"What's the harm in giving up my Twitter password?", you might say, "all someone can do is see my direct messages and post a tweet from me, right?"

Think again. The reality today is that social media services are used for far more than just posting updates or photos of cats. They also act as "identity providers" allowing us to easily login to other sites and services. 

We've all seen the "Login with Twitter" or "Continue with Facebook" buttons on various sites. Or for Google or LinkedIn. These offer a tremendous convenience. You can rapidly sign into sites without having to remember yet-another-password.

But...

... if you give your passwords to your social media accounts to someone, they could potentially[1]:

Today, the Internet Society, along with 50 organizations and trade associations and nearly 90 individual experts who care deeply about an open, trusted Internet, expressed our deep concerns that the U.S. Department of Homeland Security may require individuals to disclose their social media account passwords as a condition of entry into the United States.  Last week, the new U.S. Secretary of Homeland Security indicated that the U.S. government is considering such a policy as an element of border screening.

Today at the RSA Conference 2017 in San Francisco, our Chief Internet Technology Officer Olaf Kolkman will be speaking as part of a panel on:

Internet of Insecurity: Can Industry Solve It or Is Regulation Required?

The abstract of the session is:

I recently wrote about an agenda to mitigate the threats of insecure devices on the Internet of Things. One of the requirements expressed in that agenda is “For every product sold, there is a way that security researchers can responsibly disclose vulnerabilities found”.

Do you know someone who has played a significant role in the development and advancement of the open, global Internet?  Organizations and individuals from around the world are invited to submit nominations to the Internet Hall of Fame.

2017 marks a significant milestone for the Internet Society as we celebrate 25 years of dedication to an open, secure Internet that benefits all people throughout the world.  The Internet has come a long way since its earliest days, and the Internet Hall of Fame honors a select group of visionaries and innovators who were instrumental in the Internet’s development and advancement along the way.

Google in June stunned some in the broadband world by acquiring wireless provider Webpass and “momentarily” exiting the fiber stage. Hybrid wired/wireless networks became the Next Big Thing – for a month. But what if hybrid infrastructure is the key that unlocks the doors to the next level of community broadband success?

On September 30, 2016, the contract between the U.S. government and the Internet Corporation for Assigned Names and Numbers (ICANN) over the Internet Assigned Numbers Authority (IANA) ended. This marked a process of almost 20 years that started with the privatization of the Domain Name System (DNS) in 1998. With the contract expired, taking stock of the process becomes critical. What unfolded for more two years was not just about the transition of a set of functions, critical to the operation of the Internet: it was also about the ability of the Internet community to stay true to the practices that have historically made the Internet evolve and work better.

Starting at 9:00am US EST (UTC-5) today, January 23, the State of the Net 2017 conference will stream live out of Washington, DC. This annual event brings together politicians, U.S. Congressional staff and other policy makers to discuss the current state of Internet policy, particularly as it relates to U.S. positions and policies. Given the new U.S. President, this year's event should be of special interest. You can watch live at:

• http://www.stateofthenet.org/live/

We will have two Internet Society staff participating:

An extraordinary moment has arrived in the evolution of the internet. For all the transformation that has occurred over the 20+ years since the arrival of the World Wide Web and for the billions of people whose economic, civic and social circumstances have been improved, most people remain without internet connections.

Residing in every country, these unconnected billions still wait for affordable meaningful access to this essential service. Without access to the internet, people cannot even begin to participate in the global digital economy.

What will the Internet look like in the next seven to 10 years? How will things like marketplace consolidation, changes to regulation, increases in cybercrime or the widespread deployment of the Internet of Things impact the Internet, its users and society?

At the Internet Society, we are always thinking about what’s next for the Internet. And now we want your help!

The Internet is an incredibly dynamic medium, shaped by a multitude of pressures – be they social, political, technological, or cultural. From the rise of mobile to the emergence of widespread cyber threats, the Internet of today is different than the Internet of 10 years ago. 

Happy New Year!  Along with the excitement and expectations each new year brings, 2017 marks a significant milestone for the Internet Society. This year, we celebrate 25 years of dedication to an open, secure Internet that benefits all people throughout the world.

We all know how far the Internet has come since the early 1990’s, but today our work has never been more important. As the Internet ecosystem becomes increasingly complex, so too do the issues it faces. We have an important role to play in highlighting the challenges that need attention and in mapping out a path forward to safeguard and protect the Internet we believe in.

Did you know that 89% of top-level domains are now signed with DNSSEC? Or that over 88% of .GOV domains and over 50% of .CZ domains are signed? Were you aware that over 103,000 domains use DANE and DNSSEC to provide a higher level of security for email? Or that 80% of clients request DNSSEC signature records in DNS queries?

All these facts and much more are available in our new State of DNSSEC Deployment 2016 report. 

Towards the end of October 2016, several Indian banks announced they would be recalling millions of debit cards in the wake of a data breach that affected the backend of software that powered an ATM network there.

It was a situation that could have been better mitigated; a government-sponsored organization tasked with sharing information about data breaches completely missed the warning signs that a breach was taking place. As a result, no one connected the dots until millions of fraud cases had been detected.

Computer security analyst and risk management specialist Dan Geer used his keynote at the Black Hat conference in 2014 to make 10 policy recommendations for increasing the state of cybersecurity. Among his suggestions: mandatory reporting of cybersecurity failures, product liability for Internet service providers and software companies, and off-the-grid alternative control mechanisms for increasingly Internet-reliant networks like utility grids and government databases.

I caught up with Geer for an update on his proposals, and his views on the current state of cybersecurity.

The stadium lights ripped the darkness over an empty field.

They weren’t supposed to be on. The lights at Princeton University’s stadium, recently upgraded, should have followed an automated cycle, reducing the need for human oversight.

Instead, the lights went to war.

That’s how Jay Dominick, the vice president for information technology and the chief information officer for the Office of the Vice President for Information Technology at Princeton University, described to me what happened when I followed-up with him after he spoke at the Conference on Security and Privacy for the Internet of Things, held Oct. 16, 2016 at Princeton University.

With the news of a second, even bigger hack of Yahoo user data, common sense might conclude that consumers would be scurrying to batten down their Internet hatches. But a new study indicates otherwise, concluding that “security fatigue" has made many of us numb to the dangers lurking in cyberspace.

The Wandera 2017 Mobile Leak Report, a global analysis of almost 4 billion requests across hundreds of thousands of corporate devices, found more than 200 mobile websites and apps leaking personally identifiable information across a range of categories - including those that are essential for work.

Most notably, the study revealed: