The recent TF-CSIRT meeting in Zurich included a talk by the Swiss telecoms regulator (like ours, called Ofcom, though their 'F' stands for Federal!) on the law covering websites in the .ch domain that distribute malware, normally as the result of a compromise.

Nominet have announced a consultation on allowing (someone with a very long memory has pointed out to me that this is actually re-allowing) the registration of domains directly under the .uk top level domain, as well as in the familiar second-level domains such as .ac.uk, .co.uk, .org.uk, etc. Illustrating the sort of domain that could become possible, the proposed service is called Direct.uk

An interesting paper from ENISA and the NATO Cyberdefence Centre illustrates the narrow space that the law allows for incident response, and the importance of ensuring that new laws don’t prevent incident response teams from protecting networks, systems, their users and information against attack.

Malicious software, generally shortened to malware, is involved in a wide variety of security incidents, from botnets and phishing to industrial sabotage. Analysing what malware does and how it can be detected, neutralised and removed from infected computers is an important part of keeping networks and computers secure.

Given the outcome of previous hearings on copyright infringement, the court’s conclusion this week that the UK’s major ISPs should be ordered to block access to The Pirate Bay was no surprise. However the judgment raises an interesting technical issue. In a previous hearing, it had been pointed out that there was a way to get around blocks on individual web pages that would not be possible if the block instead referred to the IP address of the website as a whole.