Archive

Category Archives for "Internet Society"

The Week in Internet News: Google Moves to Make it Easier to Encrypt Cheap Android Devices

Easier encryption? Google engineers have created a new encryption regime that can run on cheap and underpowered smartphones, Wired.com reports. The Google effort takes established cryptographic tools and implements them in a more efficient way.

Email encryption required: The EU’s GDPR privacy regulation requires encryption at least at the transport layer for email, according to a recent ruling by Germany’s data protection authority. The ruling also suggests that transport layer encryption may not be enough for sensitive personal information, TechDirt says.

Encryption proposal questioned: India’s proposal to require tech companies to hand over encrypted communications is “not possible,” WhatsApp has said. The proposed rules are “not possible today given the end-to-end encryption that we provide and it would require us to re-architect WhatsApp, leading to a different product, one that would not be fundamentally private,” WhatsApp said in a Financial Times story.

Federal action: The U.S. White House is planning to take executive action to promote research and development related to Artificial Intelligence, advanced manufacturing, quantum computing, and 5G wireless technology, Reuters reports. There’s some concern that the U.S. is losing ground to countries like China.

AI could go awry: Microsoft has warned investors that its AI Continue reading

DNS Flag Day

The 1st of February was DNS Flag Day, which is an initiative of several DNS vendors and operators to address the problems of DNS name server implementations that are not in compliance with long-established DNS standards. This is causing the DNS to not only be unnecessarily slow and inefficient, but prevent operators from deploying new functionality including mechanisms to protect against DDoS attacks.

DNSSEC and other extended features of the DNS require EDNS0 (Extension Mechanisms for DNS – RFC 6891), and properly implemented name servers should either reply with an EDNS0 compliant response, or provide a regular DNS response if they don’t understand.

However, a lot of name server software is not implemented properly which has meant resolvers have had to incorporate workarounds when name servers don’t respond correctly. These cause unnecessary retries, delays, and prevent the newer features of the DNS being used.

As a result, the vendors of the most commonly used DNS software (BIND, Ubound, PowerDNS and Knot) will no longer be supporting these workarounds in new versions of their software, whilst a number of public DNS resolver operators (CleanBrowsing, Cloudflare, Google and Quad9) will no longer resolve hostnames served by broken name server implementations.

This may mean Continue reading

A Free and Open Course on Data Protection in the Post-GDPR World

Last year, we published “The Dawn of New Digital Rights for Finnish Citizens,” about the launch of the New Digital Rights MOOC, a collaboration between Open Knowledge Finland and the Internet Society’s Finland Chapter. Raoul Plommer wrote, “The aim of the project is to make citizens more aware of their digital rights, initially focusing on explaining GDPR (General Data Protection Regulation) and MyData…through a MOOC platform and series of workshops that create content and train people and organizations to use it.” Plommer has written an update on the project:

We have come a long way from the beginning of last year, when we were given funding for the project from Internet Society’s Beyond the Net Funding Programme, and Eurooppatiedotus, which is a sub-organization of the Finnish Foreign Ministry.

It took us several months to agree on what is essential to know about the General Data Protection Regulation (GDPR) and how we would present it to the general public. It was also challenging to get all the content done without actually paying everyone for all their hard work. Both of our funders had a strict limit on how much money could be spent on salaries (15% and 30%). On Continue reading

In Southeast Asia, Improving Livelihoods Through Crowdsourcing

The Southeast Asia region is one of the fastest growing regions in the world today. With rich natural resources, it has evolved into a highly industrialized region, inviting investors from all over the world. The riches however, are not enjoyed by all. According to one ASEAN report, close to 36 million of its population are still living below the international poverty line, with 90% of these people in Indonesia or the Philippines.

Realizing that ASEAN’s greatest asset is its people, various initiatives have been carried out to promote community-driven activities and people-to-people interactions aimed at narrowing the income gap in the region. Today, it still remains relevant for ASEAN member states to partner with private organizations to identify and finance poverty eradication programs in order to realize the Sustainable Development Goals and ASEAN Vision 2025.

The Internet Society Malaysia Chapter, through the Beyond the Net Medium & Large Grant programme, and in collaboration with Malaysian’s Ministry of Women, Family and Community Development, the University Utara Malaysia, and the Council of Deans for ICT Eduction (Region IX) Philippines, aims to train 400 women in Malaysia and the Philippines to use the MyHelper crowdsourcing application so that they can Continue reading

Routing Security – Getting Better, But No Reason to Rest!

