Weekend Reads 100920

In 2007, ICANN’s Generic Names Supporting Organization Committee on New Top-Level Domains confirmed its rationale for the introduction of new Top Level Domains. It included a number of reasons, such as “to promote competition in the provision of registry services, and to add to consumer choice new gTLDs.”

Companies victimized by ransomware and firms that facilitate negotiations with ransomware extortionists could face steep fines from the U.S. federal government if the crooks who profit from the attack are already under economic sanctions, the Treasury Department warned today.

The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have jointly released an in-depth guide that not only includes recommendations on how you can reduce the chances of being the next ransomware victim, but also provide a step-by-step checklist for how to respond.

A not-so-funny thing has happened as organizations have transitioned to the cloud: In many instances, they have also lost accountability and forgotten about critical responsibilities.

Every time a government passes a law that affects the Internet, tech companies must ask themselves a critical question: can they still properly provide their services while protecting user privacy under the new rules?

Facebook recently announced it will be introducing smart glasses in collaboration with Ray-Ban. This will be the second major attempt at introducing the technology since the failed attempt by Google in 2011 when it introduced Google Glass.

It might be the worst-kept secret in all of cybersecurity: the FBI says don’t pay ransomware gangs. But corporations do it all the time, sending millions every year in Bitcoin to recover data that’s been taken “hostage.” Sometimes, federal agents even help victims find experienced virtual ransom negotiators.

The great problem with ignorance is that it leads to disaster when one acts in the belief that he (and not infrequently a corporate “it”) is invulnerable to error. The Uniform Domain Name Dispute Resolution Policy (UDRP) is fundamentally a straightforward rights protection mechanism, but as in all clearly written laws, ignorance of its application and of its evidentiary demands can (and generally does) lead to disaster.

But in all likelihood, dystopian technology will not strong-arm us. Instead, we’ll unwittingly submit ourselves to a devil’s bargain: freely trade our subconscious preferences for memes, our social cohesion for instant connection, and the truth for what we want to hear.

On Sept. 21, Russia’s Ministry of Digital Development, Communications, and Mass Media (Minkomsvyaz) released a draft law that would criminalize the use of internet protocols that, in its words, encrypt a website name. The specific protocols the law is targeting are a jargony alphabet soup: TLS 1.3, ESNI, DNS over HTTPS (DoH), and DNS over TLS (DoT). But they’re important encryption techniques that are already, to varying degrees, deployed online, including in Russia.

However, the DNS is simple in the same way that Chess or Go are simple. They are all constrained environments governed by a small set of rigid rules, but they all possess astonishing complexity.

A new ransomware strain called “Mount Locker” is demanding that victims pay multi-million dollar ransom payments to recover their data. According to Bleeping Computer, the ransomware first began making the rounds in July 2020.

As demand for streaming video continues to rise, service providers are encountering several significant issues that impact their viewers’ experience. Often, just when streaming video providers, especially OTTs, think they have enough capacity for everything and everyone, a new show becomes a hit, a promotion brings in new subscribers, or a global event suddenly increases demand; quickly, the quality of the experience declines.

In business meetings, it’s common to compare groups of numbers by comparing their averages. But doing so often hides important information in the distribution of the numbers in those groups. There are a number of data visualizations that shine a light on this information. These include strip charts, histograms, density plots, box plots, and violin plots. These are easy to produce with freely available software, working on groups as small as a dozen, or as large as thousands.

If you reduce systems down to their bare essentials, everything exists in those systems to manipulate data in memory, and like human beings, all that really exists for any of us is what is in memory. We can augment that memory with external storage that preserves state over time, but to do anything useful with that old state, you have to chew on it and bring it back into main memory for manipulation or analysis.