A separate Internet: The MIT Technology Review looks at the implications of Russia’s test to cut itself off from the rest of the Internet, scheduled for early April. The shutdown is a test of an Internet sovereignty law being considered in Russia, but it’s unclear how the country will actually accomplish the disconnect.
Clamping down: Egypt is cracking down on fake news with new rules that critics say are meant to curb dissent and restrict information the government believe is a threat to national security, The Hill reports. The country’s Supreme Media Regulatory Council can now block websites and some social media accounts with more than 5,000 followers for what it believes is “fake news” and can fine operators up to US$14,400 without getting a court order. Meanwhile, Russian President Vladimir Putin has signed two bills that critics say amount to censorship, Ars Technica says. One bill allows stiff fines for disseminating what the government determines is fake news, and the second allows fines and jail time for insulting government officials, including Putin.
Encrypting the IoT: The U.S. National Institute of Standards and Technology is looking at encryption methods to protect the Internet of Things and other computing devices against future encryption-cracking technologies, Continue reading
Let’s look at what’s happening in the Internet Engineering Task Force (IETF) and the upcoming IETF 104 meeting in the area of Internet infrastructure resilience. As usual, my focus here is primarily on the routing and forwarding planes, and specifically routing security and unwanted traffic of Distributed Denial of Service Attacks (DDoS) attacks. There’s interesting and important work underway at the IETF that can help addressing problems in both areas.
This time there are a lot of new ideas, especially of an operational nature, that people bring to the IETF in the form of Internet Drafts that aim to improve the security and resilience of the Internet infrastructure. So I’d like to introduce some of them to you, but keep in mind that an Internet Draft (I-D) does not necessarily indicate IETF endorsement. It also does not constitute a standard and may even not result in any work at the IETF.
So let’s look at what’s happening in BGP land.
In the recent paper “BGP Communities: Even more Worms in the Routing Can“, the authors demonstrated that Border Gateway Protocol (BGP) communities can be exploited by remote parties to influence routing in Continue reading
Last year, at the Internet Society Asia-Pacific and Middle-East Chapters Meeting, I was introduced to the series of easily-digestible and thought-provoking issue papers published by the Internet Society. Particularly, the one on digital accessibility had me shaking in disbelief. It stated that one in six people in the Asia-Pacific region lives with disability – that is a total of about 650 million people.
The Internet Society Pakistan Islamabad Chapter had always been active in promoting digital accessibility, but I realized that we need to do more, especially at the transnational level. Thus, the idea of organizing a regional forum on digital accessibility was born, and with support from the Internet Society Asia-Pacific Bureau, it became a reality.
The Regional Forum on Digital Accessibility was successfully held on 7 February in Islamabad. It brought together 120 participants, including Internet Society Chapter leaders from Afghanistan and Nepal, fellows from Sri Lanka, and speakers from India.
A major achievement emerging from the forum was the vow from Pakistan’s high-level government officials to include representation of persons with disabilities in the recently-established Prime Minister’s Task Force on Information Technology (IT) and Telecom that is developing a roadmap for Pakistan’s digital transformation. There was Continue reading
Le Chapitre Guinéen de l’Internet Society (ISOC Guinée) a célébré son 1er anniversaire le 9 février 2019 dans la salle de conférence de l’université de Simbaya (UniSim) sous le thème «A la découverte de l’Internet, Histoire et perspectives de l’Internet et de son écosystème en Guinée». Cet important événement a réuni 150 personnes pour marquer la présence de l’Internet Society en Guinée à travers le chapitre et mutualiser les efforts pour la promotion et le développement d’un Internet ouvert, globalement connecté, sécurisé et digne de confiance pour tous en Guinée. L’opportunité a aussi été donnée aux participants et membres du chapitre ISOC Guinée de découvrir le plan d’action 2019 de l’Internet Society et voir comment cela peut se décliner en projets et activités concrètes au niveau local.
La célébration de ce 1er anniversaire du chapitre ISOC Guinée a été soutenue financièrement par le programme de financement Beyond the Net de l’Internet Society et autres partenaires locaux du chapitre dont l’université de Simbaya (UniSim).
Au cours de cette célébration, il a décidé de rendre la date du 30 décembre de chaque année comme une date historique pour le chapitre afin de renforcer les relations d’amitié et de fraternité entre Continue reading
The Internet Engineering Task Force (IETF) is the premier Internet standards body, developing open standards through processes to make the Internet work better. It gathers a large, international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. Core Internet technologies such as DNS, routing and traffic encryption use protocols standardized at IETF.
