Today was the deadline for comment on the ICANN consultation on the Initial Report on Fast Flux Hosting. This is the “technology” used by spammers, phishers, botnet herders, denial of service extortionists and cyberwarfare practioners around the world. It also has some, but not that many and decreasing, legitimate uses. ICANN meets in London next week to discuss what comes next.
The report is surprisingly easy to read although I recommend you begin with the orginal statement of the problem, then read the comments and then read the report – some of which is disingenuous in the extreme.
The reality is that a significant part of the “Internet establishment” has no wish to take action. The current situation is far too profitable for too many players, including the suppliers of reactive security (e-sticking plaster and e-immodium ) as well as those actively engaged in malpractive and cyberwarfare on both sides of the Oceans: Pacific and Atlantic.
Unless ICANN has shown, by the time of the next Internet Governance Forum meeting, in Egypt, that it can take a lead in helping ensure effective action, then the way will be clear for the ITU to do it for them, backed by Governments, Victims, Law Enforcement Agencies et al around the world.
I also think it highly unlikely that the US Government will even try to stop them.
The abuse of Fast Flux is now costing business, including Telcos and legitimate ISPs, far too much.
That will be a great pity, because the result will almost certainly be second best, if it works at all …
I joined ISOC back in 1995 after a presentation where I was told that, provided the Atlanta Olympics (the first big civilian commercial test bed) worked, we faced a rush to re-engineer the Internet and the comms structure which carries it, before they collapsed under overload as the commercial and consumer markets took off.
But the three big challenges were security, security and security.
I was told that ISOC (The Internet Society) had problems but would eventually grow into the self-governing body that the Internet needed in order to head off state control.
The achievements since then have been incredible – but the glacial progress in addressing the situation than enables fast flux and the excuses for not doing so, indicate an inexcusable institutional failure at the heart of Internet Governance.
ISOC failed and was succeeded by the Internet Governance Forum. Next week will see whether ICANN recognises the scale of the threat to its existance and is capable of taking action.
If not ….
P.S. Added 14/2/2009: My attention has just been drawn to the ICANN press release on their co-operation with Microsoft disrupt the Conflicker Worm. Perhaps the next couple of days will be rather more productive than I had feared. I glad to respond to suggestion that I make clear that the main change needed is to do with the behaviour of those in the domain name registration supply chain. Once again “its the wetware stupid”: the people processes and motivations rather than the “mere” technology. I should also say that I got my dates wrong. I c elbrated Valentines Day on Thursday when the Restaurants were less full. The deadline for inputs to the ICANN consultation is the 15th