Registration Open for “Cyber Diplomacy Meets InfoSec and Technology” Alongside IETF 102
As we recently announced, the Global Commission on the Stability of Cyberspace (GCSC) will host a lunch panel on “Cyber Diplomacy Meets InfoSec and Technology” alongside IETF 102 on Tuesday, 17 July. Registration opens today in two time slots for global time zone fairness, at 08:00 UTC and 20:00 UTC. Register here.
The Global Commission on the Stability of Cyberspace is developing norms and policy initiatives that intend to counter the risk to the overall security and stability of cyberspace due to rise of offensive cyber-activities, and especially those by states. During this session, the Commission wants to inform and engage with the IETF community on its work so far and the work that is in the pipeline.
The Internet Society is assisting with logistics. Internet Society Chief Internet Technology Officer and GCSC Commissioner Olaf Kolkman will moderate the panel. The panelists are:
- Irina Rizmal, researcher at the DiploFoundation specialized in policy analysis in matters pertaining to national security and defense.
- Bill Woodcock, Commissioner and Executive Director at Packet Clearing House, the non-profit agency that supports critical Internet infrastructure.
- Jeff Moss, Commissioner, founder of Black Hat and Defcon, member of the DHS security council, Continue reading
A Deeper Dive Into Public DNS Resolver Quad9
There are plenty of public DNS resolvers. The best known was Google Public DNS i.e. 8.8.8.8 and 8.8.4.4 for IPv4 and 2001:4860:4860::8888 and 2001:4860:4860::8844 for IPv6. But there are a few other options available now, each with different policies and technical features.
Two new Public DNS resolvers were recently launched. Quad9 (launched Nov 2017) and 1dot1dot1dot1 (launched Apr 2018). We have already covered 1.1.1.1 in detail in a recent blog. So let’s talk about Quad9 (9.9.9.9).
The Global Cyber Alliance (GCA), an organization founded by a partnership of law enforcement (New York County District Attorney and City of London Police) and research (Center for Internet Security – CIS) organizations focused on combating systemic cyber risk in real, measurable ways, partnered with IBM and Packet Clearing House (PCH) to launch a Global Public Recursive DNS Resolver Service. Quad9 protects users from accessing known malicious websites, leveraging threat intelligence from multiple industry leaders; it currently blocks up to two million threats per day.
A handy little infographic on the Quad9 website helps show how it works. Essentially, you set up Quad 9 as your Continue reading
Leading Uruguayan Students to Thrive in the Future Economy
Current researches show that children are exposed to both increased risks and increased opportunities when accessing the Internet and using apps and social media. The UNICEF’s “Children in a Digital World” 2017 report takes a comprehensive look at the different ways digital technology affects children. It is critical that children have necessary training in digital literacy to acquire the skills to minimize risks and to confidently navigate the web to maximize their opportunities. Evidence suggests that technology has benefits where positive human forces for learning are already in place.
The University of the Republic in partnership with the Internet Society Uruguay Chapter and the financial support of the Beyond the Net Funding Programme has taken significant steps to help children and teenagers to develop digital skills in a creative and innovative way in three of the nineteen segments in which Uruguay is politically divided, Paysandú, Rivera, and Salto. Their project Flor de Ceibo Conecta2 aims to train young people from disadvantaged communities using digital resources in creative and challenging learning classes to help them improve their everyday lives and expand their chances for a better future.
María Julia Morales González, project manager and professor at the Department of Sociology and Continue reading
Tracking DNSSEC: See the Deployment Maps
Did you know the Internet Society Deploy360 Programme provides a weekly view into global DNSSEC deployment? Each Monday, we generate new maps and send them to a public DNSSEC-Maps mailing list. We also update the DNSSEC Deployment Maps page periodically, usually in advance of ICANN meetings.