Editor’s note: This is an abridged version of a post that was first published on MANRS.org. Read the full version.

In January last year I looked back at 2017 trying to figure out how routing security looked like globally and on a country level. I used BGPStream.com – a great public service providing information about suspicious events in the routing system.

The metrics I used for this analysis were number of incidents and networks involved, either by causing such incidents, or being affected by them.

An ‘incident’ is a suspicious change in the state of the routing system that can be attributed to an outage or a routing attack, like a route leak or hijack (either intentional or due to a configuration mistake). BGPStream is an operational tool that tries to minimize false positives, so the number of incidents may be on the low side.

Of course, there are a few caveats with this analysis – since any route view is incomplete and the intents of the changes are unknown, there are false positives. Some of the incidents went under the radar. Finally, the country attribution is based on geo-mapping and sometimes gets it wrong.

However, even if Continue reading

The Week in Internet News: Japan to Probe Residents’ IoT Devices

Government hacking: Japanese government workers will be able to hack into residents’ Internet of Things devices in an attempted survey of IoT insecurity, ZDNet reports. The Japanese government recently approved an amendment that allows the survey by employees of the National Institute of Information and Communications Technology. The government hacking effort is part of Japan’s preparation for the Tokyo 2020 Summer Olympics. Government officials are worried that other hackers might use compromised IoT devices to launch attacks against the games.

Evolving encryption: A story at TechTarget looks at the evolution of the Let’s Encrypt certificate authority, established in 2016. The free and automated certificate authority is “changing the industry in interesting ways” by making the certificate process less cumbersome, the story says. Meanwhile, a story at CSO Online looks at the Electronic Frontier Foundation’s efforts to encrypt the entire Internet and says that Let’s Encrypt is an important piece of that campaign.

Lagging encryption: Less than 30 percent of enterprise businesses encrypt their data across their on-premises environments, within their cloud services or on their mobile devices, according to a survey from French aerospace and security vendor Thales Group. A Computer Business Review story notes that encryption still isn’t widespread, Continue reading

Community Network Champions Take a Rural Dip in India

By Digital Empowerment Foundation

In the last 25 years, half the world has been connected to the Internet and the almost infinite opportunities it has to offer. Most of these, among the 3.5 billion connected individuals of the world, are people who are largely economically empowered, literate, and reside in urban or accessible areas. However, there is also half the world that is yet to get online and access what the Internet has to offer them.

The biggest barrier to widespread connectivity is the high cost of infrastructure. With many telecom companies unwilling or unable to build infrastructure in far flung and rural areas, large swathes of the world have remained in media darkness. Evidently, most of those who are excluded from digital ecosystems are people who are largely at the bottom of the pyramid and reside in rural or inaccessible areas. They are people who have not been connected by the mainstream Internet Service Providers (ISP) – and who may have to wait a long time to be connected.

So who will take the responsibility of connecting them?

It has to be the community themselves.

Over the years, community network providers have proved to be great enablers for Continue reading

Internet Society Botswana Chapter Hosts Webinar on the Internet of Things

The Internet of Things (IoT) is upon us. The exponential advancements are fast becoming a reality and Africa is a part of the current wave. On 13 December 2018, the Internet Society Botswana Chapter held an Internet of Things webinar at the University of Botswana Library to discuss local IoT-related implications. In attendance were approximately seventy-five individuals, including members of the public, academia, the developer community, and students.

A quick Internet search reveals that IoT can be synonymous with tracking and monitoring systems, wearables, and smart homes. These may not be relatable in the African context, but IoT prospective usage in farming, irrigation, and utilities management brings it home and introduces the possibilities of IoT being used to provide solutions that fit Africa’s needs. It therefore becomes important to implement a multistakeholder approach where governments and regulators provide high speed connectivity, infrastructure, and the right policies to foster local innovation.

