Quantcast
John Levine

Biography

John Levine, founder of Taughannock Networks, writes, speaks, and consults on e-mail, the Internet, and other computer topics. He has written over 20 technical books, and is the co-author of O'Reilly's lex & yacc, 2nd Edition and qmail. He's also deeply involved in Internet e-mail in general and spam issues in particular as co-chair of the Internet Research Task Force's Anti-Spam Research Group (http://asrg.sp.am ) and a board member of the Coalition Against Unsolicited Commercial E-mail (http://www.cauce.org.)

He lives and works in the tiny village of Trumansburg NY (http://www.trumansburg.ny.us) where he reports that being the municipal sewer commissioner was a much cleaner job than dealing with spammers.

Books

flex & bison flex & bison
by John Levine
August 2009
Print: $29.99
Ebook: $23.99

qmail qmail
by John Levine
March 2004
Print: $34.95
Ebook: $27.99

lex & yacc lex & yacc
by John Levine , Tony Mason , Doug Brown
Second Edition October 1992
OUT OF PRINT
starstarstarstarstar (3)
(Read Reviews)

Blog

John's blog posts are hosted at:
http://weblog.johnlevine.com/

A thought about not-quite-ASCII Top Level Domains

November 18 2009

ICANN has opened their new fast track process for "countries and territories that use languages based on scripts other than Latin" to get domain names that identify the country or territory in its own language. It's not clear to me what the policy is supposed to be for countries whose languages use extended Latin with… read more

The Tempest in the TLD Teapot

November 08 2009

At its recent meeting in Seoul ICANN announced with great fanfare that it's getting ever closer to adding lots of new Top Level Domains (TLDs). Despite all the hype, as I have argued before, new TLDs will make little difference. There are two mostly separate kinds of new TLDs. One is TLDs for countries in… read more

How do you do secure bank transactions on the Internet?

November 08 2009

Banks love it when their customers do their transactions on line, since it is so much cheaper than when they use a bank-provided ATM, a phone call center, or, perish forbid, a live human teller. Customers like it too, since bank web sites are usually open 24/7, there's no line and no need to… read more

How do you test spam filters?

October 31 2009

(Thanks to Chris Lewis for permission to adapt this) Everyone who uses e-mail needs spam filtering, and some filters definitely work better than others. Some people we know were trying to design tests of filter quality, which turns out to be extremely difficult. What one might call 'filtering quality' assessment, should be… read more

Helping banks fight phishing and account fraud, whether they like it or not

August 21 2009

On Wednesday, Project Honey Pot filed an unusual lawsuit against "John Does stealing money from US businesses through unauthorized electronic transfers made possible by computer viruses transmitted in spam." Their attorney is Jon Praed of the Internet Law Group, who is one of the most experienced anti-spam lawyers around, with whom I have worked in the past. The goal… read more

Are phishing and malware separate threats?

August 16 2009

Phishing is when bad guys try to impersonate a trusted organization, so they can steal your credentials. Typically they'll send you a fake e-mail that appears to be from a bank, with a link to a fake website that also looks like the bank. Malware offers another more insidious way to steal your credentials,… read more

Why can't we make the Internet secure?

August 08 2009

In a discussion about a recent denial of service attack against Twitter, someone asked Some class of suppliers must be making money off of the weaknesses. Anybody out there have a prescription for the cure? Sure, but you're not going to like it. The Internet was originally a walled garden, where its… read more

How unconscionable is the profit that Verisign makes from its registry?

July 11 2009

Verisign makes a great deal of money from the .COM and .NET registries. Can we tell how much they make, and how much that might change if the CFIT lawsuit succeeds? It's not hard to make some estimates from public information. The largest gTLD registry that Verisign doesn't run is .ORG, which was transferred… read more

Verisign fires back at CFIT and sets a trap for ICANN

July 05 2009

Last month the Ninth Circuit revived CFIT's anti-trust case against Verisign. On Thursday, Verisign filed a most interesting petition for rehearing. As you would expect, they offer a whole bunch of arguments about why the original decision to dismiss the case was right, and the appeals panel was wrong to reinstate it. Many of them are procedural,… read more

Three myths about DKIM

July 04 2009

The DKIM standard has been out for two years now, and we're starting to see some adoption by large mail systems, but there's still a lot of misunderstanding about what DKIM does and doesn't do. A DKIM signature means a message isn't spam Any a mail system can add a signatures to… read more

What are TLDs good for?

July 02 2009

Yesterday I said that the original motivations for adding new TLDs were to break Verisign's monopoly on .COM, and to use domain names as directories. Competitive registrars broke the monopoly more effectively than any new domains, and the new domains that tried to be directories have failed. So what could a new TLD do? Get… read more

Who needs more TLDs?

July 01 2009

ICANN's Sydney meeting has come and gone, with the promised flood of new top-level domains claimed to be ever closer to reality. Does the world need more TLDs? Well, no. Way back in the mid 1990s, it seemed obvious that Internet users would use the DNS as a directory, particularly once early web… read more

Appeals Court revives the CFIT anti-trust suit agaist Verisign

June 05 2009

Back in 2005 an organization called the Coalition for Internet Transparency (CFIT) burst upon the scene at the Vancouver ICANN meeting, and filed an anti-trust suit against Verisign for their monopoly control of the .COM registry and of the market in expiring .COM domains. They didn't do very well in the trial court, which… read more

Fight phishing with branding

June 04 2009

Phishing, stealing personal information by impersonating a trusted organization, is a big problem that's not going away. Most antiphishing techniques to date have attempted to recognize fake e-mail and fake web sites, but this hasn't been particularly effective. A more promising approach is to brand the real mail and real web sites. See more ... read more

Don't mess with the Manx

May 15 2009

I got a note from a college friend via Facebook yesterday, telling me about the clever 282.im domain. Gee, it looked just like Facebook, like, you know, a phish. Uh oh. See more ... read more