Where are the minutes from 01/15?

ICANN’s latest board meeting was on 15 January. There is still no preliminary report available. Relevant Bylaw language: No later than five (5) business days after each meeting (as calculated by local time at the location of ICANN’s principal offi…

ICANN’s latest board meeting was on 15 January. There is still no preliminary report available.Relevant Bylaw language: No later than five (5) business days after each meeting (as calculated by local time at the location of ICANN’s principal office), any actions taken by the Board shall be made publicly available in a preliminary report on the Website.

Novarg/MyDoom: Some MRTG plots.

As a follow-up to Tuesday’s notes on Novarg, some MRTG plots that illustrate what happened in my inbox this week. The blue curve is legitimate mail; green is spam (and other junk), or recognized virulent material. First, spam (and other junk that’…

As a follow-up to Tuesday’s notes on Novarg, some MRTG plots that illustrate what happened in my inbox this week. The blue curve is legitimate mail; green is spam (and other junk), or recognized virulent material.First, spam (and other junk that’s automatically recognized). Note the peak on Monday evening, when Novarg first appears, and also the substantially higher junk bandwidth ever since — due to notifications about the worm:

Media_httplogdoesnote_jppco

Second, recognized viruses (getting really interesting later in the same night):

Media_httplogdoesnote_vwbbw

If you want to compare the effect to Sobig.F, here‘s a similar plot showing Sobig’s last days.

DoC, ICANN defendants in sitefinder lawsuit

Ira Rothken on Politech: We decided to add ICANN and the United States Department of Commerce to our Federal Case in Northern California (Syncalot v. Verisign) involving the legality of Verisign’s SiteFinder service. We added the above additional …

Ira Rothken on Politech: We decided to add ICANN and the United States Department of Commerce to our Federal Case in Northern California (Syncalot v. Verisign) involving the legality of Verisign’s SiteFinder service. We added the above additional parties in an effort to have a more complete record and a full and fair adjudication of the issues. We are seeking to enjoin the SiteFinder service and declare it illegal. Here is a link to the First Amended Complaint which alleges, amongst other things, that Verisign breached its agreements and violated the law when it attempted to use control of the domain name root server to “break the Internet” and monetize domain name properties it did not own.Later: Bret Fausett has read the complaint and suggests that the lawyers in question haven’t done their homework.

February 4: Congressional hearing on WHOIS.

Writes Jeff Neuman: It has just come to my attention that there is a scheduled hearing entitled “Internet Domain Name Fraud — New Criminal and Civil Enforcement Tools” on Wednesday February 4th at 10:00 in 2141 Rayburn House Office Building. It i…

Writes Jeff Neuman: It has just come to my attention that there is a scheduled hearing entitled “Internet Domain Name Fraud — New Criminal and Civil Enforcement Tools” on Wednesday February 4th at 10:00 in 2141 Rayburn House Office Building. It is being sponsored by the Subcommittee on Courts, the Internet and Intellectual Property. It is a Subcommittee of the House Judiciary Committee. The list of witnesses testifying has not been finalized, but I have learned that a member from the IPC as well as a member from the International Anti-Counterfeiting Coalition may be testifying.

Data Quality?

The guys at ICANNfocus.org have published a story today that claims that ICANN is subject to the Data Quality Act. (The story is also at ICANNwatch, CircleID — and there was a copy in my inbox this morning; I understand that I’m not the only one …

The guys at ICANNfocus.org have published a story today that claims that ICANN is subject to the Data Quality Act. (The story is also at ICANNwatch, CircleID — and there was a copy in my inbox this morning; I understand that I’m not the only one who got that.)Two sets of messages here: First, there’s this organization named Center for Regulatory Effectiveness which suddenly gets interested in ICANN, sets up icannfocus.org, and puts much focus on the MoU and the Department of Commerce’s oversight role. The obvious question is, of course: What’s behind that rather specific focus, and the sudden interest?Second, the news itself. The Data Quality Act (maybe) applies to ICANN. The first question here is: What’s this all about? I’m European. I don’t have the faintest idea about US administrative law. So, what’s the Data Quality Act, and what would it mean for ICANN, in practical terms?Comments welcome.

RCOM v. Verio: Injunction upheld.

From TelecomWeb: The 2nd U.S. Circuit Court of Appeals has upheld an injunction barring a Web hosting company from accessing a registration service [i.e., WHOIS] for Internet domains in order to harvest information for mass-marketing use.

From TelecomWeb: The 2nd U.S. Circuit Court of Appeals has upheld an injunction barring a Web hosting company from accessing a registration service [i.e., WHOIS] for Internet domains in order to harvest information for mass-marketing use.

That latest virus.

