No Such Weblog

The marketing spin: At exactly this time, hundreds of thousands of extremely attractive names, taken on most other TLDs like .com, .net, .org, .biz and .info, suddenly becomes available, probably for the last time in many years. .NAME is the last TLD to become fully open of the 7 new top-level-domains introduced by ICANN in 2001.

Ed Foster reports about registrants who transferred their domain names away from Network Solutions, but on October 1 received expiration notices that offered to renew the domain names in question for an extra fee. NetSol later sent a letter apologizing for sending out erroneous notices to former clients.Sounds like the pattern observed in messages to the ALAC’s forum address and to Dave Farber’s IP list in early October.

Discussion on how to block blog spam is going on over at Feedster.Here’s one thing I found remarkable about the comment spam I got so far: Every single notification e-mail MT sent me about such comments was caught by spamassassin. The best way to attack this is probably by not reinventing the wheel, but marrying e-mail anti-spam tools with blogging software. Could be as easy as turning a comment into a fake e-mail message and handing that off to spamd before you accept a comment.Also, the blog world might wish have a look at some of the other lessons learned by the e-mail antispamming community. One of these: When there is a central point of failure that can make many spam filters fail at the same time (like a block list), then that service is attacked until it’s unavailable.

Princeton University Computer Science Technical Report TR 679-03 by John Halderman (discussion at Ed Felten’s Freedom To Tinker) dissects a CD copy protection scheme by Sunncomm Technologies that is based on Windows’ and MacOS X’s autorun features: When you insert a protected CD into a computer, drivers are installed that give access to DRM-protected versions of the CD’s content, and interfere with attempts to access the CD’s audio tracks.The scheme can be “broken” by disabling these drivers, or by turning off autorun. Also, the scheme is completely ineffective when Linux or MacOS 9 is run.SunnComm has now threatened to sue the technical report’s author for violation of the Digital Millennium Copyright Act.EFF press release.Later: Reactions, summarized by Donna Wentworth.Still later: Sunncomm says it won’t sue Halderman.

Verisign Statistics:

— 84 percent of Internet users who have tried Site Finder said that they preferred the service to receiving an error message.
— 65 percent of Internet users reported that they found the service easy to use while 61 percent said that Site Finder enabled them to find what they were looking for.
— 53 percent of Internet users said that Site Finder improved the Internet (an additional 35 percent of users thought it improved the Internet somewhat).

How many of those surveyed speak a language other than English as their native language? Remember, sitefinder is exclusively available in English.PS: That particular press release quotes a user talking about 404 responses. 404 is an error generated by a server when you reach it. It doesn’t have terribly much to do with Sitefinder.

This AFP story (in German) reassures readers that Gov. Schwarzenegger at least won’t be able to become POTUS, under the current US constitution.The story’s category at Yahoo: Cinema News.

At today’s meeting, Verisign’s Chuck Gomes rhetorically asked whether the conclusion should be that innovation at the network’s edges should be encouraged, even when it breaks standards, and that innovation at the network’s center should be discouraged, even when it complies with standards.Things are, of course, more difficult than that.

First, links into my notes: Hollenbeck, Schairer, Vixie, Smith, Bellovin, Klensin (+ discussion), final discussion. I suppose that electronic versions of the presentations will show up somewhere on the SecSAC site.Nothing unexpected happened: Verisign tried to be collaborative with respect to fixing individual technical issues (suggesting, e.g., to introduce a wildcard MX record instead of running a bounce server), but did not seem willing to compromise on the design side of things.The best presentations were clearly given by Bellovin and Klensin; however, they were hard to transcribe given the high information-per-time density. Both made the importance of the Internet’s end-to-end design for innovation — and the importance of a properly functioning DNS for that design — abundantly clear. The message from their talks is that sitefinder is not just a bad idea because of individual side-effects, but because of the service’s fundamental design.Finally, the question asked by (I believe) K Claffy from CAIDA in the end of the meeting is indeed interesting: What kind of testing did Verisign actually perform before rolling out Sitefinder? What kinds of hard facts were generated during that testing process? (I’d add one more, though: How could the “snubby mail rejector daemon” survive any kind of rigorous testing?)

Harold Feld: Does this break end-to-end? Getting into a war between Verisign and Microsoft?

Internet Protocols and Innovation. Starts by explaining interaction between MX and A records, and problems with early versions of Exchange and Outlook, taking up some remarks from Bellovin. Somewhat hard to understand over the webcast.