The interactive session offered the participants an appreciation of the current IoT situation in Botswana. A remote presentation by Steve Olshansky, Internet technology program manager at the Internet Society explained the Internet Society’s view of IoT, the  OTA IoT Trust by Design Framework, and why we should ensure Continue reading

International Approach to Internet Policy Declining, Some Experts Say

A long-time multistakeholder and international approach toward creating Internet policy is breaking down, with individual nations and some large companies increasingly deciding to go their own way and create their own rules, some Internet governance experts say.

The multistakeholder decision-making model that created the Internet’s policy standards over the last two decades has largely fallen apart, with countries pushing their own agendas related to privacy, censorship, encryption, Internet shutdowns and other issues, some of the experts said Tuesday at the State of the Net tech policy conference in Washington, D.C.

Recent efforts to keep the Internet safe for free expression and free enterprise are “mission impossible,” said Steve DelBianco, president and CEO of Internet-focused trade group NetChoice.

Back in the early 2000s, the Internet was enabling the disruption of governments and powerful businesses by providing users ways to work around those organizations, DelBianco added. “Fifteen years later, I’d have to say that governments and big businesses have regained their footing and are reasserting control,” he said.

Many nations are looking for new ways to control Internet content and users, added Laura DeNardis, a communications professor at American University and a scholar focused on Internet architecture and governance.

For many Continue reading

Call for Participation – ICANN DNSSEC Workshop at ICANN64 in Kobe, Japan

ICANN 64 - image from ICANN

Will you be at the ICANN 64 meeting in March 2019 in Kobe, Japan? If so (or if you can get to Kobe), would you be interested in speaking about any work you have done (or are doing) with DNSSEC, DANE or other DNS security and privacy technologies?  If you are interested, please send a brief (1-2 sentence) description of your proposed presentation to [email protected] before  07 February 2019.

Call for Participation

The DNSSEC Deployment Initiative and the Internet Society Deploy360 Programme, in cooperation with the ICANN Security and Stability Advisory Committee (SSAC), are planning a DNSSEC Workshop during the ICANN64 meeting held from 09-14 March 2019 in Kobe, Japan. The DNSSEC Workshop has been a part of ICANN meetings for several years and has provided a forum for both experienced and new people to meet, present and discuss current and future DNSSEC deployments.

For reference, the most recent session was held at the ICANN Annual General Meeting in Barcelona, Spain, on 24 October 2018. The presentations and transcripts are available at: https://63.schedule.icann.org/meetings/901549https://63.schedule.icann.org/meetings/901554, and https://63.schedule.icann.org/meetings/901555.

At ICANN64 we are particularly interested in live demonstrations of Continue reading

New UN Tool Maps Asia-Pacific Cybersecurity Landscape

News of cyber attacks and personal data breaches frequently make headlines nowadays, particularly in Asia Pacific*, and every time a new incident happens, it deals a blow to the trust of some users. Since cyber threats are grave and growing, society must understand how policymakers are addressing cybersecurity concerns, and what can be done to strengthen trust.

A United Nations agency recently launched a tool to do exactly that. Against the backdrop of increasingly complex cybersecurity policies around the world, the portal aims to “enhance informed participation in key policy processes by all relevant stakeholders”, thus facilitating information sharing, capacity building, and trust and cooperation in cyberspace. We spent some time with it to evaluate the state of cybersecurity in Asia Pacific and to highlight the importance of the issue.

The Cyber Policy Portal, released this month by the United Nations Institute for Disarmament Research (UNIDIR), maps the global cybersecurity capability landscape, covering all 193 of the UN Member States, 13 intergovernmental organizations, including the Association of Southeast Asian Nations (ASEAN), and a number of multilateral frameworks.

The interactive map draws from public information and, where applicable, carries links to original documents. Systematically, it answers some of the salient questions Continue reading

The Week in Internet News: Placing Money on AI

AI manages your money: Artificial Intelligence may eventually replace your financial advisor, Forbes suggests. AI can already spot financial trends really fast, but it may eventually compete with the personal touch of a human advisor, the story says. “Because artificial intelligence learns so much faster than humans, it is simply a matter of time before artificial intelligence can read human nuances and have an emotional intelligence quotient that exceeds those of most humans. When that happens, in the next few years, financial advisers will have a hard time competing based on personal relationships.”

Banning news: Russia has moved to ban what the government defines as fake news, joining several other countries headed in the same direction, the Boston Globe reports. A second law bans the publication of information showing disrespect to government bodies and officials. The fake news law allows fines of up to US$15,000.

