more spam than normal flows around the Internet.

People say this because December is the holiday season. Since spam is another form of advertising, and advertisers pepper us with ads during this time, then spammers must do the same.

It makes sense except it's not true.

There are some years where spammers send more mail, but not every year. To measure this, I compared the month of December's spam volume to the preceding three months, and the three months following. Below are the results for the past 6 years:

The red text above indicates where spam increased in December and fell off the next few months, which is what we would expect to see if spam really were seasonal.

The graph above shows that sometimes spam increases, but sometimes it doesn't. It's not consistent at all, and if it's not consistent, then you can't say that December is spam season.

Spam volumes may go down because it's the holiday season; with more people out on vacation, their computers are turned off (at work) and therefore, the number of bots in the spammers' botnets are smaller and therefore they send out fewer spam messages.

Whatever the explanation, Christmas is not the spam season.

2. Most spam is about porn

When people tell jokes about spam, they're either about Viagra (or similar drugs) or about x-rated material. When I first started working as a spam analyst in 2004, I saw lots of x-rated spam. But I noticed that it was a smaller and smaller part of total mail.

In 2009, I started keeping track of categories of spam. Below are the results of how much porn spam accounts for:

2009 — 5%
2010 — 4%
2011 — 4%

It isn't negligible, but it's not even in the top 5 (it trails Pharmaceuticals, Products, 419s, Financial [refinance your mortgage, work from home] and Gambling — and has for years). Thus, while spam started out as a way to get people to buy x-rated services, today it's mostly free. Why buy it (kind of like music and movies)? When that realization sunk in, spammers moved to more profitable ventures.

3. IPv6 is a ticking time bomb and a bonanza for spammers

The primary line of defense in spam filters are IP blocklists. They improve spam effectiveness, save on bandwidth (because you can reject mail at the edge without accepting it), don't waste server resources filtering unwanted mail, and don't need mail servers to store spam in a quarantine.

Because IPv6 adds so many IP addresses, it will be impossible to use IP blocklists:

• IPs get onto blocklists because they send spam to honeypots. Because there are so many IPv6 addresses, a spammer could send one spam per IP and then discard it forever. It wouldn't matter even if they hit honeypots because the IP would never be re-used.

• Even if spammers re-used IPs, blocklists would be so large that back end servers would never be able to store, transfer or process them efficiently.

Since the world is on a march to IPv6, it's only a matter of time before spammers use it as a floodgate to avoid IP blocklists and mail servers around the world become inundated under spam. The end is near.

Except it's not true.

It's definitely true that IPv6 enables more devices to connect to the Internet, but there's a big difference between connecting to the Internet and connecting to the Internet to send email.

All email receivers know about the two problems I outlined above. Thus, while pointy-haired bosses around the world all want to be on the cutting edge of IPv6 (Look at how state-of-the-art we are!), nobody who receives email is enthralled about potentially receiving it over IPv6.

Because of this, large email receivers are not planning to blindly receive email over IPv6 the way they do with IPv4. Doing so would be swallowing a cyanide pill. It's crazy! Maybe something like a central whitelist will be created wherein if you want to send mail over IPv6, you have to be registered on that list to do it. This is the model of "block the world and punch holes for your friends" but it's more or less the same thing that Spamhaus's PBL does.

How many legitimate email services are there today? 10 million? 20 million? There's more people in the world, but not everyone needs their own email server. And that's the point — the problem is manageable if we all agree to not accept mail from anonymous sources on the Internet.

Given how all mail receivers have skin in the game, and given that we worked together with DMARC, the future's not as bleak as we think.

Written by Terry Zink, Program Manager

Follow CircleID on Twitter

More under: IPv6, Spam

After some five years of public debate on the national broadband network it is heartening to see that more and more people are getting the message that the network means more than just fast internet access. Increasingly key decision-makers in business and government are reaching an understanding of the transformation that is underway in the economy.

It started with the music industry, followed by the publishing industry. The retail sector is learning its lessons the hard way but it is now beginning to understand the new environment. The entertainment industry is still trying to stop the tsunami by employing armies of lawyers, but it will soon also be engulfed by the changes. The banking sector is making a much smoother transition, while the demise of Kodak is another example of 'missing the boat'.

One by one, all sectors of the industry are being confronted with the business transformation that the internet is bringing with it, and yet, incredibly, the ICT industry itself is still struggling with it (Sensis, Nokia, Microsoft, Motorola, Nortel, etc).

Progress in e-education is moving at an enormous pace and already some schools are limiting the number of printed text books — some are going totally e-book. With over a million children now with laptops it is only a matter of time before the education system switches over. The savings in books and other printed material alone will pay for this digital revolution. South Korean schools will be entirely e-book-based by 2015.

Changes in e-health are following the same path, with electronic patient records slowly being introduced and health insurance schemes starting to refund e-health services. This will be a user-driven development as it is more likely that the users will be able to adapt to e-health much faster than the healthcare system can deliver it.

This will clear the way for a whole new e-health industry, worth billions of dollars. One only has to look at some of the e-heath systems linked to the high-end private hospitals in the USA to see what is in store. They use their e-health facilities as a major marketing tool to attract customers, not just to the actual hospital, but to all of the other facilities around it. The add-on revenues are significant.

Those who are still talking about broadband as an end in itself do not understand the situation. Broadband is simply the tool that will further enable and advance the digital economy. So those who are looking at broadband in isolation are totally missing the point.

Included in this group is the Liberal opposition in Australia, and for that matter the Republican party in the USA. To them broadband is 'it' — they are completely missing the point of the digital economy.

On the other hand, as an example, the former chief information officer to the United States, Vivek Kundra, praises the Australian national broadband infrastructure investment for all the reasons mentioned above, clearly stating that the cost of that investment should be judged within the context of the digital economy.