DNS Security Extensions — commonly known as DNSSEC — allow us to have more confidence in our online activities at work, home, and school. DNSSEC acts like tamper-proof packaging for domain name data, helping to ensure that you are communicating with the correct website or service. However, DNSSEC must be deployed at each step in the lookup from the root zone to the final domain name. Signing the root zone, generic Top Level Domains (gTLDs) and country code Top Level Domains (ccTLDs) is vital to this overall process. These maps help show what progress the Internet technical community is making toward the overall goal of full DNSSEC deployment.
These maps are a bit different from other DNSSEC statistics sites in that they contain both factual, observed information and also information based on news reports, presentations, and other collected data. For more information about how we track the deployment status of TLDs, please read our page Continue reading
Montenegro: Learning Coding in Primary School
Although coding has yet to be upgraded from an extracurricular activity, a growing number of countries are introducing programming as part of the school syllabus. Coding is considered a new literacy that is becoming more-and-more important as technology innovation is impacting every field of human knowledge. Educators have a key role in teaching primary school children to be passionate about computer science and stimulating their imagination and spirit of competition to solve problems. Learning how to code starting in elementary school helps pupils acquire skills that will be relevant in tomorrow’s labour market and get the highest-paying entry level jobs as they become college graduates.
Motivated by a successful programming course held in 2017, the Internet Society Montenegro Chapter decided to organize a CodeWeek Java Programming and applied for the Beyond the Net Funding Programme Chapter Small Projects, an initiative intended to assist Internet Society Chapters with financial support to fund small projects such as events, learning opportunities, skill development, and networking with local entities.
“This was more than great. I had fun in every sense of that word. I would recommend this course to every friend. Can’t wait till next year!”
“I like this way of studying. Continue reading
Meeting Europe’s Connectivity Challenge: The Role for Community Networks
While Europe tops many charts in terms of Internet connectivity in global comparison, a number of challenges still persist. One of these challenges is the continuing urban-rural digital gap, which concerns many countries both in Western and Eastern Europe.
According to Eurostat, on average in the European Union (EU) 88% of households in urban areas are connected to broadband as opposed to 79% of rural households. (Broadband connection is defined as “a connection enabling higher than 144 Kbit/s download speed”, European Commission 2016.) In a few Southern and Southeastern EU countries, the broadband gap between urban and rural areas is well above 20%.
The Internet Society partnered with the Centre for European Policy Studies (CEPS) to examine the digital gap in Europe and to assess the role of community networks in the European context. This new paper looks at five different community network examples from around Europe and draws some key lessons learnt from these experiences.
Community networks are not a new thing in Europe. In fact, some of the well-established ones date back to the 1990’s. Community networks provide a innovative solutions to unserved or underserved areas, where the business case for investment by commercial operators is Continue reading
ISOC advocates good MANRS within European R&E community
The Internet Society will be participating in the GÉANT Services and Technology Forum this week, as it continues to develop its relationship with research and education networking in support of improved routing security. GÉANT is the pan-European networking activity that connects and supports 41 National Research and Education Networks (NRENs), and which recently joined the MANRS initiative.
R&E networks are especially important partners for improving the security and resilience of the global routing system, as they are generally not in competition with each other and are able to take a collective lead in addressing global networking problems. As historically early adopters of initiatives, they are also able to set the example for security proficiency and offer a unique selling point to their customers.
The MANRS initiative is also keen to utilise the expertise of the R&E community in capacity building, and providing input and feedback on the MANRS Observatory that is being developed to provide analysis of the state of the security and resilience of the routing system.
There are currently eleven (N)RENs participating in MANRS including GÉANT (Europe), NORDUnet (Nordic countries), CSC/FUNET (Finland), RUNNET (Russian), SUNET (Sweden), SURFnet (Netherlands) and BelWue (Baden-Württemberg/Germany) in Europe. Other participants elsewhere in the world Continue reading
Future Thinking: Roxanne Varza on the Internet Economy
In 2017, the Internet Society unveiled the 2017 Global Internet Report: Paths to Our Digital Future. The interactive report identifies the drivers affecting tomorrow’s Internet and their impact on Media & Society, Digital Divides, and Personal Rights & Freedoms. In April 2018, we interviewed two stakeholders –Biddemu Bazil Mwotta, who introduced an agribusiness app, and Roxanne Varza, the director of a startup incubator – to hear their different perspectives on the forces shaping the Internet.
