Articles about Verisign

Hey, uh ICANN. US govt here. You know we said we'd give you the keys to the 'net? Yeaahhh...

The US government has admitted its plan to move control of the internet's naming and numbering functions to a California non-profit next month may not move forward. In a letter [PDF] from the Department of Commerce (DoC) to ICANN sent August 31, the department's CFO gives the organization 30 days' notice that it may extend its …
Kieren McCarthy, 01 Sep 2016
Frustation, image via Shutterstock

Vidahost hikes domain name fees by a third, blames Brexit

Domain name biz Vidahost has hiked up the cost of its pricing by 33 per cent, blaming Brexit-induced exchange rate woes. In an email sent to customers and seen by The Register, the biz said: "Prior to the referendum to leave the EU, we spent time working up rigorous plans for the Brexit scenario. "True to form we focused on …
Kat Hall, 24 Aug 2016
A child selling newspapers

Bloke faces years in the clink for using hacker-leaked press releases in $30m trading scam

A US stock trader has admitted he profited from insider trading – by buying and selling shares using tip-offs from Ukrainian newswire hackers. Leonid Momotok, 48, of Suwanee, Georgia, pleaded guilty in a Brooklyn court on Monday to charges of conspiracy to commit wire fraud. He could get up to 20 years behind bars in addition …
Shaun Nichols, 03 Aug 2016

Someone (cough, cough VeriSign) just gave ICANN $135m for the rights to .web

An unnamed organization just paid $135m for the rights to sell ".web" domain names. This is three times the previous record of $45m for .shop, and seven times the average auction price for top-level domains. The massive price tag has raised eyebrows in the domain name industry, not least because one of the companies taking …
Kieren McCarthy, 28 Jul 2016

Verisign keeps its dot-com cash cow until 2024

Verisign will retain control over the dot-com registry until 2024, providing it with a multi-billion-dollar cash cow for the next eight years. Verisign's contract to run the internet's most valuable naming structure is not due to end until 2018, but in a sign of the power politics at the top of the internet, the agreement will …
Kieren McCarthy, 01 Jul 2016
Black hole - spaghetti visualisation. Artist's impression.  NASA/JPL-Caltech, CC BY-SA

Fat-thumbed a BGP entry? Relax, now your pain has a name

Users are familiar with those occasional events in which a sysadmin fat-thumb results in traffic getting deep-sixed – like, for example, this week's huge Telia outage. It's a problem that plagues the Internet and has done for years: the foundational Border Gateway Protocol (BGP) was designed in an era long-gone where sysadmins …

Man-in-the-middle biz Blue Coat bought by Symantec: Infosec bods are worried

Analysis Symantec’s deal to to buy Blue Coat, the controversial web filtering firm, for $4.65bn will bolster its enterprise security business. But some security experts are concerned about the potential for conflict of interest created by housing Symantec’s digital certificate business and Blue Coat’s man-in-the-middle SSL inspection …
John Leyden, 14 Jun 2016
Prison

Insider trading hacker pleads guilty to p0wning press releases

A Ukrainian ne'er-do-well who broke into market computers for an insider trading scheme has entered a guilty plea in the US. The 28-year-old, Vadym Iermolovych, has put his hands up to three charges – conspiracy to commit wire fraud, conspiracy to commit computer hacking, and aggravated identity theft. The US Department of …

Verisign settles .security XYZ lawsuit

Operator of the dot-com registry and two root servers, Verisign, has settled one of its two lawsuits against upstart .XYZ. CEO of XYZ, David Negari announced the news in an update on his personal blog. The unusual wording of the update was clearly a part of the settlement, with Negari noting that his company's actions had " …
Kieren McCarthy, 16 May 2016
Cloud security image

DNS root zone key boost

The internet's DNS root zone is about to get more secure with the rollout of a 2048-bit zone signing key (ZSK), in place of today's 1024-bit RSA key. The change reflects a gradual increase in the digital security of this critical piece of internet infrastructure. With the recent introduction of DNSSEC, the 1024-bit ZSK now …
Kieren McCarthy, 09 May 2016
Man shouting through a mega phone with abstract communication icons in the background