FttH is not needed to get the digital economy started — that actually started a decade ago. One only has to look at Apple, Google, Facebook, Amazon, eBay to see what effect the digital economy is having on their valuations and compare it with what is happening to those who were slow to act upon that change. Those who are still lagging behind are going to find it increasingly difficult to catch up. There are now enough examples of struggling sectors that made the change too late that we can predict the impact this will have on these sectors.

In Australia the high dollar is having a negative effect on many business activities in traditional industries such mass manufacturing, retail, banking, airlines, etc. At the same time the unemployment rate remains low. This suggests that it is not so much an economic decline as a shift towards new jobs in new and different sectors, using new technologies and creating innovations and value-adds.

A digital infrastructure is essential to manage this transition. One only has to look at manufacturing — Germany, for instance, remains one of the leading global manufacturing countries, based on technological innovations that give it the edge over the countries whose manufacturing industries continue to operate in more or less traditional ways.

The digital infrastructure plays a key role in German innovation and manufacturing leadership.

Once there is more widespread understanding among business leaders, union leaders and politicians of the impact that these developments are having on the overall economy it becomes clear that we do need to make sure that we have the right conduit for the development of the digital economy. Those who don't understand the impact of the digital economy — or who, for political reasons, don't want to know about it — will argue that we can make do with second-rate infrastructure. It would be most regrettable if their lack of vision were to put a brake on the economic transformation that is already clearly taking place — this would result in Australia missing new economic opportunities for its future.

There are certainly many ways to skin the infrastructure cat, but unless the importance of the digital economy is made the central factor of the decision-making process (and not simply broadband) the right choices will not be made — decisions that will have to deliver the social and economic benefits that lie ahead.

Written by Paul Budde, Managing Director of Paul Budde Communication

Follow CircleID on Twitter

More under: Broadband, Policy & Regulation

Talk, conjecture and analysis have predicted a wireless spectrum crisis for years. The official word seems to project a culmination of dropped calls, slow loading of data, downright network access denials as impending by 2015. If so, then we should look at the current argument about how that additional spectrum can be disseminated to wireless carriers in a fair and balanced fashion. Public auctions are a preferred method, in my opinion, since they neither favor, nor impede any wireless carrier.

Mergers to Gain Spectrum

Conspicuously, companies have been plotting and formulating a way to gain additional spectrum through buy-outs or mergers to gain market dominance, or nicely put, a competitive edge since the AT&T/T-Mobile acquisition. But have these companies focused on good business dynamics in doing so, or have they been caught off-guard in predicting eventual spectrum depletion forcing a merger or acquisition to alleviate the problem? I say the latter and it smacks of bad market decisions that result in less competitiveness in the market if left unchecked. Fortunately, the FCC has been able to see through the smoke and mirrors to block such tactics.

Auctions are fair and unbiased

So, why have spectrum auctions? The fact is that having a public auction to sell addition spectrum is a market friendly and competitive answer to each wireless carrier needs. Instead of allowing companies to gobble up a scarce resource as they see fit; large companies merging with those having existing inventories, therefore creating less competition increased market dominance, is a recipe for disaster. Each wireless carrier, large or small, should have an equal chance to bid at an auction. This allows for possible partnerships for smaller bidders which could offset the dominance of large companies. In essence, fair and balanced. See (Genachowski: Auction Bill Could Limit Benefits of Spectrum Recovery)

Wireless Tiering: Profit based, not spectrum based

Those who cry foul on alliances which have been curtailed, as the FCC and DOJ have done in the past; those that potentially hurt smaller competitors, should come clean about their own alliances behind such rhetoric. Wireless companies have begun creating tiers which charge heavy users more for bandwidth usage than those who use a fraction of that amount. This is a normal progression of market dynamics indicating that more usage relates to higher monthly bills. Cisco has been promoting this concept for years that operators should be tiering to increase profits. So, wireless companies should not be confusing the reasons for tiering and/or throttling as being spectrum based rather than profit based. See (Spectrum crunch: all talk, no action, and consumers suffer)

Auction Spectrum: sooner rather than later

The FCC should move forward with spectrum auctions. This issue has been debated long enough and most of us are aware more is needed with the projected growth of wireless devices and applications. Simply put, auctions are the fair and reliable way to promote a continued competitive wireless market.

Written by Leonard Grace, Founder & Editor - Broadband Convergent

Follow CircleID on Twitter

More under: Broadband, Policy & Regulation, Telecom, White Space, Wireless

This has been one of those indulgent, diet-be-damned kind of holiday weekends.  Among the terrible things I've eaten, the best / worst has to be the nearly perfect Monte Cristo sandwich I had at the Copper Skillet in Dublin, CA.

The Copper Skillet is one of those small town eateries that does classic American fare without much pizazz, but perfect for a hearty brunch.  I've been craving a Monte Cristo for weeks, and I knew this place would nail it.  

For those that don't know, a Monte Cristo is essentially a french toast sandwich, with ham, turkey and swiss cheese in the middle.  Often there is powdered sugar or a fruit compote on top, and syrup on the side, to totally throw it over the top.  Each bite combines the sweetness of the syrup, the doughiness of the toast, and the savory goodness of the swiss, turkey and ham.  Heavenly.

The Monte Cristo is one of my favorite savory / sweet combos, a close third to fried chicken and waffles and mac n' cheese pancakes. 

Here's my first iOS game I created / modded using the fun Stencyl game development system.  Obviously a work-in-progress.  But it's already pretty fun to play!

A few weeks ago, when I was lurking around IPv6, I found that my own www.ipv6.tk was my first ever IPv6 domain. A "whois" on the domain says that it was registered in 2005, but something told me that I actually started this earlier.


I therefore logged in at www.nic.tk and could see that my first feeling was correct; the first invoice for ipv6.tk was actually paid in the year of 2002.

Since it is now 2012 my site is having its ten year anniversary!

