May 30, 2005

An Infrastructure TLD - Avoiding the Side Effects of Today's .net

I've mentioned before that there is something special about the .net top level domain - in particular .net is the place where the legacy root DNS servers and most of the TLD servers are to be found.  Thus, if .net were to wobble there is more than a strong chance that the DNS root and other TLDs would also begin to wobble.  This kind of cross-dependency is something that A) is a risk to overall internet stability and B) is something that ICANN seems utterly unable to perceive.

So I ask this simple question: Why can't the domain names of the legacy root servers and TLD servers be moved to a new global infrastructure top level domain?  Such a new TLD would be intrinsically much more stable than .net.  In fact because the size would be small, a new infrastructure-only TLD could be readily cached and replicated, thus providing much more resiliency against attack and could be recovered much more quickly than .net should an attack be successful.

This new TLD should be used only for machines that provide services in support of DNS on a global basis (with the proviso that any server that delivers a TLD zone for any TLD, whether that TLD is ICANN approved or not, should be considered "global infrastructure".)

For the moment let's call this new TLD "q8m", which is a short phrase without any annoying semantics (I hope).

Thus this infrastructure TLD would contain delegations for things like "root-servers.q8m" and "tld-servers.q8m" to replace the existing "root-servers.net" and "tld-servers.net".

Anyone who wants to establish a group of infrastructure servers would register for a delegation in this this infrastructure TLD.  The registration agreement would require that the registrant police the use of the delegation so that the resource records found via that delegation are all present for the exclusive purpose of providing infrastructure services.

In order to discourage spurious thrashing of the contents of this infrastructure TLD there should be a steeply ramped fee schedule for updates.  The first 4 per year should be inexpensive ($25) but after that the fee should quickly ramp up to at least $100 per update.

Were this kind of infrastructure TLD to be established, much of the special nature of .net would be eliminated; a failure of .net would not then have the kind of destructive repercussions onto other parts of the internet that is now the case.

Posted by karl at 11:54 AM

May 26, 2005

Interesting T-Shirt Seen At Interop

This t-shirt surfaced, and then quickly submerged, at Interop in Las Vegas earlier this month.

Posted by karl at 4:59 PM

May 24, 2005

Permanent domain name registrations

Steven Forrest asks Why Can't Domain Names Be Forever?

The answer is this: There is no reason to prohibit permanent registrations. The idea that domain names must be rented is nothing more than an arbitrary and capricious business rule imposed by ICANN.

See my note on this point: The .ewe Business Model - or - It's Just .Ewe and Me, .Kid(s)

Posted by karl at 1:40 PM

May 22, 2005

Yet Another Kind of Internet Thievery (YAKOIT)

I've recently come across yet another kind of internet thievery.  This time it is perpetrated against voice over IP (VOIP) providers.  The amount stolen can easily run into the hundreds of thousands, and perhaps even millions of dollars (US).

This thievery requires that the thief be well schooled in the arts of national and international telephone regulation and the settlement system through which telephone providers pay money to one another for various aspects of handling calls.

An important part of these settlement transfers is the fee that the destination carrier charges to handle the final leg of the call - i.e. the job of of making the called person's phone ring.  In other words, for each call the destination carrier receives money from the upstream providers, the carriers closer to the person making the call.

Countries that do not have a nationalized telephone systems usually have administrative and regulatory procedures through which entities can qualify to become telephone providers.

Such providers make their money from revenue streams for outgoing calls made by their subscribers.  Incoming calls also generate revenue via the settlement payments from the upstream providers.  It is this latter flow of money that is of interest here.

Today there are many nascent VOIP providers - these range in size from giant telcos to intermediate companies such a Vonage to small ones such as nufone.

These VOIP providers have to pay settlement charges for those calls made by their subscribers when those calls have to be completed via the public switched telephone network (PSTN).  In other words, when a subscriber to a VOIP service places a call to a PSTN number, that VOIP provider has to pay a charge to some PSTN provider.

Here's how the thievery works:

1. A thief goes through the regulatory process in some country to qualify as a telco carrier.  In some countries this may be as simple as filling out some forms and paying a filing fee.  (Note - there a a lot of good folks who also do this - no one except the large telephone companies would benefit if it became virtually impossible for innovative providers to qualify as carriers.)

The next steps must occur relatively quickly - usually within a few days.

2. The thief publishes a very high completion charge for some or all of its numbers.

3. The thief then creates a pool of these high-incoming-tariff priced telephone numbers.  These numbers are just virtual numbers - they are nothing more than some software in some computer.  But they actually seem to ring when called and they do answer incoming calls.  Typically these numbers, once they answer, will never hang up.  Some just play elevator music in order enhance the pretense that these are real phone lines being used for real calls.

4. The thief then searches for a VOIP provider that meets three criteria:

    a) The provider will accept calls for these high-tariff phone numbers.

    b) The provider's charges are lower than the high-tariff.

    c) The provider has not yet realized that calls to these numbers are extraordinarily expensive and amended its own charges to its own customers to reflect these costs.

5. The thief then subscribes to this VOIP provider, creating a number of shills (usually computer programs, not people) that will be placing calls.

6. The thief then places a large number of calls through the VOIP provider to the high-priced numbers.  The VOIP provider is then in a position of having to pay a large call-completion settlement charge for each call while receiving only a small amount of revenue from its billing of the customer (the thief's shill).

The VOIP provider may not become aware that is is being squeezed in a settlement-charge vise until weeks later when it receives the bills for its PSTN charges.

Someone might ask: Isn't the victim VOIP provider negligent in allowing calls to destinations when it does not know what the completion costs will be?  My answer is this: I don't want to use the word "negligent" because that tends to carry implications that might in the minds of some excuse the actions of the thief.  I would say that the provider was ingenuous.  But I don't feel that this in any way reduces the culpability of the thief.

This is not a hypothetical problem.  I recently was sitting across the table from someone who operates a victim VOIP provider when he was presented with an invoice for more than $400,000 in settlement charges.

The primary victims of this kind of thing are the small VOIP providers who do not (yet) have a staff dedicated to monitoring the comings and goings of blocks of destination phone numbers around the world and the settlement charges for each.

It is these small providers who are the source of VOIP innovation.

I hope that the law enforcement community in the US and elsewhere realizes that a real crime is being committed against these providers and that appropriate enforcement action is taken.

Posted by karl at 5:43 PM

May 15, 2005

The Computer Is Listening

I've been doing a lot of work with VOIP recently.  I have both hard and soft phones - all of them are computers.  All of them contain software.  All, to some degree, are vulnerable to being attacked or manipulated from afar.

How do I know that my VOIP phones, particularly soft phones running on vulnerable operating systems (typically of the Redmond gender), are not always listening?

In fact why should I trust that any computer equipped with a microphone isn't listening?

It would be easy for a bit of spyware to turn on the microphone and record any voices it might hear.  It would be easy to compress those recordings and send them out amongst web traffic so that the transfers would not be easily noticed.

I may be paranoid - but with the onslaught of spyware today's paranoia could be tomorrow's reality.  It certainly would be nice if laptops and VOIP phones were designed with a physical switch that could disable the microphone and place it beyond the reach of software.

Posted by karl at 1:05 AM