ICANN rejuvenation is central to curbing SPAM and Malware

| 2 Comments | No TrackBacks
| More

The efficient functioning of the Internet, on which modern society has come to depend, relies on the efficient functioning of the domain name system.  The abuse of that system is at the heart of the malware industry. That governance of that system, from ICANN downwards, is run by registrars for registrars. The registrars range from the reputable to the criminal. ICANN recently discovered that one of those at the heart of a web of malpractice was indeed a convicted criminal.

 

Others, including in the national registries, exhibit similar behaviour patterns but action is harder because they have not already been convicted for other crimes. Most registrars, are, of course reputable. But they are running on very tight margins and have neither the time nor inclination to help clean the stable. More-over the tradition of the Internet is of just-in-time retro-fixes: the race against catastophe while striving to maintain the myth of security and resilience and protecting the users from reality. 

 

I have just come from meeting some of the engineers who run ICANN. They are most impressive. The Haight-Ashbury hippies of '67 grew up and retired. But the price of self-governance is, as in other trades and industries, task forces and advisory boards clogged by those whose concern is efficiency in the interests of suppliers rather than of customers.

 

Meanwhile government regulation would add inefficiency to corruption, albeit the latter is more commonly intellectual than moral or financial.     

 

The self-regulatory bodies of other "trades" preserve their status by adding effective independent directors and consumer panels. Those who run the domain name "trade" have yet to do so. The current abuses are unlikely to be checked until they do. Too many are doing too well from them. "Reform" would put two multi-billion dollar industries at risk: cybercrime (from malware authors, through botnet herders to spammers and extortionists) and cybersecurity (from the producers of e-sticking plasters and e-immodium to the armies of consultants and compliance officers). 

 

To get a feel of the task read the "Final Report of the ALAC Review Working Group on ALAC improvements", or rather read Appendix 3, the dissenting report. Then read the summary of key points in the report itself (page 5). Then try to read the full report. You will not undestand most of it - but you wil get the flavour. Then make your comments - well before the deadline if possible so as to help stimulate constructive debate rather than simply vent your spleen. 

 

ALAC stands for "At Large Advisory Committee". It took me a while to realise that this meant relations with everyone outside the extended "family" that actually runs the Domain Name system. 

 

The "answer" appears to be deceptively simple but is there the "will" to bring it about?

 

All whose businesses would be a risk if their domain names were compromised should put a fraction of what they spend tackling the flood of malware or protecting their brands into helping reform the DNS. A key part of that "help" should be to give a technically and professionally competent member of their security team a modest allowance of time and expenses to network with their peers, via one of more of the many security "clubs" (professional bodies, trade associations and special interest groups). A key objective of that networking exercise should be to identify and support suitably skilled, informed and trusted candidates for the various DNS governance committees and working groups - both national (e.g. Nominet) and International (ICANN) and working groups.

 

And that process should begin by making the time to read the report of the ICANN "At Large Advisory Committee" and respond. This consultation and the meeting in Mexico to which it is leading is probably "make or break" for ICANN.

 

Replacing ICANN by an ITU committee, as opposed to rejuvenating it, would definitely be second best. But its role in the global critical infrastructure makes this inevitable - unless the users join the "family". 

 

P.S. I too was on Haight-Ashbury in the summer of '67 - although no-one believes me until I tell the story of when the house in which I was staying caught fire. The fire-fighting exercise was, in retrospect, bizarre and foolhardy - but successful. The fire was out before the fire brigade arrived and created havoc. Somewhere there is a metaphor here for the way the ex-hippies ran the Internet for its first thirty years - keeping Government at bay

 

P.P.S. I have just been asked how you join ICANN and Nominet and get involved.

 

Click here for details of the ICANN "Business Constituency" - including how to join.  It is remarkably cheap. The numbers look impressive until you realise that almost all are participating via groups like the ICC and WITSA. If your domain name is not worth more than  that 1500 euro subscription for even a large organisation you should not be in business 

 

Click here for details of membership of Nominet. Again remarkably cheap. If you have a .uk domain name to protect it is a no-brainer - little more than you pay for anti-virus and firewall on a single PC.

 

The bigger question is how to get involved. I suggest you join direct but then network with your peers (via your professional body or trade association and the relevent special interest group) and share the load with those you trust because their interests are similar to yours.

 

That is rather like the advice that I give to people when they ask how to get best value from their EURIM subscriptions. The challenge is rather similar: achieving results in areas that are important, where inaction could cost you very dear, but you have to ration your time.

 

No TrackBacks

TrackBack URL: http://www.computerweekly.com/cgi-bin/mt-tb.cgi/37780

2 Comments

Knujon's recent report on dodgy registrars tells us two useful things:

Firstly, the problem is not insurmountable - 83% of spam and illicit activity (including phishing and malware distribution) uses domains issued by just TEN registrars.

Secondly, regulatory action does work. ICANN issued breach notices threatening to remove accreditation for two registrars, who subsequently cleaned up their act.

Benedict.

Fixing DNS is only a small part of a possible solution. It may or may not be an important part but it is definitely far from the only part. Fast flux, or otherwise, the spammers, legal or otherwise, already have their huge lists of email address and can go on harvesting them whatever happens at ICANN and can go on sending out emails via Botnets. Some spammer will just invent a new technique that makes Fast Flux unnecessary - count on it.

Without an agreed transport protocol that includes email sender authentication (which is not an ICANN issue, as far as I know) SPAM will continue, because the industry wants it to. SPAM is the cheapest form of customer capture ever invented. However, that may be the real way to solve it: stop it being cheap. How about an Internet Congestion Charge? If industry wants SPAM so badly, maybe they will be willing to pay for their bulk email, instead of deliberately torpedoing every attempt to control or eliminate it.

I also have another worry. I have huge respect for the original designers of the Internet protocols. No other ICT creation has scaled so well or lasted so well or survived so well, but then survivability and resilience were core design priorities of the Internet. What if Fast Flux is a way to help us survive a deliberate cyber-warfare attack? The protocols aren't the problem, the people are. Like the song says: same as it ever was...

Leave a comment

About this Entry

This page contains a single entry by Philip Virgo published on February 15, 2009 10:48 AM.

Surgery for the rotten heart of the Internet? was the previous entry in this blog.

Is there a secret all-party deal on Digital Britain? is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Archives

Recent Comments

 

-- Advertisement --