With hindsight I can tell that during the first seven years I felt that I was almost alone in the whole world with this somewhat odd interest. The last two or three years I have at least gained some fellow comrades around the world with whom I can share this obsession. The IPv6-posse is growing and for that I am very glad!

So how should I celebrate this ten year anniversary? Well, why not by a continuous struggle regarding the implementation of IPv6!

In my years of nagging about IPv6 in general, deployment of the same at enterprises, municipalities, my own firms network and web, dns and spam/avi cleaning services, here are some of the key things that I have experienced and learned over my first ten years:

1. If your Internet-operator says that they support IPv6 — Don't believe them! Or at least don't take their word for an absolute truth!


Many operators in Sweden say they can deploy IPv6, but in fact only 30% of the Swedish AS-numbers has enabled IPv6 today.
IPv6 Enabled Networks – This graph shows the percentage of networks (ASes) that announce an IPv6 prefix for a specified list of countries or groups of countries (Source: RIPE NCC)

And even if they have enabled IPv6, there are always ifs and buts about your connection! Where you are located for example!! Only a few weeks ago one of the major operators focusing on enterprises in Sweden issued a press-release in which they stated that on every new connection, IPv6 should be enabled by default.
I ordered IPv6 for one of my company's customers from this specific operator, based on their own statement that they of course could deliver the services. This was in February 2011 and I am still waiting...


2. How do I get IPv6 to my enterprise? 
At my company we have IPv6 enabled our office and our mail, web and DNS-services. Since 2007 we also have enabled quite a large number of customers.

But how is this possible if we take in consideration what I just pointed out under paragraph 1 above?

The simple answer is that the only way to achieve this is by playing hard with the operators. "If we can't get IPv6 from you we will look for another operator!" Many of our customers use quite small operators where there is fairly easy to activate IPv6 in the backbone and on the edge.


The problems with operators in Sweden is that we have the smaller ones that are easier to turn around and has a quicker way to enable IPv6 services — but they most often don't have a prepared business model or a specific dedicated knowledge resource to handle the technique. Then we have the larger ones that perhaps are more prepared and at least somewhere in the organization have the knowledge. But then they are harder to turn around and often they only deliver IPv6 services to specific regions or areas. So, ok, it is only a matter of time until both small and larger operators have done their homework as per above. But the problem is that we don't have a lot of time and even though the IPv4-addresses depletion is a huge threat to the operators business, they don't seem to act upon the problem in a serious way. Not so far at least...



What about tunnels from HE and Sixxs then for example?
Well, yes, there are some advantages with tunnels! They are a good way to kick-start your learning and testing — and you can change operator and still keep your IPv6 prefix.
However, as an IPv6-purist I must say that I strongly recommend native way!


3. How do we convince our customers to join the IPv6 movement? 
Well, it can be quite easy sometimes. My company has a slogan (one of many with IPv6 in it actually) that we have put on T-shirts. The translation from Swedish reads: 
"-I have the entire Internet! Do you?"

In a very simple way this actually says a lot!

I strongly believe that an enterprise today must be dual stacked to be sure to be able to communicate worldwide. How many of the organizations out there don't communicate with other parts of the world in one way or another? How much is this communication worth in terms of building relations and business transactions?

If I summarize my experience it has not been that hard to explain the need to the customers. The hard part so far has been sections 1 and 2 above. Without available services on the market it is hard to recommend and help the customer to eliminate a problem that they, to some level, understand and take seriously.


4. What SLA can you get and how is IPv6 monitored?
This is another difficult part. You must be sure that the operator treats IPv6 equal to IPv4. I can tell you from my experience that so far no one does! We have had problems with broken routing, broken PMTU, broken AAAA RR etc. When we have contacted the helpdesk on these matters they almost always respond: 
"-Huh? Ok, we will look into this and get back to you as soon as possible!" So far we are still waiting for the day when they actually get back with a solved problem and a good explanation on how it occurred. Yes, the problems are fixed, sometimes within hours, sometimes within a week, sometimes within a month. Quite often with others than the "normal" support organization involved, internal or external functions. Here I want to point out that there is rarely any difference in support functions from small or large operators.

Ok, how should I finish this little private ten year celebration in a suitable way? Well I think it is time to alter one of my previous statements where I encouraged you all to start implementing IPv6 early and in a smaller scale — to be able to lab, learn and play to be well prepared for a later, larger scale implementation. I think that my new statement and recommendation will be to put plenty of resource on it, to do it for real, do it right and do not stop!

This is Childhood's End!

Written by Torbjörn Eklöv, CTO, Senior Network Architect, DNSSEC/IPv6

Follow CircleID on Twitter

More under: IPv6

About a year ago, I moved to the Bay Area from New York, with some fairly ill-defined goals --- more of what Quakers call a "leading," rather than any kind of concrete plan.  I knew that I wanted to be closer to my family.  I felt like it was time for some kind of big shift in my career.  I wanted to expand my dancing into new areas.  That was about it.

So I said goodbye to my dear friends in New York, packed up my worldy belongings, put the cat in my carry-on, and headed west.

It has been a challenging twelve months, with several disappointments, false starts, and course corrections along the way.  I've had a number of times when I've doubted if this was the right move. So it's really only now, a little over a year later, that I'm starting to feel like that leading was the right one to follow, and that I was meant to be here.

I've got a new job (along with two other great consulting gigs), a lovely girlfriend, a swell apartment in Oakland, a fun dance crew I'm part of, my awesome family nearby, several Quaker Meetings around, and a friendly and active lindy hop scene.  Really, I've got all that I could want, and more.

So right now I'm just awash in thankfulness for all of it.

Some worrying signs are emerging in the USA.

During the last decade I have questioned the economic viability of two parallel telecoms infrastructures. When these two network rollouts commenced no issue existed in relation to conflicting interests — one delivered telephone services, the other broadcasting services. But this all began to change when it became possible to use the HFC network to deliver broadband and telephony as well as broadcasting, and to use the telephone network to deliver broadband in addition to phone services.