The IETF holds three meetings yearly which are livestreamed and can be followed individually, or with others sharing similar interest at a common venue. The next IETF meeting will be held from 25-29 March 2019 in Prague. The usual audience for an IETF meeting is network engineers, system engineers, developers, and university students or lecturers in information technology fields.
The Internet Society Africa Regional Bureau is running an initiative to encourage remote participation in IETF meetings that aims to promote the work of the IETF. IETF Remote Hubs aim to raise awareness about the IETF and allow those who cannot travel to a meeting to participate in the meeting remotely. The meetings are streamed in English only.
Join one of the following IETF Remote Hubs in your area, raise your awareness about the IETF and engage in the various topics of Continue reading
For many years we have produced a series of blog posts as a Rough Guide to each upcoming IETF meeting usually in the week prior to the meeting. The Rough Guides were intended to provide a snapshot of IETF activity of interest to the Internet Society because of programmatic activity that we were engaged in. They were also an opportunity to highlight the activities sponsored directly by the Internet Society that were happening adjacent to the upcoming IETF meeting.
Rough Guides were intended to help guide a non-specialist but technically minded audience to the hot topics and debates of interest at each upcoming IETF meeting with pointers to the agenda and remote participation possibilties. Originally intended to help spur meeting attendance by those interested in the key topics, they became a way to highlight important discussions taking place and ways to get involved in person or remotely.
As we are now less than a week away from the IETF 104 meeting in Prague it seemed like the right time to share an update regarding our plans for writing about IETF activity. We have decided to discontinue producing the Rough Guides. Instead, we will be helping to supply relevant, high-quality content Continue reading
Competing visions: The World Economic Forum’s blog looks at four competing visions of the Internet that it sees emerging. These include Silicon Valley’s open Internet, Beijing’s paternal Internet, Brussels’ bourgeois Internet, and Washington’s commercial Internet. Will one vision win out?
Searching for fakes: WhatsApp, the popular messaging app owned by Facebook, is testing reverse image search in its efforts to battle fake news, TheNextWeb reports. The chat app may use Google APIs to compare the targeted image with similar pictures as a way to filter out doctored images.
Working against itself: An Artificial Intelligence that can right fake news articles may also be useful for spotting them, the MIT Technology Review says. Recently, OpenAI withheld the release of its new language model on fears that it could be used to spread misinformation, but researchers say the tool may be useful for the opposite effect.
Privacy laundering: Lawfareblog.com take a hard look at Facebook’s recent announcement that it was moving to end-to-end encryption. The social media giant won’t fix its privacy problems with the move, however, the article says. “Facebook’s business model is the quintessential example of ‘surveillance capitalism,’ with user data serving as the main product that Facebook sells to Continue reading
Trying to remove cyber security risks from the growing world of connected things is not an easy task. That said, there’s no time like World Consumer Rights Day to give Canada a shout out for its global leadership to champion a safer digital future for all.
Recognizing the need to secure the Internet of Things (IoT), the Internet Society, in partnership with the Ministry of Innovation Science and Economic Development (ISED), the Canadian Internet Registration Authority (CIRA), Canadian Internet Policy and Public Interest Clinic (CIPPIC), and CANARIE, led a voluntary multistakeholder process to develop a broad-reaching policy to ingrain security at the core of innovation in Canada.
Over the past year, we led a series of meetings with business leaders, technical experts, government representatives, civil society, and academia to discuss challenges and recommend the best ways to address them. We gathered feedback through in-person and online attendance. Collectively, these efforts, combined with well-rounded research and documentation, formed the Canadian Multistakeholder Process for Enhancing IoT Security.
Rather than a top-down, government-imposed regulatory model, our multistakeholder approach helped us balance roles and contributions among the group. By working in a way that includes feedback from all participants, we are developing IoT security Continue reading
We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions, and mentioned some of the protocols that have been recently developed to improve user privacy.
To complement this, we are publishing our DNS Privacy Frequently Asked Questions (FAQ). This highlights and provides answers to the most important aspects of DNS privacy.
Please also check our DNS Privacy page for more information!
Recently, owners of expensive smart shoes found themselves at loose ends. Unable to pair the shoes to their smart phone app, they couldn’t tighten their self-lacing sneakers. It sounds like science fiction, but this really happened.
From dental sensors that can monitor what a person eats to kitty litters that can track a cat’s every movement, it can be difficult to sort fact from fiction when it comes to the Internet of Things (IoT). Can you tell which is real and which is not?
Fact or Fiction? The voice came from inside the Arizona man’s home – his home security camera to be exact. “You’ve never met me. I’m just a hacker.” Fortunately, it was a friendly hacker, alerting the household to a vulnerability in their home security system.