Roxanne Varza is the director of Station F, a large and popular startup incubator in Paris which recently celebrated its first full year of operation and is already reported to be the largest startup campus in the world. Situated in a former railway shed, Station F provides a vibrant hub for more than 3,000 entrepreneurs and businesses, including upcoming as well as established organizations like Facebook, L’Oréal, and Microsoft. Born in California to Iranian parents, Roxanne moved to Paris in 2009 where she led Microsoft’s startup activities in France before joining Station F, which was created by the French billionaire Xavier Niel. (You can read Biddemu Bazil Mwotta’s interview here).
The Internet Society: With more than 1,000 startups in its halls, Station F Continue reading
Future Thinking: Biddemu Bazil Mwotta on the Internet Economy
In 2017, the Internet Society unveiled the 2017 Global Internet Report: Paths to Our Digital Future. The interactive report identifies the drivers affecting tomorrow’s Internet and their impact on Media & Society, Digital Divides, and Personal Rights & Freedoms. In April 2018, we interviewed two stakeholders –Biddemu Bazil Mwotta, who introduced an agribusiness app, and Roxanne Varza, the director of a startup incubator – to hear their different perspectives on the forces shaping the Internet.
Biddemu Bazil Mwotta, a 25 under 25 awardee, introduced the mobile-agribusiness-app AgroDuuka, which connects farmers directly with buyers in Uganda, his home country. AgroDuuka creates a market for local farmers, where there was none before, and eliminates the cost of working through intermediaries. To date, it has connected more than 800 smallholder farmers from 36 villages to buyers throughout Uganda. (You can read Roxanne Varza’s interview here).
The Internet Society: The AgroDuuka app, which you developed, bridges traditional barriers for farmers who want to access new markets by connecting them directly with buyers. Why did you develop the app?
Biddemu Bazil Mwotta: I grew up in an agricultural community in rural Uganda. My mother is a farmer, and I always used to Continue reading
The Week in Internet News: WiFi Gets a New Security Standard
A more secure Wi-Fi: The Wi-Fi Alliance has released the new WPA2 standard for WiFi that’s designed to mitigate several long-standing security problems. Among the fixes: The new standard mandates stronger WiFi passwords, Wired.com reports. The new standard also will include 192-bit encryption. The alliance also published the new WiFi Easy Connect protocol, designed for IoT devices that have limited or no display, says SlashGear.
Wait for us, says email: The Electronic Frontier Foundation, one of the organizations behind the HTTPS-encryption initiative Let’s Encrypt, has launched an email server encryption project called STARTTLS Everywhere. The project is designed to help admins run more secure email servers, Engadget reports.
AI targets fraud: Insurers are increasingly turning to artificial intelligence technologies to root out fraud, Fast Company says. AI can help pick out inconsistencies and unusual patterns to identify “sophisticated rings of fraudsters rigging auto accidents” and people exaggerating the worth of their damaged property.
AI also examines eruptions: Scientists at the Earth-Life Science Institute in Tokyo are using AI to help predict the types of eruptions coming from volcanos, says Phys.org. By examining tiny particles of volcanic ash, the AI is predicting the types of eruptions coming from Continue reading
Announcing the Internet Society’s New President and Chief Executive Officer
Today is an exciting day for the Internet Society. It gives me great pleasure to announce, on behalf of the Internet Society’s Board of Trustees, that Andrew Sullivan has been selected as the Internet Society’s new President and Chief Executive Officer (CEO). He will formally take up his position on September 1, 2018.
This selection now successfully concludes the CEO search process we began last November.
The CEO selection process involved extensive work on the part of the Board but gave us much food for thought. We received a wealth of extremely impressive applications from more than a hundred internal and external candidates covering a huge range of talent and experience. We had some thought-provoking conversations as part of the process and I would like to express my sincere appreciation to everybody who applied for the position.