.XYZ files appeal brief

A court battle between top-level domain startup .XYZ and .com operator Verisign continues, with .XYZ filing its appeal brief. Verisign sued .XYZ in 2014 alleging trademark infringement and false advertising. .XYZ had run ads comparing its new internet addresses as a modern alternative to aged and outdated .com names. Verisign …
Kieren McCarthy, 06 Apr 2016

DNS root server attack was not aimed at root servers – infosec bods

The internet's root servers were not the target of a distributed denial-of-service (DDoS) attack in December which for a short time took out four of the 13 pillars of the global network. That's according to two security researchers who will present their findings at a conference in Argentina on Friday. Instead, they conclude …
Kieren McCarthy, 29 Mar 2016

Verisign, .xyz and the ABCs of a cutthroat domain-name industry

A lawsuit against upstart internet registry .xyz has been dismissed just a few days before it was due to go to trial. The case was brought by industry giant and .com registry operator Verisign and alleged .xyz had infringed Verisign's trademark and committed false advertising. However, the lawsuit was widely seen by the …
Kieren McCarthy, 29 Oct 2015

Verisign warns new dot-word domains could make internet unstable

Verisign, operator of the .com and .gov registries as well as two of the internet's 13 root servers, has warned that the "unprecedented" introduction of hundreds of new dot-word domains may make the internet unstable. In a quarterly filing to the US Securities and Exchange Commission this week, the tech biz included extensive …
Kieren McCarthy, 27 Oct 2015
Photo by Irene Fertik, USC News Service

How do you create an SLA and status page for the whole internet? Meet IANA: Keepers of DNS

When control of the internet's naming and numbering systems is handed over by the US government to domain system overseer ICANN, there will be one big change: it will be subject to a service level agreement drawn up by the internet community. ICANN's IANA department runs the world's DNS, IP address allocation, and other tasks …
Kieren McCarthy, 15 Oct 2015
padlock

Verisign opens up its DNS

Verisign is throwing its hat into the “free DNS” ring, promising not to retain information about recursive requests to its just-launched service. Verisign Public DNS is at 64.6.64.6 / 64.6.65.6, alas nowhere near as easy for people to remember as Google's 8.8.8.8 / 8.8.4.4. In the blog post launching the service, the director …
Funnel of cash. Credit: via SXC – http://www.sxc.hu/profile/Leonardini

Do you agree with our fee hike? Press 1 to answer Yes; or 2 for Yes

It has long been a concern that domain-name overseer ICANN is largely funded by companies reliant on the organization to make money. Every biz that wishes to sell domain names – called a registrar – has to pay the organization $4,000 a year, plus 18 cents on every domain they sell. In addition, they have to pay a variable fee …
Kieren McCarthy, 29 Sep 2015
virus_1_648

D-Link spilled its private key onto the web – letting malware dress up as Windows apps

Updated Taiwanese networking kit maker D-Link leaked a private code-signing key onto the internet for anyone to download. This is rather embarrassing because this key can be used to trick Windows computers into trusting and running malware. An eagle-eyed netizen told tweakers.net on Thursday that the code-signing key appeared in a …
Chris Williams, 18 Sep 2015

Plan to shift internet's control panel away from US government gets tentative thumbs-up

The plan to shift control of the top level of the internet away from the US government to domain name overseer ICANN has been given a tentative thumbs-up by the internet community. A public comment period on the proposal for the IANA functions contract closed earlier this week with 159 submissions received. Just under half the …
Kieren McCarthy, 11 Sep 2015

US government tweaks internet handover date: 1 October 2016

The US government will officially hand over control of the top level of the internet on 1 October 2016 – a year later than planned. The Department of Commerce announced on Monday that it will extend the IANA contract, today held by domain overseer ICANN, by one year, meaning that it will expire on 30 September 2016. At that …
Kieren McCarthy, 17 Aug 2015
Sergey Brin

