ebw's blog

Friday Freedoms

Jonah's schedule has been wildly erratic for weeks, but there's some improvements -- I will be able to drive to Binghamton and take a course or two.

diestel-thumb.jpg removed.

tags:

Meanwhile, back at the SSL certificate and (actual) IANA root editor's office ...

Reuters is carrying a piece by Joseph Menn, Key Internet operator VeriSign hit by hackers.

Several paras caught my eye. These two:

"Oh my God," said Stewart Baker, former assistant secretary of the Department of Homeland Security and before that the top lawyer at the National Security Agency. "That could allow people to imitate almost any company on the Net."

The VeriSign attacks were revealed in a quarterly U.S. Securities and Exchange Commission filing in October that followed new guidelines on reporting security breaches to investors. It was the most striking disclosure to emerge in a review by Reuters of more than 2,000 documents mentioning breach risks since the SEC guidance was published.

And this one:

Ken Silva, who was VeriSign's chief technology officer for three years until November 2010, said he had not learned of the intrusion until contacted by Reuters. Given the time elapsed since the attack and the vague language in the SEC filing, he said VeriSign "probably can't draw an accurate assessment" of the damage.

I've met Ken several times while he was CTO of (the whale) VGRS and I was CTO of (a minnow) CORE. I think his assessment (VGRS's inability to draw an accurate assessment at the point in time it disclosed the breach to the SEC) is likely to be correct.

I've no idea if this was disclosed to ICANN and/or the DoC as part of the .net contract renewal. The notion that the duty of disclosure by publicly traded corporations of operational failure extends to SEC, for the protection of investors, and no further, comes as a surprise. This is the dot after all.

ICANN Board Seat #9 (ASO AC appointed)

The ICANN Bylaws entity, the Address Supporting Organization, will begin public consideration of the candidates for ICANN Board Seat #9, currently held by Ray Plzak. I've offered to serve, as has Martin Levy, Bill Manning, and Ray Plzak.

ICANN pads the tab (again)

After granting a blanket half dollar in additional profits to the price capped registries, each beneficiary is rolling out its price hike implementation. Neustar today raised its wholesale price for new registrations, transfers and renewals for its .biz inventory by $0.55 per domain per year. Three weeks ago the Internet Society ran the same plan concerning it's .org inventory.

What justifies the price increase? The triumphant competition narrative has been that since the competitive registrar testbed was introduced in 2000 that prices for domains have fallen from $35 to $6. How is that narrative "enhanced" by a program of price increases for the price capped inventories, and what base costs, or contractions, can support a necessity claim for an increase in end-user costs?

2012 Submarine Cable Map

The 2012 edition of one of my favorite wall hangings is out. I'll have to pass on the purchase (I've the 2009 version I picked up to add some visual interest to an otherwise dull vendor exhibit that kept getting recycled, at ICANN meeting after ICANN meeting), but it is fun to peer at (pun).

submarine-cable-map-2012-m.jpg deleted.

Means of Arrest

In today's Le Monde there is a useful five-part infographic showing how name to address resolution works, from the end user associating his or her endpoint device, e.g., a browser, with a file shareing resource, e.g., Megaupload.com, and how the FBI interposed on the name to resource mapping, preventing such associations. The amount of French poor Francophobes must read to understand the sequence of wire frame diagrams is limited (and Google does translate for those that need help). See Comment le FBI a-t-il bloqué Megaupload ?.

In updates to this post I'll expand on the aspects I think interesting.

First, while the DoJ sites are servicing the LOIC loads, a copy of the indictment can be found here: MegaUpload.pdf.

Second, to quote from the NYTimes piece to get to a quote from GW Law's Orin Kerr

The Megaupload case is unusual, said Orin S. Kerr, a law professor at George Washington University, in that federal prosecutors obtained the private e-mails of Megaupload’s operators in an effort to show they were operating in bad faith.

"The government hopes to use their private words against them," Mr. Kerr said. "This should scare the owners and operators of similar sites."

See 17 USC 512(c)(1)(A) for the significance.

Update 1:
A writer for the LA Times provides an interesting view in http://opinion.latimes.com/opinionla/2012/01/copyrights-feds-push-novel-theories-in-megaupload-case.html.

Fire and Counter-Fire

The Meagupload case has generated a response, LOIC has been deployed. The collective's targeteers have selected the US DoJ and other high-value targets of the public facing (non-operational) US critical infrastructure, effecting a reduction of efficacy of the USG's direct messaging outlets, and the public facing critical infrastructure of Universal and other major political contributors to the SOPA/PIPA/... copy suppression bills.

1451406_3_1551_l-interface-d-utilisation-de-loic_c75f5844b3e731d2cc4394000c8d6990.jpg removed.

Olympia was not pursuaded

I wrote Cheryl Leeman, the occasional Mayor of Portland (prior to direct elections, when it was a rotating "honor"), and permanent sole Republican on the City Council, and Olympia's District One Constituency Office goto person, twice that SOPA and PIPA were simply bad policy bills and Olympia should revise her support for the bills as written (by the record label PACs). Without effect.

I didn't bother with Susan's contact, I prefer that whoever runs against her has this issue -- shareholders in artist-abusing labels and their contributions are more important to the incumbent than Mainers and their use of the net to be informed and to create and share their cultural works. Incumbent hates teh netz.

19sopaspan-articleLarge.jpg removed.

Snow day. Updating DNS

The sound of rain diminished before dawn. Jonah went back to sleep and we awoke to snow. I spent the previous evening chasing down the crypto lib dependencies in openssl and kerberos to get warning free linker output when building bind9.9.0rc1. With that installed on ns{0,1}.wampumpeag.net, this morning's chores are cleaning up zone files. Jonah's replacement camera, a cisco Flip, the first (I hope, oh holy UPS brown shorted dieties) of three warranty covered exchanges of the data-dead for the data-quick. He spent part of yesterday's skate time filming the VHS tapes at the Cass Park rink. His skating has vastly improved, and he fit right in with the Fall Creek Elementary kids, skating with his sister Kezzie and her friends.

This is the end of the second week of Jonah-at-home, his autism program at the middle school having utterly melted down before the break and the head teacher, only five months on the job, abruptly resigning. As in prior IEP go-arounds, my requests for instrumental music in the form of guitar, for music generally in the form of a chorus or music appreciation class, and for any kind of art were refused. New York doesn't cover "art therapy", and a disabled student who wants to do art work is, apparently, incapable of receiving art education services other than in a art therapy context. I suppose art and music are only for the "normal" students.

New IETF non-working group email list

The purpose is to discuss the need for an antitrust or competition policy for the IETF. If the consensus is to create one, then the content of that policy will be discussed as well.

It used to be that just moving a multi-vendor activity to the IETF was sufficient to immunize the parties from Sherman Act liabilities. Perhaps this is no longer sufficient, though given the absence of prosecution(s) by the US Department of Justice, the source of liability may be in a jurisdiction other than the United States.

Pages

Subscribe to RSS - ebw's blog

Register a Domain

placeholder block for the registrar function.

hosting

Yes. We host blogs. Available choices are drupal, movable type, wordpress, and django.

vis3

vis3