Language Selection

English French German Italian Portuguese Spanish

Domain Hijacking Takes ICANN Spotlight

Filed under
Security

The report, announced Wednesday during an international meeting of the ICANN (Internet Corporation for Assigned Names and Numbers) in Luxembourg, followed at least two high-profile incidents this year of what is known as domain-name hijacking.

The committee advises the domain-name system overseer's board of directors and constituents such as the registrars that sell domain names to individuals and business and the registries that manage domains such as .com and .net.

Committee members expressed optimism that the report will lead to swift action, but it was still unclear as of late Wednesday whether ICANN's board planned to address the report's findings and recommendations at its meeting later this week.

The report left ICANN's recently changed policy for the transfer of domain names without blame in domain hijacking, although others in the domain-name industry have raised concerns that the change will fuel more stolen domain names. The new policy had focused on streamlining the process of transferring a domain.

The ICANN committee recommended 10 fixes for hijacking, which ranged from more public awareness and a domain-name emergency hotline to potentially stricter verification of the identity of domain-name holders and better record keeping of registrations.

One technical recommendation focused on the use of registrar locks and domain-name holder passwords. The report suggests that registrars use locks, which prevent a domain-name change until the name holder unlocks the name, and consider using a specification called "authInfo," which essentially password protects a domain name.

Currently, the authInfo password is not available for .com or .net, both of which are managed by VeriSign Inc. But VeriSign has said it plans to add the support, according to the report. Other domains, such as .org, .biz and .net, use the passwords.

Full Story.

More in Tux Machines

Quod Libet 3.2.1 Review – An Almost Perfect Music Player

It's a mystery why Quod Libet is not a more popular media player. It's been around for years and the developers have constantly worked on it. The last major update was done back in May 2014, and the software is stable and full of goodies. Quodlibet is a Latin phrase that means "what pleases" and it's used in music to describe a piece that's a combination of multiple melodies. The name seems to relate very well to the media player and it's actually quite catchy. Read more

Making Fedora work better [For me]

I’ve been talking to my fellow Fedora user, James [who happens to be my boss] and he’s told me a few extensions that are available for gnome 3 that make things a little better, and to be honest I like them lots. First of all you need to go here – https://extensions.gnome.org/ [use firefox] The first couple I have install is Applications Menu No Topleft Hot Corner Read more

Canonical Has Yet To Land X.Org Server 1.16 For Ubuntu 14.10

The Canonical X PPA offers the "X staging" packages with the new package versions providing the support. Besides the upgraded xserver package there's also version bumps to xserver-xorg-input-evdev, xserver-xorg-video-ati, xserver-xorg-video-intel, and xserver-xorg-video-nouveau that are built against the X.Org Server 1.16 ABI. Those wishing to upgrade to the X.Org Server 1.16 code can run sudo apt-add-repository ppa:canonical-x/x-staging; sudo apt-get update; sudo apt-get dist-upgrade for trying out these packages on Ubuntu 14.10 Utopic. Canonical sadly hasn't done any updates to these packages since the end of July per the Launchpad package details. Read more

Getting Involved With The New Raspberry Pi Graphics Driver

Eric Anholt, formerly a lead developer on Intel's Linux graphics driver, has been quickly working away at the VC4 Gallium3D driver and related code now being a Broadcom employee tasked with making an open-source driver for the Raspberry Pi. If you're looking to try out his in-development driver or help him out in the driver creation process, he's published a brief guide to lower the barrier to entry. Eric published a blog post on Friday that covers the steps for building a Linux kernel that has the VC4 driver, building mainline Mesa with the VC4 driver, and also building Piglit for carrying out regression tests. Read more