names

GoDaddy blocked in China

GoDaddy, the world's leading domain name registrar, is inaccessible in China, writes Moonlight Blog. Possible reasons? Efforts to prevent people from registering Olympic winners' names, or the hope that Chinese users will register domains in China.

If the goal is to make it less convenient (though by no means impossible) for Chinese to register non-Chinese domain names, this may represent an effort to keep Chinese-published material under home control.

Moonlinght tells us more about the Olympic angle:

The current blocking may be related to the Beijing 2008 Olympic Games. China's sport authority has banned the issuing of Internet … Read more

Is Kaminsky's DNS flaw public?

Thirteen days after Dan Kaminsky asked his fellow security researchers not to speculate on the details of his DNS flaw, a fellow Black Hat researcher published his own speculation, and apparently got it right.

On July 8, IOActive researcher Kaminsky disclosed a flaw in the Domain Name System (DNS), but would not provide the details until all the affected vendors had released patches and all the systems worldwide could be patched. He figured it would take about 30 days for that to happen. The 30-day mark also just happened to coincide with his speaking engagement at Black Hat in Las … Read more

Security Bites 107: Dan Kaminsky talks about responsible vulnerability disclosure

In the middle of a flood of news surrounding a serious vulnerability within the fundamental structure of the Domain Name System (DNS) is the story of how researcher Dan Kaminsky chose to handle his discovery and, hopefully, it's mitigation. What Kaminsky did was coordinate several vendors in a multiparty, simultaneous release of a patch--a patch that he feels doesn't lend itself to easy reverse engineering.

For the moment, Kaminsky is not talking details. He's hoping that people will apply the various patches, update their DNS servers and clients, and do so before the bad guys can craft … Read more

Massive, coordinated DNS patch released

A security researcher has responsibly disclosed a fundamental flaw within the Domain Name System (DNS), the addressing scheme behind the common names used on the Internet. Currently, it may be possible to guess these transaction ID values in advance and assert a malicious server as the authoritative DNS server for a popular bank or e-commerce site. The news was announced Tuesday.

Dan Kaminsky, director of penetration testing services for IO Active, found the DNS flaw earlier this year. Rather than sell the vulnerability, as some researchers have done, Kaminsky decided instead to gather the affected parties and discuss it with … Read more

Microsoft fixes 9 flaws with 4 patches; none critical

Microsoft today released its July 2008 security bulletin highlighting items all considered important but not critical. They are for Domain Name Service in Windows, Windows Explorer within Windows Vista, Outlook Web Access (OWA), and Microsoft SQL servers. All Microsoft security patches for both Windows and Office software are available via Microsoft Update or via the individual bulletins detailed below.

MS08-037: Important

Entitled "Vulnerabilities in DNS Could Allow Spoofing (953230)," this bulletin is for users of Windows 2000, Windows XP, and Windows Server 2003; not affected are users of Windows Vista (both 32-bit and 64-bit editions) and Windows Server … Read more

ICANN adopts new Web site naming rules

The Internet Corporation for Assigned Names and Numbers voted Thursday to relax rules for naming Web sites.

At its meeting in Paris, ICANN, a not-for-profit organization that oversees the naming scheme for Web sites, voted to accept a proposal that will allow companies to purchase new top-level domain names ending in whatever they like.

So, for example, instead of being restricted to sites ending in .com or .org., eBay could have a site that ends in .ebay, or New York City could end its Web site with .nyc.

The new naming process will begin in 2009. The first suffixes will … Read more

More on band names

As a quick follow-up to yesterday's post on profane band names: McSweeney's has just released a book that simply lists more than 50,000 heavy metal band names. The Q's are listed here.

Still stuck for a name? There are tons of band-name generators on the Web, including this one for metal band names, with a checkbox to include non-evil words. Finally, John Roderick of The Long Winters blogged last week about selling out, and how Seattle rock bands used to purposely choose ridiculous names to appear more authentic.

ICANN to vote on new Internet domain names

The Internet Corporation for Assigned Names and Numbers is getting ready to vote later this week to open up the Internet naming convention to allow more options.

On Thursday at its meeting in Paris, ICANN, the not-for-profit organization charged with overseeing the Internet's naming scheme, will vote on a proposal that would allow companies to purchase new generic top-level domains ending in almost anything they want. So instead of being limited to .com, .org or .co.uk as the last letters of their Web addresses, companies or organizations could add their company name to the end of their URL. … Read more

What's in a (concocted) name?

I work for frog design, and frequently at conferences and parties, people ask me about the name: What does it mean? Where does it come from? While some suspect it symbolizes the agility of that animal species, the truth is that our German founder, Hartmut Esslinger, coined it as an acronym for "federal republic of germany" -- the lower case spelling of "frog" referencing the egalitarian tradition of Marxist semantics, back then in the 60s when frog was born.

Sam Birger, the founder of Nomenon, a renowned naming firm, whom I met in NY last week, … Read more