Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

DNSSEC – A Way Forward for TLDs

CommunityDNS recently released a white paper regarding quicker adoption of DNSSEC by TLDs through the use of NSEC3+OptOut.

NSEC3+OptOut allows for:

• Quicker adoption of DNSSEC

• Less impact on Root scalability

• Flexibility for TLDs through incremental adoption

• Provides users with less exposures to current vulnerabilities

• Provides non-DNSSEC-aware users with a better user experience

• Allows organizational adoption based upon established objectives

Click here for more information.

ICANN be independent

The agreement (Joint Project Agreement, or JPA) between ICANN and the Department of Commerce is due to expire the 30th of September. The day before the JPA expires a new agreement goes into effect. The new agreement passes oversight to representatives of the general Internet community, therefore bringing in oversight from a more global perspective. Representatives of foreign governments will conduct regular reviews of ICANN in four areas.

• Competition among generic domains

• Handling of data on registrants

• Security of the network and transparency

• Accountability and the public interest

The U.S. will retain a permanent seat on the panel dealing with accountability and the public interest; the only panel on which the U.S. is to retain such a permanent seat.

Click here for more information.

UNC data breach exposes 163,000 SSNs

The University of North Carolina’s School of Medicine collected information based upon a federally funded mammography research project. Information was collected from 31 different sites from across the state. Records were kept on 236,000 women, with 163,000 of the records containing the participant’s social security numbers. While the breach was discovered in July, 2009, the hack was believed to have taken place as early as 2007.

Click here for more information.

Phishing fraud hits two year high

151,000 unique phishing attacks occurred during the second quarter of 2009, according to a recent report, with the favorite being organizations in the financial and payment services sectors. The prize being the ever sought-after credentials. The study revealed an average of 351 attacks per organization.

Click here for more information.

ISPs force rewrite of law

The Australian parliament recently tabled a bill that, based on wording, could have yielded ISPs to monitor the net. A bill being expanded beyond government protection of network administrators would have soon included all persons operating networks. This would now include businesses such as ISPs. Members of Electronic Frontiers Australia raised concern over the “generality” of the bill’s verbiage. The bill, as worded, could have expanded the purpose of an ISP from being a conduit for people to access the Internet to that of policing users of their respective networks.

Click here for more information.