We launched the campaign for Turris MOX – modular and open source router. As modularity is something new in this field, some users are quite confused and don’t know what should they pick. This article is here to help you a little bit decide which combination is the right one for you and help you understand why would you actually want modularity.
Together for better stability, speed and further extensibility of the DNS ecosystem
Over past years, various DNS software developers tried to solve the problems with the interoperability of the DNS protocol and especially its EDNS extension (RFC 6891 standard), by temporary workarounds, which aimed to lend their software an ability to temporarily accept various non-standard behaviors. Unfortunately, time has shown that this attitude of adding temporary workarounds is not a long-term solution, especially because the implementations not fully complying with standards were seemingly functional and there was no reason for a permanent fix. The result of these makeshift solutions is their accumulation in the DNS software, leading to a situation where there are so many of them that they themselves begin to cause problems. The most obvious problem is slower response to DNS queries and the impossibility to deploy new DNS protocol feature called DNS Cookies, which would help reduce DDoS attacks based on DNS protocol abuse.
Czech SIC votes for age 13
Czech children under age 13 who use Facebook or Instagram are less than four months away from becoming lawbreakers. What makes the situation even worse is the fact that unless a law is passed by this May that would set the threshold for the use of social networking services to 13 years, from that point their use, along with other services, will become illegal for every person aged from 13 to 16 who does not obtain consent of their parents. This issue has already been addressed in our blog by our colleague Jiří Průša. But let’s go deeper.
Welcome HaaS
Or, to be exact, you could welcome it last October, when we released its beta version. In the beginning, we were debugging it, while leaving the registration free, then came the stress test in the form of moving of all users of the Turris routers. We resolved all the issues and considered the suggestions, so nothing was in the way of launching HaaS — Honeypot as a Service.
Upgrade of the .CZ DNS or Behind the Scenes of Preparation and Implementation – Part Two
At the beginning of 2017, we started working on a project of augmenting infrastructure of authoritative DNS servers that keep the .CZ domain running. Our main motivation was to increase the resiliency of the DNS infrastructure against DDoS attacks – the risk that is constantly growing. The basic building unit of the new DNS infrastructure is the so-called “DNS stack”.
Almost 4 million new gTLDs disappeared in 2017
Last year was not a good year for new generic domain names (new gTLDs). While a number of domain names became available for registration, the total number of new domain names decreased for the first time in its history. While there were 27,710,468 domain names registered at the beginning of the year 2018, only 23,823,948 saw the end of the year. Domain holders in the Czech Republic had a total of 23,245 new gTLDs registered, i.e. less than 0.1 %.
For our children to continue using the Internet
The time before the GDPR enters into force is relentlessly ticking away. Do not worry, in this post I am neither going to paint scary pictures of what companies will have to face, nor make a list of what you should forget about when this law is enacted; I will “just” focus on the processing of personal data of children, namely the Article 8 that regulates the conditions for granting consent with processing of the child’s personal data in connection with information society services.
Nice and happy Christmas holidays and everything good in the new year 2018 wishes the CZ.NIC team
National telecom regulators discussed challenges in quality of service (QoS) measurement
On the 7th of December 2017, the MoQoS project held its first stakeholders´ workshop aimed at measuring the so-called Quality of Service of high-speed Internet using the crowdsourcing method.
Your Own Certification Authority in a Letsencrypt Style
Have you ever thought of automating the certificate issuing in your organization’s internal certification authority? How about using the same procedure as in Let’s Encrypt and the ACME protocol, while enjoying all the benefits ACME has to offer? The possible solution is to use Boulder. I will now try to break down for you the Boulder’s installation process and the pitfalls that I encountered during the setup.