Less fake, more news: Despite headlines about the spread of fake news during the 2016 U.S. elections, a majority of U.S. residents didn’t see fake news on social media, two recent studies suggest. On Twitter, fake news appeared on the feeds of just 1.1 percent of users, according to one study detailed in Continue reading

This Data Privacy Day Take Steps to Protect Your Data

As champions of an open, globally-secure, and trusted Internet, International Data Privacy Day is a big deal around these parts.

But making sure you’re able to share what you want, when you want, should be something the world stands for more than once a year. Every day should be Data Privacy Day.

These days, it feels all too common to hear stories about policy or law enforcement officials trying to create backdoors into technologies like encryption. These backdoors could put our online security at risk.

Just a little over one month ago, Business Insider reported that smart home devices dominated Christmas 2018 sales on Amazon, while the Alexa app, which enables people to control those smart devices, was the most downloaded on Google Play and the Apple App store on Christmas Day.

As the Internet becomes more and more a part of our everyday lives, each of us can take actions to ensure that privacy and security are a top priority.

Let’s come together on Data Privacy Day to celebrate the possibilities an open, globally connected, trusted, and secure Internet brings. Here are ways you can help make it happen where you live:

(And don’t forget to make a cake! Continue reading

In India, Days Left to Comment on Rules That Could Impact Your Privacy

The public has until 31 January to comment on a draft set of rules in India that could result in big changes to online security and privacy.

The Indian government published the draft Information Technology [Intermediary Guidelines (Amendment) Rules] 2018, also known as the “Intermediary Rules” for public comment.

When it comes to the Internet, intermediaries are companies that mediate online communication and enable various forms of online expression.

The draft Intermediary Rules would change parts of the Information Technology Act, 2000 (the “IT Act”), which sets out the requirements intermediaries must meet to be shielded from liability for the activities of their users. The draft rules would also expand the requirements for all intermediaries, which are defined by the Indian government and include Internet service providers, cybercafés, online companies, social media platforms, and others. For example, all intermediaries would have to regularly notify users on content they shouldn’t share; make unlawful content traceable; and deploy automated tools to identify and disable unlawful information or content, among other new requirements.

Here’s some more background:

  • News reports are citing a number of concerns about the draft rules. Ours centers on their potential impact on the use of encryption.
  • Encryption is the process Continue reading

My Privacy Online: Championing Trust in the Era of IoT

Data Privacy Day is a little like celebrating the anniversary of your first date.

They are both a yearly occasion to reflect on the most important relationships in our life, the former with those who know the most about us, the latter with our significant other.

It’s also a reminder that relationships are built on trust – and how fragile that trust can be.

Privacy online relies on trust at its core. But as we become more reliant on connected devices and virtual assistants to handle our most intimate health, banking, and private information, we’re putting our trust into shaky hands.

Honesty is the foundation of trust and it’s just as important in our relationships with loved ones as those with data brokers. It’s crucial for data brokers to be honest with users about who, when, and how people have access to their personal data, especially as we transition into smarter homes and cities.

Let’s face it: there’s a huge market for the information we share online. Both U.S. and Canadian Internet companies are increasingly trying to collect our personal data – whether we know it or not.

It’s clear we want more control over our privacy, but each Continue reading

Moving Forward to an Internet That’s Interplanetary in Scope and Function

The IPNSIG (InterPlanetary Networking Special Interest Group) has been a Chapter of the Internet Society since February 2014. We are pleased to announce that we recently created a blog dedicated to everyone interested in IPN and DTN, and computer networking in general. It is a first step in providing nonspecialists with easy-to-understand explanations of what IPN is and how it works. Each week, we will post news about the exciting world of IPN, summaries of academic research, or links to IPN in the mainstream media. We’ll also be announcing upcoming IPNSIG events and activities.

Our mission
We aim to realize a functional and scalable system of interplanetary data communications before the year 2020. We will accomplish this objective by engaging the public’s interest in funding and executing the research and technology development necessary to make InterPlanetary Networking (IPN) a reality. We will educate them about the critical need for a reliable, scalable space data network to enable cost-effective exploration and eventual commercial use of the inner solar system. We will excite them about the potential role these same network systems technologies can play in solving communication problems here on earth.