In the early to mid-00s we began flagging that these new developments would necessitate further network upgrades to keep pace with the relentless market developments, and that eventually both networks would need to be upgraded to fibre.

We also indicated that when this happened the question would be whether there would be room for two fibre networks to the home. Our answer of course was that there would not.

At that stage we assumed that commonsense would prevail, and that there would be a functional split or specialisation, with infrastructure ending up in the hands of the telcos and content in the hands of the media companies. Unfortunately commonsense has become a scarce commodity in the USA.

However, it now seems that this will not be the way events will pan out. The handful of players involved in this market are monopolists with huge egos, and, thanks to their enormous lobbying powers, they more or less have complete control over the regulatory regime in the USA. Their influence over politicians allows them to dominate this market, with hardly any intervention to the contrary if other operators, including municipalities, try to roll out networks.

Most of the time these players are supported by the state authorities. Given this monopolistic environment, involving a severe lack of competition, the positive economic outcome that we anticipated a decade ago has not materialised.

So the telcos and the cable companies continue their struggle for dominance. The telcos have bought up large chunks of content to compete with the cable companies, and the cable companies have upgraded their networks to high-speed broadband (DOCSIS 3.0). The telcos have not really created an advantage for themselves here as their services are roughly equivalent in content to those of the cable companies.

By now it can be concluded that the cable companies are coming out on top. They remain the key players in the content market and have a far better understanding of this media and advertising business than the telcos. As well as that, their HFC networks offer a superior broadband quality for subscribers.

The only way forward for the telcos is to look at fibre networks. They have tried this in the past, but for all the reasons that we have put forward so many times in the past it is not economically viable to build successful, large-scale FttH networks based on competing infrastructure (so-called 'overbuild'). This business model can work in small wealthy markets where people are prepared to pay $125 a month for a fibre connection (often also retaining their cable subscription), but it will not work in mass markets. In order to roll out FttH in any economically viable way operators require an uptake of at least 60%. With competing infrastructure, especially in the initial years, this will not be possible. Successful fibre builds, judiciously regulated to avoid duplicated network construction, are a reality, as the experience of Switzerland testifies.

While all of this is happening, in the USA, as in other markets, the revenues in traditional telecoms services are declining. Because of the new developments in OTT services it is becoming increasingly difficult for telcos to develop services that can create new revenue streams at the margins they have become used to as monopolists in the telecommunications market.

So they are losing the battle with the cable companies — not just in content but also in broadband, while at the same time their revenues from traditional voice services are either stagnating or declining. Add to this the uneconomic business case for FttH investments and one can see a massive telecoms problem emerging in the USA.

Verizon and AT&T have essentially cancelled their FttH plans, so the path to a future where they can successfully compete with the cable companies has been abandoned (see USA — Broadband Market — Fibre to the Home (FttH) — Overview, Statistics and Forecasts).

Furthermore, there are signs that with declining revenue, and no prospect of increasing that revenue, the telcos may not be able to maintain the current level of telecommunication services demanded by customers. AT&T has indicated that it will start concentrating on markets where it is making money, and that it is looking at divesting markets that are not sufficiently profitable. Over the last two years revenue growth for these telcos has remained below growth in GDP.

These are the words that AT&T used:

...we will accelerate our efforts to improve our overall growth profile. We will do that by looking at opportunities to either divest or restructure low performing and nonstrategic assets. —AT&T Chairman and CEO Randall Stephenson, January 26, 2012

This means that several of these markets — for instance, low-performing fixed-line consumer markets — will be left behind as road-kill on the telecoms superhighway. Estimates are that this could be between 30% and 50% of their fixed consumer markets. Divesting might improve the margins and it might be good for shareholders, despite the fact that overall revenues will shrink — but who is going to pick up the pieces? There will not be many companies interested in investing in markets where revenues and margins are contracting. In the end, whether politicians like it or not, it will be the government that will need to step in. After all, it is their failed policies and regulations that have led to this situation. They allowed the market to develop into one that stopped being competitive a long time ago, and today's state of affairs is the result of this. The reality, however, is that government intervention is unlikely to happen any time soon. The situation will have to deteriorate significantly before something like that happens.

Spin-offs will mean even less competition and the market in the USA will further be monopolised by the cable companies. We have already seen how hard it is for smaller companies to compete with the large ones. Guess what will happen? Prices for consumers will go up.

The Obama administration tried to do something about this, using stimulus policies to pump $7.2 billion into regional and rural broadband. However, from the very start we have said that probably 75% of this money will be wasted, since the regulatory framework is not in place to allow for sustainable investments in regional broadband. The vested interests will make sure that they either get the money (or the stranded assets that will result from this plan) or they will make things difficult for any funded projects that look like becoming successful. In areas which hold no attraction for the vested interests the newcomer will become the de facto monopoly and questions will arise regarding innovations and competitive prices (see USA — National Broadband Plan — Overview and Analysis.)

Open access is proving to be the key to FttH rollouts. Legislation has already been passed in countries such Australia, New Zealand and Singapore. In Switzerland the regulator recently completed its network-sharing format, so all operators know the score and consumers can seamlessly switch between providers very cost-effectively. Without these provisions in place FttH would be an uphill battle.

As we have been predicting for a decade, 'vertical integration' is dead. Throwing more money at it is not going to achieve anything; structural changes are the only solution. This is also particularly critical to the country's economy. Structural changes are essential if the USA wants to maintain its leading economic status in the digital economy.

These developments also make a mockery of the country's National Broadband Plan, delivering 100Mb/s broadband to consumers. We refer to our analysis of these plans. It would seem that, given the current developments, that promise is moving further and further away. While DOCSIS 3.0 theoretically can provide downstream speeds at 100Mb/s (so that its existence technically meets the plan's goal) in reality no one will be able to get such speed consistently — cable networks are shared networks and the more people on it, the lower the speed.