Fact or Fiction? A couple returned home to find that their carpet had been worn through by their overzealous Internet-connected vacuum cleaner. A hacker had programmed it to clean one square foot of their carpet for several Continue reading
Almost every time we use an Internet application, it starts with a DNS (Domain Name System) transaction to map a human-friendly domain name to a set of IP addresses that can be used to deliver packets over the Internet. DNS transactions can therefore be correlated to the applications we use, the websites we visit, and sometimes even the people we communicate with.
While the domain name information itself is public, the transactions performed by the hosts are not. Unfortunately, the DNS does not inherently employ any mechanisms to provide confidentiality for these transactions, and the corresponding information can therefore easily be logged by the operators of DNS resolvers and name servers, as well as be eavesdropped by others.
So we are publishing our Introduction to DNS Privacy to raise awareness of the privacy implications of the DNS, and the mechanisms that have been recently developed to improve user privacy.
Please also check our DNS Privacy page for more information!
For more than a decade, different organizations from civil society and the private sector have been involved in efforts to establish an Internet Exchange Point (IXP) in the Dominican Republic, with no success. Possible causes were either lack of interest at the time, the maturity level of the ICT sector, or even lack of financial support. The Internet Society Dominican Republic Chapter decided to discuss those outcomes with different stakeholders and promote an atmosphere to proceed when the moment was right.
Among efforts from the past, it is important to mention two of them, which made important advances: (1) the datacenter firm NAP del Caribe (NDC), invited interested local Internet Service Providers (ISP) to establish either an IXP or private peering; (2) the academic sector worked to establish a local research network, Red de Avanzada Dominicana de Estudio e Investigación (RADEI), which sought the support of the local regulator Instituto Dominicano de las Telecomunicaciones (INDOTEL).
In 2017, the Internet Society Chapter Dominican Republic (ISOC-DO) board, after considering past efforts and brainstorming on different approaches to succeed in the IXDO initiative, taking inspiration on the regional trends, and locating experts to support our goal, decided to design the annual Continue reading
It is often argued that IPv4 practices should be forgotten when deploying IPv6, as after all IPv6 is a different protocol! But we think years of IPv4 operational experience should be leveraged as much as possible.
So we are publishing IPv6 Security for IPv4 Engineers as a roadmap to IPv6 security that is specifically aimed at IPv4 engineers and operators.
Rather than describing IPv6 in an isolated manner, it aims to re-use as much of the existing IPv4 knowledge and experience as possible, by highlighting the security issues that affect both protocols in the same manner, and those that are new or different for the IPv6 protocol suite. Additionally, it discusses the security implications arising from the co-existence of the IPv6 and IPv4 protocols.
Be sure also to check our IPv6 Security page as well!
Asia Pacific Regional Internet Conference on Operational Technologies (APRICOT) 2019, said to be the largest technical conference in the region, drew hundreds of the world’s leading Internet engineers from over 50 countries to Daejeon, South Korea last week.
The Internet Society, a long-time partner of the event, contributed to the event by not only sponsoring over a dozen of fellows to travel there, but also made multiple high-profile appearances in various sessions, including the opening keynote speech.
The Internet Society’s President and CEO Andrew Sullivan delivered the keynote Up and Down the Stack Through a Nerd’s Eyes: Making the Internet Better the Internet Way with hundreds of people present, including Tae-Jeong Her, Mayor of Daejeon, and Dr Hee-yoon Choi, President of organiser the Korea Institute of Science and Technology Information (KISTI), a government research institute.
Now that so many people depend on the Internet, it is no surprise that businesspeople, policymakers, regulators, and politicians all want a say in the way the Internet evolves. But some of the proposals for the future of the Internet, Sullivan said, betray fundamental misunderstandings of the way the Internet works. The talk urged us all to continue to engage with the big questions Continue reading
Back around 1991, I was traveling throughout the eastern USA teaching an “Introduction to the Internet” course I had written. The students were mainly from telecom, financial, and software companies wanting to know what this Internet thing was all about. I taught about IP addresses and DNS, using email, sending files with FTP, using archie and veronica to find info, engaging in USENET discussions, and using Gopher to explore “gopherspace”.
At the end of the course, one of the final sections was on “emerging technologies”. And there, nestled in with HyTelnet and WAIS, was one single page about this new service called the “World-Wide Web”.
And all the page really said was: telnet to info.cern.ch, login as “www”, and start pressing numbers to follow links on the screen.
That was it! (and you can still experience that site today)
We had no idea in those very early days that what we were witnessing was the birth of a service that would come to create so much of the communication across the Internet.
