Where are the minutes from 01/15?

ICANN’s latest board meeting was on 15 January. There is still no preliminary report available. Relevant Bylaw language: No later than five (5) business days after each meeting (as calculated by local time at the location of ICANN’s principal offi…

ICANN’s latest board meeting was on 15 January. There is still no preliminary report available.Relevant Bylaw language: No later than five (5) business days after each meeting (as calculated by local time at the location of ICANN’s principal office), any actions taken by the Board shall be made publicly available in a preliminary report on the Website.

Novarg/MyDoom: Some MRTG plots.

As a follow-up to Tuesday’s notes on Novarg, some MRTG plots that illustrate what happened in my inbox this week. The blue curve is legitimate mail; green is spam (and other junk), or recognized virulent material. First, spam (and other junk that’…

As a follow-up to Tuesday’s notes on Novarg, some MRTG plots that illustrate what happened in my inbox this week. The blue curve is legitimate mail; green is spam (and other junk), or recognized virulent material.First, spam (and other junk that’s automatically recognized). Note the peak on Monday evening, when Novarg first appears, and also the substantially higher junk bandwidth ever since — due to notifications about the worm:

Media_httplogdoesnote_jppco

Second, recognized viruses (getting really interesting later in the same night):

Media_httplogdoesnote_vwbbw

If you want to compare the effect to Sobig.F, here‘s a similar plot showing Sobig’s last days.

DoC, ICANN defendants in sitefinder lawsuit

Ira Rothken on Politech: We decided to add ICANN and the United States Department of Commerce to our Federal Case in Northern California (Syncalot v. Verisign) involving the legality of Verisign’s SiteFinder service. We added the above additional …

Ira Rothken on Politech: We decided to add ICANN and the United States Department of Commerce to our Federal Case in Northern California (Syncalot v. Verisign) involving the legality of Verisign’s SiteFinder service. We added the above additional parties in an effort to have a more complete record and a full and fair adjudication of the issues. We are seeking to enjoin the SiteFinder service and declare it illegal. Here is a link to the First Amended Complaint which alleges, amongst other things, that Verisign breached its agreements and violated the law when it attempted to use control of the domain name root server to “break the Internet” and monetize domain name properties it did not own.Later: Bret Fausett has read the complaint and suggests that the lawyers in question haven’t done their homework.

February 4: Congressional hearing on WHOIS.

Writes Jeff Neuman: It has just come to my attention that there is a scheduled hearing entitled “Internet Domain Name Fraud — New Criminal and Civil Enforcement Tools” on Wednesday February 4th at 10:00 in 2141 Rayburn House Office Building. It i…

Writes Jeff Neuman: It has just come to my attention that there is a scheduled hearing entitled “Internet Domain Name Fraud — New Criminal and Civil Enforcement Tools” on Wednesday February 4th at 10:00 in 2141 Rayburn House Office Building. It is being sponsored by the Subcommittee on Courts, the Internet and Intellectual Property. It is a Subcommittee of the House Judiciary Committee. The list of witnesses testifying has not been finalized, but I have learned that a member from the IPC as well as a member from the International Anti-Counterfeiting Coalition may be testifying.

Data Quality?

The guys at ICANNfocus.org have published a story today that claims that ICANN is subject to the Data Quality Act. (The story is also at ICANNwatch, CircleID — and there was a copy in my inbox this morning; I understand that I’m not the only one …

The guys at ICANNfocus.org have published a story today that claims that ICANN is subject to the Data Quality Act. (The story is also at ICANNwatch, CircleID — and there was a copy in my inbox this morning; I understand that I’m not the only one who got that.)Two sets of messages here: First, there’s this organization named Center for Regulatory Effectiveness which suddenly gets interested in ICANN, sets up icannfocus.org, and puts much focus on the MoU and the Department of Commerce’s oversight role. The obvious question is, of course: What’s behind that rather specific focus, and the sudden interest?Second, the news itself. The Data Quality Act (maybe) applies to ICANN. The first question here is: What’s this all about? I’m European. I don’t have the faintest idea about US administrative law. So, what’s the Data Quality Act, and what would it mean for ICANN, in practical terms?Comments welcome.

RCOM v. Verio: Injunction upheld.

From TelecomWeb: The 2nd U.S. Circuit Court of Appeals has upheld an injunction barring a Web hosting company from accessing a registration service [i.e., WHOIS] for Internet domains in order to harvest information for mass-marketing use.

From TelecomWeb: The 2nd U.S. Circuit Court of Appeals has upheld an injunction barring a Web hosting company from accessing a registration service [i.e., WHOIS] for Internet domains in order to harvest information for mass-marketing use.

That latest virus.

The latest worm (called Novarg.a, Mydoom, or MIMAIL_R) is big news all over the place; technical analysis here and here and later here. In a nutshell, the virus uses tech babble as its social engineeering trick, claiming that some message couldn’t…

The latest worm (called Novarg.a, Mydoom, or MIMAIL_R) is big news all over the place; technical analysis here and here and later here. In a nutshell, the virus uses tech babble as its social engineeering trick, claiming that some message couldn’t be transported and had to be wrapped into an attachment. Once people fall for that trick (and amazingly many seem to do that), MyDoom apparently installs a key stroke logger and a network backdoor, and prepares to launch a DoS attack on sco.com.Being armed with good filters, a mail client I trust, and an operating system that won’t run Windows viruses, I normally consider e-mail virus outbreaks as part of the general noise that gets thrown away automatically.So, what makes this one special and worth a blog item? First, it has a new approach to social engineering. No more sex and crime (we recently had a relatively successful worm here which claimed — in German — that the recipient had been indicted for file sharing), but dry tech babble instead. And that approach works surprisingly well, leading to bombardment rates and bandwidth consumption last reached by Sobig.F last summer.Also, the large scale of this outbreak makes it interesting to look at e-mail statistics again. I received the first instance at roughly 9pm CET, that’s 3pm EST. Within just an hour, the bombardment peaked at several pieces of the virus per minute; fortunately (and somewhat surprisingly) much of this was caught by spamassassin. The virus scanner I’m also running kicked in at about 1 am, and has been catching the actual virus traffic since. Junk background noise is still far above the usual numbers, mostly due to bounce messages generated in response to viruses sent out with my e-mail address as the sender.What are the lessons? First, hardly news, but still worth repeating: Virus scanners don’t prevent infections, and — even when updated within hours — leave a huge window of opportunity for spreading a virus. Second, considerable annoyance is caused by virus scanning systems that still believe that they need to notify a message’s alleged sender of infections. Third, spamassassin’s heuristics prove surprisingly effective against much of the incoming virus flood.