Written by Paul Budde, Managing Director of Paul Budde Communication

Follow CircleID on Twitter

More under: Access Providers, Broadband, Mobile, Policy & Regulation, Telecom, Wireless

So I've been waiting to tell people this news because frankly I'm not sure I believe it's actually happened. I'm now working at the California Academy of Sciences as a program assistant in their new Digital Learning Program. It's kind of a dream come true for a geek like me.

I will share more details as the work progresses and becomes more clear.  But in short this new position brings together a lot of my passions: digital technology, youth development , and civic engagement. And it's at the California Academy of Sciences, an interdisciplinary educational institution that brings together a planetarium, an aquarium, a natural history museum and a research facility, all under one living roof.

This is (for now) a half-time position, so I will be continuing my other great gigs at TechSoup / Nonprofit Commons and Global Kids. Along with the challenges of balancing these different responsibilities, there are already some interesting synergies among the diffferent institutions that are emerging.

I'm so grateful that after dreaming for so long about a position like this, at an institution like the Cal Academy, it's actually happening.  

Don't stop believin!

Root name servers are a core service of the Internet (For more information on root name servers, please see the DNS Root Name Server FAQ). As such they receive a huge amount of queries and need to answer reliably with acceptable delay. The RIPE NCC is responsible for operating one of the 13 DNS root name servers K-root which responds to 10,000 — 15,000 queries per second. Most root servers are operated as a network of distributed "instances" using anycast. That means a single IPv4 or IPv6 address is announced simultaneously by a set of name server "instances" deployed in different geographical locations.

K-root operates 18 instances; You can find a map [k.root-servers.org] on the RIPE NCC's website.

VisualK is a new tool that monitors the load of the K-root name server supported by each instance. It further shows load migrations between pairs of instances over time. ViskalK is one of the tools our operations staff use to monitor the health of K-root.
The image below is a screenshot of the output of the tool. Each instance of K-root is represented by two concentric circles:

• The first one, filled with colour, has a size proportional to the number of queries per second received on that instance;
• The other one, indicated by a dotted line, shows the average load over the previous 30 minutes. This is used as a reference value.

In most cases, these circles overlap. But in some cases you can see that the dotted line is much larger, for example at the root name server instance in Poznan, Poland. This means that something has changed recently: the number of queries has dropped significantly.

In the image you can also see that pairs of instances are connected by links (or "tentacles") if they are considered topologically adjacent. Links between root name server instances are generally invisible, but become active when traffic migration is detected: colour and size of the link indicate the origin and volume of traffic flow, together with bubbles pouring into the instance receiving the traffic. In our example you can see that some load has moved from the instance at NAP (in Miami, Florida) to the one located at LINX (in London, UK).

In addition, VisualK highlights unusual behaviour. Flashing arrows show load migrations between instances that are not considered adjacent. Root name server instances start to blink if their traffic load decreases significantly. The goal is to help spot unexpected changes while they are happening and to allow root name server operators to investigate what causes these changes.

For more information, please refer to the background article on RIPE Labs: VisualK — Monitoring K-root in Near Real Time

VisualK has been developed by Claudio Squarcella, intern at the RIPE NCC, in collaboration with the Compunet Lab at Roma Tre University.

Written by Daniel Karrenberg, Chief Scientist at the RIPE NCC

Follow CircleID on Twitter

More under: DNS, Regional Registries

It still amazes us that respected industry commentators join liberal politicians in questioning the need for FttH in the wake of the enormous success of mobile broadband.

They refer to this phenomenon as proof that people are bypassing their fixed broadband and are now using the smartphones and tablets to obtain most of their broadband access.

However, after several years of mobile boom the majority of households — and all of Australian businesses — are still using the fixed-line networks for calls, and most certainly for broadband access. Around 85% of households are still connected to the fixed network, and in the case of businesses this is close to 100%.

This situation is replicated throughout the developed world.

So obviously the majority of the global consumer and business population is making choices contrary to the claims of the NBN naysayers.

But an analysis of mobile broadband usage is even more interesting. Most heavy broadband use on smartphones and tablets takes place in homes, offices, airports, schools, universities, internet cafes, etc, and in most of these situations the WiFi networks are used for this, not the mobile networks. And all of these WiFi modems are linked to the fixed network. The increase of broadband access from tablets and smartphones will increase demand for fixed broadband access, and so the enormous appetite for mobile broadband will only increase the need for a FttH network.

BuddeComm has reported on the impressive progress of mobile broadband, but we have also highlighted the access problems to these networks, even from spots within the CBDs of Sydney and Melbourne. It is not for nothing that the telcos are going to spend some $5 billion to renew and buy new spectrum licences. If they did not need the capacity they would not fork out that kind of money.

At the same time we see mobile operators bringing in more caps and differentiating their plans in an effort to manage their network. Australia has always had capped mobile prices, but other countries did not; now, however, operators in America and Europe are introducing capped pricing and throttling usage down — and asking for more money if you want to use more, clearly illustrating the problems that exist around mobile capacity.

This means that the more broadband you use over the mobile network the more you will pay. On the other hand, FttH doesn't have such capacity limitations and these networks will always be much more price-competitive. So, even with the next generation of mobile networks (LTE), the majority of users will continue to use their WiFi networks to download content-rich applications onto their mobile phones, tablets and laptops.

It could even be argued that smartphones and tablets are becoming the killer apps for the FttH networks and this will become more apparent with the new WiFi devices that are coming onto the market as we speak. The WiFi technology market is booming, and with more wireless devices in the home — and with people using them in different rooms at the same time — there is an urgent need for better WiFi connectivity. This will be provided by the new GigaBit WiFi technology, which will rapidly be implemented in tablets, smartphones and laptops and via in-house WiFi modems and repeaters.