In only a few short years, of course, I was teaching new courses on “Weaving the Web: Creating HTML Documents” and Continue reading
The Internet Society recognises that global deployment of the IPv6 protocol is paramount to accommodating the growth of the Internet. Given the scale at which IPv6 must be deployed, it is also important that the possible security implications of IPv6 are well understood and considered during the design and deployment of IPv6 networks, rather than as an afterthought.
We are therefore publishing our IPv6 Security Frequently Asked Questions (FAQ), which highlights and provides answers to the most important aspects of IPv6 security.
Be sure also to check our IPv6 Security page as well!
Uncomfortable AI: Inc.com has a story asking 16 “uncomfortable” questions that companies should ask about Artificial Intelligence. Among them: Are your reasons for deploying AI in the best long-term interests of humanity? And, how can we ensure that our behavior is inclusive?
Russia attacks fake news: Russian lawmakers have passed two bills, one that outlaws the spreading of fake news, at least as determined by the government there. Another bill makes it illegal to “disrespect” authorities in Russia, the BBC reports. Both bills come with heavy fines, and critics said the laws will limit the ability of journalists to report critical information.
The way forward: Facebook believes encrypted communications and privacy are its future, Recode reports. CEO Mark Zuckerberg outlined the website’s commitments to private messaging in a lengthy blog post.
The way backward: A teen who decided to get himself vaccinated said his mother got misinformation about the dangers of vaccines on Facebook, USA Today says. Ethan Lindenberger, an 18-year-old from Ohio, asked Reddit users if he should get vaccinated as an adult. There’s never misinformation on Reddit, of course.
Break ‘em up: U.S. Senator Elizabeth Warren, who is running for president in 2020, wants to break Continue reading
If you follow the IPv6 Maintenance (6man) Working Group of the Internet Engineering Task Force (IETF), you may have noticed the 300+ message email thread on an Internet Draft that was recently published on the “Reaction of Stateless Address Autoconfiguration (SLAAC) to Renumbering Events”. This was prompted by the experiences of developing Best Current Operational Practice on IPv6 prefix assignment for end-users, an activity led by ISOC’s Jan Žorž and published as ripe-690.
SLAAC is used to automatically assign an IPv6 address to a host, but there are a number of scenario where hosts may end up using stale configuration information and thereby leading to interoperability problems.
For example, a typical IPv6 deployment scenario is when a CPE (Customer Premises Equipment) router requests an IPv6 prefix to an ISP via DHCPv6-PD, and advertises a sub-prefix of the leased prefix on the LAN-side via SLAAC.
In such scenarios, if the CPE router crashes and reboots, it may lose all information about the previously leased prefix. Upon reboot, the CPE router may be leased a new prefix that will result in a new sub-prefix being advertised on the LAN-side of the CPE router. As a result, hosts will normally configure addresses for the newly-advertised prefix, Continue reading
We’re celebrating International Women’s Day this year with great news: The Internet Society welcomes a new Chapter in Lesotho – and the Chapter’s president, vice president, treasurer, secretary, as well as a board member are all talented tech women.
Lesotho is a small landlocked country within South Africa, where less than a third of its population is connected to the Internet. One of the Lesotho Chapter’s key priorities this year is to start an “Internet for Education” project, which aims to encourage five schools to use the Internet to support teaching and to improve the quality of education.
Please join us in welcoming the Lesotho Chapter, then learn about its President Ithabeleng Moreke and other women around the world who are using the Internet to make a difference in their communities!
Ithabeleng Moreke enjoys the world of the Internet and all things networks, the technology behind it, and Internet security – and how they affect our everyday lives. She’s worked as network engineer for the government of Lesotho and is now with Vodacom Lesotho.
How can the Internet change lives in rural and remote regions? Deutsche Welle, Germany’s public broadcaster, asks these questions in three stories that explore community networks in Zimbabwe, the Republic of Georgia, and South Africa.
Read about the community networks and listen to their stories!
Murambinda Works started as an Internet café in 2002 in the Buhera District in eastern Zimbabwe. Since then it’s grown to provide training in computer literacy for teachers at nearly 218 primary and secondary schools. Murambinda Works, in partnership with the Internet Society and others, is also working to connect eight schools, one nurse training school, and offices of the Ministry of Education.
Tusheti, a mountainous, isolated region in the Republic of Georgia, had been left unconnected by commercial operators. The Internet Society partnered with its Georgian Chapter and other local organizations to help build access to the Internet, which was completed in 2017. (The Tusheti community network was also profiled in The New York Times.)
The Zenzeleni Network in Mankosi, is one of South Africa’s most economically disadvantaged communities. Zenzeleni – which means “do it yourself” in the local language, isiXhosa – was launched in 2012 to provide affordable voice service Continue reading