The latest worm (called Novarg.a, Mydoom, or MIMAIL_R) is big news all over the place; technical analysis here and here and later here. In a nutshell, the virus uses tech babble as its social engineeering trick, claiming that some message couldn’t…

The latest worm (called Novarg.a, Mydoom, or MIMAIL_R) is big news all over the place; technical analysis here and here and later here. In a nutshell, the virus uses tech babble as its social engineeering trick, claiming that some message couldn’t be transported and had to be wrapped into an attachment. Once people fall for that trick (and amazingly many seem to do that), MyDoom apparently installs a key stroke logger and a network backdoor, and prepares to launch a DoS attack on sco.com.Being armed with good filters, a mail client I trust, and an operating system that won’t run Windows viruses, I normally consider e-mail virus outbreaks as part of the general noise that gets thrown away automatically.So, what makes this one special and worth a blog item? First, it has a new approach to social engineering. No more sex and crime (we recently had a relatively successful worm here which claimed — in German — that the recipient had been indicted for file sharing), but dry tech babble instead. And that approach works surprisingly well, leading to bombardment rates and bandwidth consumption last reached by Sobig.F last summer.Also, the large scale of this outbreak makes it interesting to look at e-mail statistics again. I received the first instance at roughly 9pm CET, that’s 3pm EST. Within just an hour, the bombardment peaked at several pieces of the virus per minute; fortunately (and somewhat surprisingly) much of this was caught by spamassassin. The virus scanner I’m also running kicked in at about 1 am, and has been catching the actual virus traffic since. Junk background noise is still far above the usual numbers, mostly due to bounce messages generated in response to viruses sent out with my e-mail address as the sender.What are the lessons? First, hardly news, but still worth repeating: Virus scanners don’t prevent infections, and — even when updated within hours — leave a huge window of opportunity for spreading a virus. Second, considerable annoyance is caused by virus scanning systems that still believe that they need to notify a message’s alleged sender of infections. Third, spamassassin’s heuristics prove surprisingly effective against much of the incoming virus flood.

GNSO update: WHOIS Task Forces; Council.

Looking at Bret’s latest insights into the kind of input the IPC (but not just the IPC) is getting from the public, one may be lead to believe that nothing goes on at ICANN. That’s not precisely accurate, as far as the GNSO is concerned — the las…

Looking at Bret’s latest insights into the kind of input the IPC (but not just the IPC) is getting from the public, one may be lead to believe that nothing goes on at ICANN. That’s not precisely accurate, as far as the GNSO is concerned — the last couple of weeks have been busy with conference calls.WHOIS task forces #1 and #2 (access mechanisms, review of data elements collected and displayed; I’m a liaison to both, but currently focusing on #2) have been busy figuring out what kinds of questions need to be asked in order to gather the input people believe they need for an informed discussion; I understand that task force #3 (accuracy) is going through a similar exercise. Fortunately, none of the task forces is going to repeat the large-scale survey exercise of the DNSO’s WHOIS Task Force. Instead, the plan is to tap GNSO constituencies and other specific sources of information. ICANN staff is expected to compile the input received before the Rome meetings. In Rome, there will be workshops for all three WHOIS PDPs. Constituency statements are then expected to arrive some time after Rome, with policy recommendations ideally ready by the time of the Kuala Lumpur meetings this summer.The GNSO council is working on the new registry services PDP. On last Thursday’s call, the council first discussed the business constituency’s request to remove two “out of scope” items from the Terms of Reference for that PDP. From the discussion, it didn’t become clear whether the BC was suggesting that the PDP should actually create a new consensus policy (that would be binding for registries, and would surely be highly contentious), or whether the BC was mis-reading the limits on the scopes of the PDP as limits on the scope of the process that is being designed. The discussion was settled by leaving the terms of reference unchanged, and by noting that the BC may, of course, include “additional remarks” with its constituency statement.Speaking of constituency statements, these were due on 12 January. Among the statements received so far, the registry constituency is still missing in action, some other constituencies have only posted draft statements. The statements were briefly presented on the council call, and ICANN staff was asked to produce a summary and identify areas of convergence or divergence as far as visible from the current statements. I understand that the new registry services PDP will be the topic of another workshop in Rome.The work that is going on on the four PDPs means that the GNSO is collecting a lot of experience with the new PDP. If anything is clear by now, then it’s that the time lines outlined in the new bylaws were the product of wishful thinking: Task Forces that have to gather input in order to produce results (like all of the whois task forces) have no chance at all to meet the deadlines suggested. And even council-driven policy-development processes that “only” involve deliberation within constituencies, and between constituencies (like the new registry services process), are not able to follow the process: According to the original announcement of the new registry services PDP, results were due on January 15.

Joe job.

It seems that some criminal is using my e-mail address, roessler@does-not-exist.org, as a sender address for (so far) body-part enlargement spam; typically, my address shows up both as the envelope sender, and in the From header of the messages in…

It seems that some criminal is using my e-mail address, roessler@does-not-exist.org, as a sender address for (so far) body-part enlargement spam; typically, my address shows up both as the envelope sender, and in the From header of the messages in question. I’m, of course, not involved with that — I’m just getting the bounces.Things are, so far, on a much smaller scale than what happened to others, but it’s still annoying. I’m not planning to change either my domain name, or my e-mail address; bounce messages that were not generated in response to messages I sent are discarded automatically.