Verisign sues Google's new love-interest .XYZ for a second time

Verisign is up to its old tricks again, having sued XYZ.com, the owner of the .xyz registry a second time. Barely a day after XYZ.com got a boost when Alphabet, Google's new parent company, set up shop at abc.xyz, details emerged of a suit filed by Verisign against XYZ.com, its CEO Daniel Negari, and CentralNic, XYZ.com's back …
Kieren McCarthy, 14 Aug 2015

Larry Page was held back by Google execs from flooding world with new dot-word domains

Google's new mom, Alphabet, has sent the domain name world into a frenzy following its decision to set up home at the online address abc.xyz. But behind the decision lies a deeper truth: Larry Page, as Google CEO, wanted his search giant to go big on new dot-word domain names – like .book or .computer – but was stymied by …
Kieren McCarthy, 13 Aug 2015

DNS root zone drama: Follow live the most important dullest ceremony you'll ever see

If you have literally nothing better to do today, we would recommend watching the most important but dullest ceremony you can catch online. The eight-hour event is taking place today in Los Angeles and is being streamed live – just like the Oscars. Although without the music, or famous people, or speeches, or ball gowns. OK, …
Kieren McCarthy, 13 Aug 2015
Padlocks by Simon Cocks Flickr CC2 license

IoT security is RUBBISH says IoT vendor collective

A vendor group whose membership includes Microsoft, Symantec, Verisign, ADT and TRUSTe reckons the Internet of Things (IoT) market is being pushed with no regard to either security or consumer privacy. In what will probably be ignored by the next startup hoping to get absorbed into Google's Alphabet's Nest business, the Online …

If you read anything today about ICANN taking over the internet, make sure it's this

Analysis The internet community has published its plan to pull the United States government out of its role at the top of the internet's hierarchy. Unfortunately, the near-final version is a hodgepodge of ideas and compromises that fails to address a key aspect of Uncle Sam's role. In addition, the plan substitutes a complex set of …
Kieren McCarthy, 04 Aug 2015
Internet email sign. Pic: @mattw1lson, Twitter

Next-gen secure email using internet's own DNS – your help needed

A group of researchers from the US government and dot-com operator VeriSign are working on a new system for secure email: using domain names. Highlighting the problems and security holes associated with current mail systems, the team from the National Institute of Standards and Technology (NIST), a subset of the US Department …
Kieren McCarthy, 03 Aug 2015

Cyber-security's dirty little secret: It's not as bad as you think

New research from the Global Commission on Internet Governance has reached a surprising conclusion: cyberspace is actually getting safer. The report [PDF] starts from a simple enough premise: while we are constantly told that incidents of cyberattacks and online security threats are increasing, are they growing relative to the …
Kieren McCarthy, 18 Jul 2015

Dot-com da-bomb Verisign fires off an OpenDNS rival

Operator of the dot-com registry Verisign has launched a rival to popular online security service OpenDNS, called DNS Firewall. Announcing the service in a blog post, Verisign's Michael Kaczmarek said that protecting a company from cyberattacks was "becoming increasingly difficult and expensive," and pointed out that hackers …
Kieren McCarthy, 08 Jul 2015
Photo of Mark Shuttleworth at CeBIT 2014

Ubuntu daddy Mark Shuttleworth loses fight to cancel $20m bank fee

Mark Shuttleworth has lost his long-running fight to reverse a US$20m (£12.8m) bank charge levied after he transferred a fortune out of South Africa. In 2001, Shuttleworth, the founder of Ubuntu Linux maker Canonical, emigrated from his home nation of South Africa to the Isle of Man. In 2008, he tried to withdraw R2.5bn (US$204m …
Shaun Nichols, 19 Jun 2015

Drupal flicks fix to nix OpenID admin account hijack hole

Drupal has shuttered a flaw in its implementation of OpenID that allows attackers to log in as web site administrators. The flaw (CVE-2015-3234) is the most critical of four and affects versions six and seven of the content management system. Drupal's security team say attackers can target unpatched systems if they hold an …
Darren Pauli, 19 Jun 2015

Duqu 2.0‬ malware buried into Windows PCs using 'stolen Foxconn certs'