What is IPN?
It is a solution to the constrained Continue reading

Introducing a new software platform that offers improved Chapter management functionality and much more

On 31 January, 2019, we will be launching our new association management software (AMS) that will offer many new capabilities to Internet Society members and Chapters.

During the roll-out of the new platform, the current AMS will be offline for several days (details below).

Internet Society members will be familiar with our current AMS if you have ever clicked on the “Member Login” link in the upper right corner of this web page. You also used the AMS if you logged into our Connect member forums or took an online course using our Inforum system. Chapter leaders have become very familiar with our AMS over the years, as it is the way they have interacted with their members and performed administrative functions for the Chapter.

Due to some functional limitations with the current AMS, we are replacing the system with a new AMS that will provide:

  • A more modern system with enhanced functionality and user interface
  • Core chapter management functionality to meet long-standing requirements/requests of our chapters
  • Improved global/regional performance, particularly in low-bandwidth environments, through the use of a content delivery network (CDN)
  • Events management capabilities
  • Complete server and software management by the vendor – consistent and timely updates/upgrades Continue reading

Community Networks: In Tanzania, Helping to Close the Connectivity Gap

Community established networks, also referred to as “community networks” (CNs), have existed for many years and provide a sustainable solution to address the connectivity gaps that exist in urban, remote, and rural areas around the world. While the global statistics estimate that about half of the world population has access to the Internet, the connectivity gap is wide between the developed and developing countries.

In Tanzania, there are 41.8 million voice telephone subscriptions and only 23 million Internet users. A study by Research ICT Africa reported that when Internet access is compared between rural and urban areas, 86% of rural dwellers remain unconnected to the Internet compared to 44.6% in urban areas. Similarly, in Tanzania, fewer women have access to and use of the Internet than men.

In order to address the connectivity challenges in Tanzania, the Internet Society Tanzania Chapter in partnership with the University of Dodoma, supported by Beyond the Net Funding Programme, has built a pilot project using TV white space as a community network solution. The deployed network has connected four educational institutions in rural Tanzania and at the same time provided Internet access to community members around the schools.

In order Continue reading

The Week in Internet News: IoT Hacked? Who Knows?

IoT survey: Nearly half of all companies using IoT devices don’t have mechanisms in place to detect if any of their devices have been hacked, according to a survey featured in a Fast Company story. Just 14 percent of the respondents to the Gemalto survey believe providing security is an ethical consideration.

Huge leak: More than 22 million unique passwords and 772 million email addresses were leaked and distributed by hackers in a folder named “Collection #1,” Mashable reports. The cache of emails and passwords were collected from several data, dating back to 2008.

Pushing back: WhatsApp is planning to fight India’s recent crackdown on encryption, FT.com reports. Indian policymakers have proposed rules that would allow authorities to trace the origin of encrypted messages, but WhatsApp says it will protest the proposals.

Fighting fake news: Japan’s government plans to come up with a plan to fight fake news by June, Japan Times says. The plan could include requiring social media companies to create codes of conduct. Several other attempts by governments to fight fake news have led to concerns about censorship, however.

AI as a weapon: Forbes.com has a story raising concerns about the weaponization of Artificial Intelligence. Continue reading

Consumer Electronics Show: Everything’s Connected, But What About Security and Privacy?

We spent last week at the Consumer Electronics Show (aka CES) in Las Vegas, with over 180,000 of our closest friends. And with 4,500 exhibitors present, you’d have less than 30 seconds at each booth if you wanted to talk to all of them. Many articles have covered the cool new things, so in this blogpost we are going to discuss our overall impressions as they relate to our work on consumer IoT security and privacy.

Not surprisingly, there were many interesting conference sessions and a wide variety of innovative products on display, including some that seemed to push the bounds of credibility in their claims. Integration of devices with voice-driven and other platforms was everywhere – Amazon Alexa, Google Assistant, Apple HomeKit, and Samsung SmartThings being the most widely adopted to date. 5G was a hot topic, especially for its improved speeds and flexibility, though specifics about its availability are still hard to pin down.

Everything these days is getting connected to the Internet – from cat toys to sports simulators to home automation. One area that seems to be gaining more traction because it has gone beyond the “gadget” stage and is solving real problems is health and Continue reading

1 27 28 29 30 31 69