Imagine what all of this will do to broadband capacity requirements in the house?

Even the most committed naysayer must be experiencing at least some doubt regarding their fundamentalist position on this issue.

Written by Paul Budde, Managing Director of Paul Budde Communication

Follow CircleID on Twitter

More under: Access Providers, Broadband, Policy & Regulation, Telecom

As the WHOIS debate rages and the Top-Level Domain (TLD) space prepares to scale up the problem of rogue domain registration persists. These are set to be topics of discussion in Costa Rica. While the ICANN contract requires verification, in practice this has been dismissed as impossible. However, in reviewing nearly one million spammed domain registrations from 2011 KnujOn has found upwards of 90% of the purely abusive registrations could have been blocked. To be clear, these were domains intended to be abused, not hijacked or spoofed sites with innocent owners. While it is impossible to truly predict registrant intent it is possible to screen for policy violations and assign risk. In our particular research we only focused on one detail in the WHOIS record, the Administrator email address. By conducting a deep review of the email addresses and the information behind them we have determined a number of factors which invalidate the registration or call out for additional scrutiny. For the Registrar this has always been a conundrum of practicality. On the one hand it is their business to sell as many domain names as possible, on the other hand abused domains create untold headaches for Registrars.

A major concern blocking enhancements to registration verification is domain price. Competition has driven the price down while ingenious registration systems have excelled the process. Many are concerned that adding comprehensive verification to the scheme will add costs and slow the process. However, 23% of the abused domains in our study could have been blocked by very basic form scripting. Some of the most obvious were improperly formatted contact emails, emails with invalid characters inserted, and email addresses missing the TLD extension for the domain (see example 1 and 2). We also found contact emails with non-existent TLDs and in one case this lead to the discovery of an illicit no-prescription pharmacy domain using the mailing address and phone number for the newspaper the Los Angeles Times. The point being that red flags in one area of the registration are good indicators of problems elsewhere. The casual onlooker might wonder how these applications were processed when robust e-form validation has existed for years.

Domain registration is a critical entry point for cybercrime that can be choked easily without interfering with legitimate business. Once an illicit domain is registered it is a "horse out the barn" situation as spammers will abuse a domain at a high volume for a very brief period and then abandon it for greener pastures. By the time a victim reports the problem and a Registrar acts on it the damage is done, the money is gone, and precious time is lost. It is at the moment of creation that havoc can be managed and thwarted. Our study relied on 14 million instances reported by the public, the real number of unreported instances is likely massive in comparison.

Now, the 23% which can be outright blocked is a good start, but there is more hope for the rest. In our tests an additional 67% could be flagged with various risk factors. This type of evaluation gives the Registrar choice. The deep intelligence-based analytics emerged from the data collected from spammed domain registrations, but this is not a blacklist. Clearly it is not in a Registrars interest to manually review each registration but these checks merely present the option of additional review. To be sure we dropped a number of legitimate registrations in the test engine and they passed without being flagged. The screening is specifically targeted at domain registrations created with the intent of being abused. We have also found why some Registrars are being targeted for abusive registrations, often due to conditions which may not be obvious at first.

In general we are encouraged by these findings especially if the threat space on the Internet can be reduced through a process that is invisible to the legitimate domainer. We will be discussing these issues and the details of our findings in Costa Rica. This work is ongoing. A PDF brief is available here: PDF Brief

Written by Garth Bruen, Internet Fraud Analyst and Policy Developer

Follow CircleID on Twitter

More under: Cyberattack, Cybercrime, DNS, DNSSEC, Domain Names, Registry Services, ICANN, Internet Governance, Malware, Policy & Regulation, Security, Spam, Top-Level Domains, Whois

Over the last year the world has been virtually buried under news items describing hacks, insecure websites, servers and scada systems, etc. Each and every time people seem to be amazed and exclaim "How is this possible?" Politicians ask questions, there is a short lived uproar and soon after the world continues its business as usual. Till the next incident.

In this blog post I take a step back and try to look at the cyber security issue from this angle: nothing is secure and what can be done about it. (The post refers to a lot of articles. As most are in Dutch I left them out here. Should you be interested and you should as some very interesting examples of ways forward are presented, I refer you to my blog. All links to articles, papers and proposed law texts can be found there.)

Week 8 - 15 February 2012

In the past two months I had the impression that there were less news items on the topic. Were we getting tired of this form of news or were there less hacks? I don't know, but fact is that in the past week the shit hit the fan. One major hack after the other was revealed and vulnerabilities exposed. KPN was hacked by a hacker "who did nothing", Bavaria, through the hack of a small telco named Creation Point, and Philips lost hundreds of thousands unique privacy sensitive data of customers. All three examples because of outdated security of involved servers. Water regulation systems in parts of The Netherlands were exposed as nearly unprotected. To be honest, I wouldn't be surprised if the same would go for our national atom power plant in Borssele…

Internet = optimism, or it was

The Internet was expanded on optimism. A great new medium with all these beautiful features that could be added and saved lots of money and resources. In this enthusiasm decisions were made of which the implications could not be overseen or most likely not understood. To quote the above mentioned article on the water scada systems:

"Most organisations do not oversee which of their systems are directly connected to the Internet."

Nobody had thought through the opportunities let alone the implications the Internet offers to themselves. And who ever thought upfront of the challenges the success of the darker sides would pose?

Let's pose another question. How much money is spent presently to secure this Internet? Does it surpass the savings? An interesting question, isn't it?

Richard Clarke and infection of critical infrastructure

In his book 'Cyber war', Richard Clarke writes, that he expects that in almost all major critical infrastructure systems in the United States cyber bombs have been installed, somewhere in the past. Small pieces of software that do not belong there and are controlled by unknown entities, to inflict unknown damage. He hints at China as the source. The news that China was inside the Canadian firm Nortel from the year 2000 and undetected, is quite revealing, I'd say. Critics advice to file Cyber war under fiction. Or is it the view of a visionary, warning a non-listening majority? And how is this in The Netherlands or your country? Has anyone even started looking?