The super-sophisticated malware that infiltrated Kaspersky Labs is craftier than first imagined. We're told that the Duqu 2.0 software nasty was signed using legit digital certificates issued to Foxconn – a world-leading Chinese electronics manufacturer, whose customers include Microsoft, Dell, Google, BlackBerry, Amazon, Apple …
John Leyden, 15 Jun 2015

Confidential information exposed over 300 times in ICANN security snafu

Two months after claiming there was "no indication" that confidential information was exposed in a security cock-up, domain name overseer ICANN has admitted it happened on at least 330 occasions. Following an audit of its main customer portal, the organization confirmed what we reported at the start of March: that misconfigured …
Kieren McCarthy, 30 Apr 2015
Data storage everywhere - CD, DVD, DAT, DCC, HDD, MiniDisc, SSD, SD card, floppy, magnetic stripe, barcode

This is what happens when a judge in New York orders an e-hit on a Chinese software biz

Analysis A New York court has tried to knock DVD ripping software biz Fengtao offline by issuing an injunction against its domain names, social networking accounts and online payment systems. Judge Vernon Broderick ordered [PDF] that dozens of domain names including DVDFab.com, DVDFab.net, DVDFab.jp, DVDFab.de, Ray-ripper.us, Boooya. …
Kieren McCarthy, 24 Mar 2015
REM's Shiny, Happy People

Fizzy bubbles at the ready: Dot-com celebrates 30th birthday

In 1985 most commercial internet users were US government contractors, but all of that was set to slowly change after Symbolics became the first company to register a dot-com domain name. Thirty years on, the total number of registered top-level domains (TLDs) surpassed 288 million at the end of 2014, according to the latest …
Kelly Fiveash, 14 Mar 2015
Total War: Shogun 2

WHY are GoDaddy and Verisign stockpiling patents? Do I smell war?

A raft of patent applications has presaged a possible legal war in the rapidly expanding domain-name industry. This year alone, market-leading registrar GoDaddy has applied for no less than eight patents specific to the DNS world, covering everything from searching for a domain name to register, to recommending a specific …
Kieren McCarthy, 04 Mar 2015
Double Facepalm; when one facepalm is not enough.

ICANN switches off dot-word admin portal amid security leak scare

Global domain-name overlord ICANN has found another security hole in its systems. This time, confidential data on companies vying for new dot-word domains may have been snooped on by rivals logged into ICANN's catch-all portal – meaning commercially sensitive information as well as important technical details on the internet's …
Kieren McCarthy, 02 Mar 2015
David and Goliath in the Valley of Elah

Who's un-dot-pressure? .com overlord Verisign sues .xyz kingpin

Updated Dot-com registry operator Verisign is suing the largest new gTLD registry, dot-xyz, alleging false advertising. In its lawsuit filing [PDF], submitted to the eastern district court of Virginia, Verisign claims the biz behind .xyz has violated the Lanham Act, which outlaws trademark infringement and false advertising. Dot-xyz …
Kieren McCarthy, 25 Feb 2015

Dot-com is dead. Long live dot-com

As you probably know, the internet's domain names are dominated by a single three-letter ending: "com". What you probably don't know is the sheer scale of dot-com's dominance. There are roughly 116.5m domains ending in ".com" – more than all of the 25 next largest registries combined. When the industry draws bar charts of …
Kieren McCarthy, 24 Jan 2015

Confusion, fear and growing pains: ICANN bigwig spells out gTLD headaches

It's not easy being global DNS overseer ICANN right now. The addition of hundreds of new generic top-level domains – gTLDs from .book to .ninja – has been an operational headache; the transition of the key IANA contract is put it under an unfavorable spotlight; and a recent hack of its staff admin systems has raised questions …
Kieren McCarthy, 13 Jan 2015

ICANN's technical competence queried by Verisign report

EXCLUSIVE A review of the globe's DNS security, stability and resiliency by dot-com registry and root server operator Verisign has called into question the technical competence of domain name overseer ICANN. The 33-page document, seen by The Register and due to be published soon, comes just days after the news emerged that ICANN's staff …
Kieren McCarthy, 24 Dec 2014
Man in suit of Viking armour

