Previous month:
April 2010
Next month:
June 2010

May 2010

How to Avoid Skype Spam

Skype is an immensely popular voice and collaboration service. This makes it an attractive target for spammers and scammers. By investing a few minutes to adjust your Skype privacy you can avoid spam and privacy leaks. Here's what I recommend as best Skype practices.

Only allow calls, video, screen sharing and IMs from approved contacts. You can control who is allowed to place voice and video calls to your account, send you instant messages, and who can share your screen through Skype's Privacy Advanced Options. Begin by launching Skype. From the Skype menu pulldown, choose Privacy... Choose Privacy Settings and click on Show Advanced Options.

Windows users should consider these settings:

Allow Calls from... people in my Contact list only
Automatically receive video and screen sharing from... people in my Contact list only
Allow IMs from... people in my Contact list only

Under Skype WWW options, uncheck

Allow my online status to be shown on the web
Accept Skype browser cookies

Mac users can make similar choices from the Privacy panel, access via Skype Preferences: SkypePreferencesPrivacy

Manage your Contacts intelligently and you should be reasonably insulated from spam. (You can't be entirely free of spam since one of your Contacts might have his Skype account compromised and the attacker could use the compromised account to spam anyone the attacker can reach from that account.)

New Model for TLD Zone File Access

In February I blogged about an ICANN advisory group tasked to improve TLD zone file access. This group was asked to study whether the arrrangements for zone file access used today by gTLD registry operators scale to large numbers of TLDs. The group has released a strategy paper this week that defines a model for future zone file access that appears to scale well with a minimal impact on existing operators.

Several aspects of scale are considered in the Strategy Proposal, gTLD Zone File Access for the Future. To minimize legal overhead, streamline the application process and coordinate identity management, the report proposes that a consumer (e.g., anti-abuse and trademark protection organizations, researchers, academia...) contact an independent 3rd party - a clearinghouse - to apply for zone file access to multiple gTLD registry operators. This agent forwards the applicant's request and consent to comply to an AUP to registry operators for review. The agent also manages applicant identities, contact information and credentials and coordinates with registry operators to provision applicants.

The proposal attempts to preserve existing roles and operational functions of registry operators; for example, registries will provide file transfer service to consumers directly and will manage security for their individual services. However, the proposal also defines ways registries can relieve operational burdens for consumers by recommending application, access, and data format standards; specifically, consumers will benefit from having registries use a common delivery application (e.g., FTP) and having registries conform to host and file system naming conventions and data format standards.

Study the original concept paper carefully. It's is a classic application of Hegelian dialectic. The original concept paper offers a thesis: a third party could assume the entirety of roles for providing zone file access. An antithesis emerges: such an agent would be more costly than the current system and overly intrusive to registry operators. The proposed model is the synthesis: a hybrid that pushes the administrative-bureaucratic aspects of zone file access to a third party and left the operational roles to registries.

Share this observation the next time someone tells you that studying philosophy is a waste of time:-)