(You can find my review of Cyber war here.)

The Dutch National Cyber Security Centre

So here we are in 2012. In the Netherlands there is a National Cyber Security Policy and a National Cyber Security Centre. It specifically aims at public-privacy cooperation and partnerships. The structure to tackle the challenge of a safer Internet on a national basis is installed. This makes a logical, step by step approach to the problem possible.

What could be a starting point? How about taking for granted that systems/websites/servers/etc. are safe till proven different, is no longer the correct approach. My advice would be to declare everything unsafe and from there work towards steps to improve security.

First signs of a coordinated approach

The whitepaper of the NCSC on websites is a first step. Another good example is that the NCSC already has published a factsheet on ICS/Scada systems with advice to those concerned on protective measures to take. This shows commitment and resourcefulness to those concerned.

Extinguish ignorance

But is this enough? Does self-regulation actually work? The track record of the past years is not hopeful. Ignorance (or carelessness?) still seems rampant, despite messages that ought to raise red flags. Apparently passwords are not changed, servers not checked, websites not updated security wise, despite of the news. Of course not all is bad, but it could become much better, more pro-active and coordinated.

Incidence reporting by law

An initiative to come with a law around security and notification duty of cyber incidents a good second.

Coordinated approach to ensure cyber security

I think the government could go one step further in setting a policy or coordination plan that step by step secures the Internet and all related topics around it. So clear rules on the security of websites and servers, including those services offered to the Netherlands from outside. Public systems become better secured through the program, starting with better passwords, mandatory updates of security software and a minimum set level of security, etc.

Next to that a program could start in which security is tested continuously by a team of people that do exactly the same as the people who do so out of a hobby or for more nefarious reasons: hacking. Testing leads to a continuous rise of the security level, awareness replaces ignorance and involvement carelessness. Lessons learned are shared through the coordination of the NCSC and the ISAC programs with all concerned.

Responsibility and accountability

Another thing that needs to happen, is making someone responsible and accountable for security. The loss of privacy sensitive data or successful hacks in public systems, including former utility services, as the public totally depends on them, must not be seen as unfortunate, but as a serious problem. Starting with a serious breach of personal integrity, ending with potential threats to national security and everything in between. Only by presenting it in this way, can executives be made to understand that they really have a problem on their hands. Up to this day, this does not seem the case. It is not as if the news of one hack makes people run for security. The proposed change in the Telecommunications Act and the Data Privacy Act should take care of accountability.

The loss of private companies, e.g. through industrial espionage, is or may also (be) a major problem, but in the end the loss of that company. If they do not understand the implications of a lack of security online, it is their problem. The implications for the national economy come second.

Important to realise is that this law only looks at the results of the hack and does nothing to prevent it, at least not directly, let alone go for the source.

Security costs and saves money

Security costs money and the people making decisions on budgets must be made to understand that neglecting security could lead to considerable losses and even to bankruptcy, as Diginotar has ably demonstrated. Internet security saves money. Governments can explain this quite vividly to those concerned and thus gain involvement from the private sector. Use the Nortel and Diginotar example!

Conclusion

Whether the threat of cyber war or actions by isolated terrorist cells are at present real or science fiction, fact is that a lot of front and back doors are open because of a lack of understanding. This can be dealt with through a solid nationally coordinated plan of action, aimed at making the country safer. The Netherlands at least has built the infrastructure to be able to aim for a comprehensive approach. How is this in your country and what could you learn from the Dutch approach?

Enforcement

Another topic is enforcement. I'll come back to that later.

Written by Wout de Natris, Consultant international cooperation cyber crime + trainer spam enforcement

Follow CircleID on Twitter

More under: Cyberattack, Cybercrime, Internet Governance, Law, Malware, Policy & Regulation, Security, Spam, Web

Well… Maybe not the world, but the Internet it seems.

According to a Pastebin letter, Anonymous announced they will black-out Internet on 31st of March.

See the announcement here: Announcement

They even explained how to do it by attacking the DNS Root Servers on Internet using a reflected amplification attack.

If this is successful, the root DNS servers will become unresponsive and cannot handle any other requests, making DNS resolution as we know it break and render many internet-applications like browsers, mail, VoIP and instant-messaging useless or unavailable.

I am bit 50/50 on this. First of all, would Anonymous be capable? Probably they are if we look at their track-record in the last months/years (with a bit of a difference that the magnitude of the attack is much bigger than before). Previous targets where mostly companies/governments that where directly attacked, this is a world-network and will affect most of us as well.

What if this is just fake? Still it scares me somehow. I have wondered about the root DNS servers for some time now and in the past there were some semi-successful attacks already utilising vulnerabilities in DNS software or by just overload/DDOS.

I guess it's possible but I can not compute what is needed to do so. Lots and lots of DNS servers I'm guesstimating.

It may be a domino effect when they start and probably the attacking DNS servers used will be locked out of the Internet. But if these are legitimate DNS servers that are mis-used, it shuts out users of the DNS server as well and so the problem becomes larger.

Then there is caching, the announcement states that many providers use low TTL's anyway, making their attack more successful. This implies that they "override" the TTL ignoring the TTL's that are accompanied with the root DNS server records. Which is plausible, but still it takes time to bleed dry. And of course this is against the DNS "law" :-).

So DNS admins, please don't override the TTL's, and change them now to honour them as intended, you still have 6 weeks to go! :-).

Even then… There is some consensus that it will take roughly 5 to 7 days of continuos attack before "Internet" will be unusable. It will break bit by bit during that time of course.