Armouring up online: Duncan Campbell's chief techie talks crypto with El Reg

Crypto toolbox, Part I I think I was about 15 or 16 when PGP was making headlines for being classified as munitions by the US government and was (supposedly) banned from export. While I wasn’t a subversive type at the time, I got a very strong sense that any software that scared the mighty USA so badly was something I ought to play with and try to …
Matt Fowler, 19 Dec 2014

How does the US government run the internet? This is how

The US government has posted a step-by-step guide to how it authorizes changes to the internet's root zone – the heart of the world's domain-name system. The 16-page slide deck [PDF] published by the Department of Commerce's National Telecommunications and Information Administration (NTIA) sheds light on what has been a …
Kieren McCarthy, 16 Dec 2014

It's nearly 2015 – and your Windows PC can still be owned by a Visual Basic script

Microsoft has patched 25 software vulnerabilities – including bugs that allow hackers to hijack PCs via Internet Explorer, Word and Excel files, and Visual Basic scripts. Everyone is urged to install the fixes, as well as a batch of updates from Adobe: a flaw in the Flash plugin is already being exploited by hackers to take over …
Shaun Nichols, 09 Dec 2014
corset

George.Best walks into a sex.bar, spots a bearded dwarf sysadmin and thinks: Warcraft.cool

Nearly 10 million locked-away domain names will be set free and go on sale over the next two months. But before you get excited, take a look at a list of them – beware, it's a huge CSV file. Among the very occasional gems like sex.bar, george.best or warcraft.cool, there are literally millions of utterly worthless domains …
Kieren McCarthy, 21 Nov 2014

FACEPALM! HP cert used to sign malware

HP accidentally signed some malware, according to Krebs on Security. Krebs reports that the certificate was “used to cryptographically sign software components that ship with many of its older products”, mostly for PC software, but that back in 2010 it was also used to sign some malware. HP will therefore revoke the certificate …
Simon Sharwood, 12 Oct 2014
cookies_eyes_privacy evercookies flash cookies

Boffins plot global (browser) cookie crumb trail

Privacy laws covering the use of personally-identifiable information are, on a global scale, creating a dizzying patchwork of cookie-cutter cookie-serving companies created to sniff our Web browsing. That's one conclusion of research led by Marjan Falahrastegar at Queen Mary University, London. The group, which included …
named data networking

DEATH TO TCP/IP cry Cisco, Intel, US gov and boffins galore

The US National Science Foundation, Cisco, Verisign, Panasonic and boffins from around the world have thrown their weight behind a new “Named Data Networking Consortium” that aims to develop “a practically deployable set of protocols replacing TCP/IP that increases network trustworthiness and security, addresses the growing …
Simon Sharwood, 05 Sep 2014
Mozilla Firefox Fox sitting down

Lazy sysadmins rooted in looming Mozilla cert wipeout

Mozilla is about to revoke some weak X.509 PKI certs, and has warned sysadmins that it will affect the Firefox browser and they'll need to assess their infrastructure. The four affected root certificates from Entrust and ValiCert are marked for removal because they contained weak keys. A further seven from CyberTrust, Thawte …
Darren Pauli, 20 Aug 2014
Windows XP boot screen

Office, IE, Flash fixes accompany Windows XP's final Patch Tuesday

Microsoft has released patches for critical security vulnerabilities in Word and Internet Explorer on what is to be the final Patch Tuesday update for Windows XP systems. The April edition of the monthly security update contains four bulletins that address a total of 11 vulnerabilities in various Microsoft products. Two of the …
Shaun Nichols, 08 Apr 2014
Microsoft Cybercrime Center

Cybercrook? Bent on mischief? WE'LL GET YOU, vow Facebook and pals

Internet heavyweights have teamed up to form a non-profit organisation designed to supply internet infrastructure operators with free tools and intelligence in the fight against cybercrime. Facebook, security intelligence firm Crowdstrike, Verisign, ESET Anti-Virus, Verizon and the Anti-Phishing Working Group, among others, are …
John Leyden, 25 Mar 2014