Larry Seltzer

Why We Havent Stopped Spam Several years ago when Bill Gates declared that the spam problem would be solved within two years, he appeared to be thinking of SMTP authentication as the heart of that solution. I wouldnt have said what he said, but I was pretty optimistic too. Not anymore. The overwhelming power of […]

The weaknesses of conventional anti-virus are well-known: Its mostly a reactive approach, looking for problems after theyve already been identified. Threats which havent already been found—”zero-day attacks”—either have to be identified through more generic threat detection techniques or slip through undetected. The generic detections, also known as heuristics, are prone to false positives. Kaspersky Anti-Virus, […]

When a code signing signature is revoked, who revokes it? The certificate authority, of course. Obvious, one would think, unless the evil presence of Microsoft is detected. At that point, some think, everyone elses free will melts away and they do Redmonds bidding irrespective of their own interests. So it was in the case of […]

Im a paying subscriber to several of DynDNSs e-mail services. Today I got a newsletter from them announcing that they will stop generating local NDRs (non-delivery reports) from their services. NDRs, also known as bounce messages, are error messages from mail relay servers back to the message sender saying that the message cannot be delivered. […]

Oops, were sorry, says Skype in its explanation for why its network was down for about two days last week. In fact, I was having trouble with it on Day 3 as well, but its back up and running now. Click here to read more about the recent Skype outage and how it was fixed. […]

A report not too long ago of a vulnerability in many Firefox extensions raised in the process the old issue of DNS security. The issue of security of DNS servers has been on a low simmer for years. A few people have been and remain agitated on the matter, but for most of us it […]

Microsoft has a bad reputation for issuing fixes for software problems, but they do fix lots of them, all the time. Its inevitable for a company with so many products used by so many people. Usually, before bug fixes are rolled into a general-distribution patches, service packs or new version, they are issued piecemeal as […]

Most people have long considered it a myth. Many years ago I was told dismissively, by smart people, that “well never run out of IP addresses!” But now people who really should know not only see it happening, they see the pool of IPv4 addresses exhausting in “late 2009 / early 2010.” Yikes! Thats just […]

ICANN Takes a Lick at Domain Tasting I recently became aware of a report by ICANNs staff called “GNSO Issues Report on Domain Tasting” for the At-Large Advisory Committee for an Issues Report on Domain Tasting. Domain tasting, as defined by the report itself, is: [a] monetisation practice employed by registrants to use the AGP […]

I think it was around the introduction of Authenticode that Microsoft talked a lot about how security is all about trust: Who do you trust? Who do you not trust? This is a tautology of security: It has to be true in any environment that you have to trust someone—the operating system kernel, for example. […]