Then the attack itself is described as a reflective amplification attack. Reflective because the "attacker" is not attacking the root DNS servers directly, but uses other DNS servers, spoofing itself as the root DNS server. And amplification, as the response/answer to the (attack) query is larger than the query itself.

Makes sense, but relies on vulnerabilities of the DNS software, and DNS servers free to use without any security measures… And that scares me because there are many DNS servers out there, and many of them are vulnerable. Studies last year even tells us that the number of these (vulnerable) servers increase, not decrease.

How about the public DNS services like Google Public DNS and OpenDNS? Well, they probably will not be "used" in the attack, but they use the DNS root servers as well for DNS resolution. So they will be affected. I guess they counter-measure things by easing the pain — like statically cache all the TLDs.

Still trying to figure out the impact of this, depending how hard the root DNS servers will be hit. If hit at all of course, the effect could be noticeable to complete unavailability of the prime services and applications we use daily/hourly.

I think we should worry and rethink this whole root DNS server thing anyway, as besides the Anonymous announcement, they are becoming increasingly attractive to attack.

It's all an "if" story but we will be on our toes…

Written by Chris Buijs, Solutionist

Follow CircleID on Twitter

More under: Cyberattack, DNS, Security

Google reports that its "experimental" public DNS service launched in December of 2009 has now passed 70 billion requests a day and no longer considered experimental. From the announcement: "Google Public DNS has become particularly popular for our users internationally. Today, about 70 percent of its traffic comes from outside the U.S. We’ve maintained our strong presence in North America, South America and Europe, and beefed up our presence in Asia. We've also added entirely new access points to parts of the world where we previously didn't have Google Public DNS servers, including Australia, India, Japan and Nigeria."

Follow CircleID on Twitter

More under: DNS

The other day on pastebin, snippets of an email conversation were posted with members of the hacking group Anonymous discussing plans to conduct DOS attacks against the Internet's root name servers:

To protest SOPA, Wallstreet, our irresponsible leaders and the beloved bankers who are starving the world for their own selfish needs out of sheer sadistic fun, On March 31, the Internet will go Black.

In order to shut the Internet down, one thing is to be done. Down the 13 root DNS servers of the Internet. Those servers are as follow:

A 198.41.0.4
B 192.228.79.201
C 192.33.4.12
D 128.8.10.90
E 192.203.230.10
F 192.5.5.241
G 192.112.36.4
H 128.63.2.53
I 192.36.148.17
J 192.58.128.30
K 193.0.14.129
L 199.7.83.42
M 202.12.27.33

By cutting these off the Internet, nobody will be able to perform a domain name lookup, thus, disabling the HTTP Internet, which is, after all, the most widely used function of the Web. Anybody entering "http://www.google.com" or ANY other url, will get an error page,thus, they will think the Internet is down, which is, close enough. Remember, this is a protest, we are not trying to 'kill' the Internet, we are only temporarily shutting it down where it hurts the most.

Going after the Internet's root servers is a very bold move by Anonymous. Whereas before they were "merely" breaking into companies that they believed were acting contra to the hacker ethic, going after the Internet infrastructure is another thing altogether.

Why?

The United States considers its cyber grid a critical component of US infrastructure. In a post entitled "Military asserts right to return cyber attacks”:

WASHINGTON — The U.S. should counter computer-based attacks swiftly and strongly and act to thwart or disable a threat even when the attacker's identity is unknown, the director of the National Security Agency told Congress. Lt. Gen. Keith Alexander, who is the Obama administration's nominee to take on additional duties as head of the new Cyber Command;

He added that while "this right has not been specifically established by legal precedent to apply to attacks in cyberspace, it is reasonable to assume that returning fire in cyberspace, as long as it complied with law of war principles ... would be lawful."

In a follow up articled called "The military and the right to respond with force”:

The Pentagon has concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force.

In part, the Pentagon intends its plan as a warning to potential adversaries of the consequences of attacking the U.S. in this way. "If you shut down our power grid, maybe we will put a missile down one of your smokestacks," said a military official.

One idea gaining momentum at the Pentagon is the notion of "equivalence." If a cyber attack produces the death, damage, destruction or high-level disruption that a traditional military attack would cause, then it would be a candidate for a "use of force" consideration, which could merit retaliation.

In the articles that I quoted, it is ambiguous whether or not the military considers the Internet at the same level as the power grid. But if the power grid was shut down as a result of hacker attack on the Internet, would the military consider this an act-of-war?

This is where it becomes legally murky because hackers that shut down the Internet are not a traditional military force associated with a country. Therefore, who could the military declare war on? But on the other hand, the US military has a "war on terror" where the enemy combatants are not members of another state, but instead are transnational actors acting without the sanction of the countries they are located. This has not stopped the US government from engaging in a battle against these stateless players.

The FBI has stated that its number one priority is stopping terrorism. The military has said that if a cyber attack causes a high level disruption that a traditional military attack would cause, then that could merit retaliation. After the events of September 11, the US mobilized its resources and threw tremendous weight towards apprehending the people behind it.

If Anonymous were to succeed in shutting down the Internet, or even try really hard to do it, they are risking elevating their profile from a playful nuisance to the target of international law enforcement with billions of dollars in resources behind it. The FBI only has so many resources right now to fight cyber crime. They'd see their budgets go up in a hurry if the Internet went down because of a cyber attack.

The US spent 10 years hunting down bin Laden, relentlessly giving chase. The Anonymous hackers would do well not to raise the ire of the American military.

Written by Terry Zink, Program Manager

Follow CircleID on Twitter

More under: Cyberattack, DNS, Security

The emerging market for IPv4 addresses is about to cross a new threshold. A letter with the following words has been circulating among businesses for the past month: “Our client is offering for sale 16,777,216 IPv4 numbers in a single, contiguous, number block commonly referred to as either a “Class A” number block or a “/8”. This “legacy” IPv4 block is not subject to any Regional Internet Registry (RIR) agreement."