June 18, 2009

Various interesting news and posts


The Web's most dangerous keywords to search for
http://blogs.zdnet.com/security/?p=3457
I've long known that some 75% of all screensavers found on the Internet via Google search contain malware but thought that some of these words were interesting: free games, work from home, iphone, barack obama. Something else interesting is the finding that when searching for lyrics keywords or phrases with the word 'free' in them one of four sites contain malicious code. Talk about blackhat SEO.

Building an Automated Behavioral Malware Analysis Environment using Open Source Software by Jim Clausing
http://www.sans.org/reading_room/whitepapers/tools/building_an_automated_behavioral_malware_analysis_environment_using_open_source_software_33129
Looks very promising. On my reading list.

Ex-DOS and Microsoft Exec Heading Up DHS Cyber Post
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9133855
Earlier this month Secretary Napolitano of the U.S. Department of Homeland Security named Philip Reitinger as Director of the National Cyber Security Center in DHS. This is a newly formed office in DHS. Previously Philip had held positions in DOD Cyber Crime Center and was leading the Trustworthy Computing initiative at Microsoft. Philip replaces Rod Beckstrom who vacated the post earlier this year citing lack of funding and internal support. I wish Philip all the best and hope he's able to get what he needs to get things done there.

June 6, 2009

ICANN grilled by Congressional subcommittee


Event:
Oversight of the Internet Corporation for Assigned Names and Numbers (ICANN)
Hearings - Subcommittee on Communications, Technology, and the Internet
June 04, 2009
The Subcommittee on Communications, Technology, and the Internet held a hearing titled, "Oversight of the Internet Corporation for Assigned Names and Numbers (ICANN)" on Thursday, June 4, 2009, in 2123 Rayburn House Office Building. The hearing examined issues related to ICANN, including the expiring Joint Project Agreement between the Department of Commerce and ICANN, as well as ICANN's proposed introduction of new generic Top Level Domains (gTLDs).

I found this event very interesting. It is a hearing to discuss the renewal of the Joint Project Agreement (JPA) between the US Dept of Commerce and ICANN. Among other things the JPA provides the US Govt (through NTIA) oversight of ICANN's operations. This agreement expires in September this year.

There were several people testifying during this event including the President of ICANN, GoDaddy's General Council, representative from Verizon, representative from NTIA, and a couple others who I missed their names.

There were several concerns put on the table: accountability, transparency, efficacy, stability and security. Many had sharp criticism of ICANN's progress toward a safe and stable Internet domain name governance system. They along with the Congressional subcommittee were not satisified with ICANNs response to shutdown malicious domains and questioned why they aren't taking more action against domain Registrars who violate their policies and agreements with ICANN. ICANNs President did not seem to have good answers which led the hearing chair to ask for written proof of the actions they have taken. I suspect this will lead to more probing by the subcommitte because it's my opinion, as well, that ICANN is not doing their job here! As I continue to see bad Registrars allowing new malicious domain names to operate.

Concerns over the additional gTLD (global Top Level Domain) proposal were expressed. If you aren't aware, ICANN is proposing to allow new long gTLDs be created and sold. For example .MOVIE, .LEGAL, etc. The main concern had to do with trademark protection.

All panelists who testified, with the exception of the ICANN President, wants to see Congress renew the JPA. The overridding concern if it isn't was the lack of transparancy and security of the system. Several stated a concern that a nation who is not friendly with the US might take over of ICANN and threaten the US' national security. I share this concern.

If you are involved in fighting malicious websites or spam or curious about ICANN's operations I recommend watching the videos of the hearings. You'll find downloadable files here:

http://energycommerce.house.gov/index.php?option=com_content&view=article&id=1642&catid=134&Itemid=74

Let's hope this helps drive ICANN to take the necessary measures to dramatically improve their measures when fighting malicious domains. In other words, do what they should be doing anyway!!!