I believe Andrew’s success in being selected for this crucial role represents an enormous opportunity for the Internet Society and the global Internet.
Andrew brings a wealth of Internet industry and technology experience with him. He has served in a number of past roles, including time at Dyn, now a Global Business Unit of the Oracle Corporation, managing Domain Name System (DNS) development Continue reading
Enhancing IoT Security Project Continues with Second Successful Multistakeholder Event in Ottawa
The Enhancing IoT Security project hosted its second multistakeholder event on June 21, 2018. This meeting served as an opportunity for new participants to join the conversations and for participants of the first meeting to continue working toward consensus on IoT security norms that would empower consumers and ensure network resiliency. A group of 30 individuals met in Ottawa, with another 16 joining virtually, to prioritize the action items from the last meeting and establish working groups that will collaborate and conduct further research for each item. Participants included representatives from private sector companies, public interest groups, the technical community, academia, and government agencies, and each offered unique and valuable insights to the project. Andrew Sullivan, Fellow at Oracle/Dyn, facilitated this discussion and the creation of the working groups.
The meeting began with a discussion about the ten outputs from the first multistakeholder event. The group agreed that it should prioritize work on a few outputs to begin and then expand the projects scope as necessary. Participants decided to focus on the following three issue areas:
- Labeling
- Consumer education and awareness
- Network resiliency
Participants then identified what work would need to be accomplished for each action item and established working Continue reading
NIC.BR and the Internet Society Work Together to Increase Routing Security in Brazil
This week on Tuesday, 26 June, the Internet Society and NIC.BR signed a Memorandum of Understanding (MoU) to work together to increase routing security in Brazil, including the MANRS initiative. Mutually Agreed Norms for Routing Security is a global initiative that provides crucial fixes to reduce the most common routing threats.
We are excited to strengthen our efforts to work together with NIC.br, and in fact this MoU only formalizes an existing long-term relationship between the two organizations. Our goal is to help increase the number of Brazilian Internet Service Providers and Internet Exchange Points joining efforts for a more secure and resilient Internet.
Not a single day goes by without dozens of incidents affecting the Internet’s routing system. Route hijacking, route leaks, IP address spoofing, and other harmful activities can lead to Denial of Service (DoS) attacks, traffic inspection and surveillance, lost revenue, reputational damage, and more. As one of the biggest countries with high access rates, Brazil is also facing these incidents on a daily basis.
NIC.BR is responsible for the coordination and integration of all Internet service initiatives in Brazil, including long-standing activities related to Internet security. They are also responsible for many projects that Continue reading
At IETF 102: The Global Commission on the Stability of Cyberspace – Cyber diplomacy meets InfoSec and Technology
On Tuesday, 17 July, during IETF 102 in Montreal, the Global Commission on the Stability of Cyberspace (GCSC) will host a lunch panel on “Cyber Diplomacy Meets InfoSec and Technology.” During this session, the Commission wants to inform and engage with the IETF community on its work so far and the work that is in the pipeline.
The Global Commission on the Stability of Cyberspace is developing norms and policy initiatives that intend to counter the risk to the overall security and stability of cyberspace due to rise of offensive cyber-activities, and especially those by states.
Session Abstract
In this global environment we see conflict between states takes new forms, and cyber-activities are playing a leading role. There is an increasing risk of undermining the peaceful use of cyberspace and a growing for need norms and policies to enhance international security and stability.
The Global Commission on the Stability of Cyberspace, with commissioners from diverse backgrounds, sets out to develop proposals for norms and policies to enhance international security and stability and guide responsible state and non-state behavior in cyberspace.
During this lunch panel we want to engage with the IETF community to discuss the norms the commission Continue reading
If We Care About the Internet, We Have to Be Willing to Do Our Part
Whether it’s playing dungeons and dragons over voice chat with my college friends hundreds of miles away, reading the latest movie reviews for summer blockbusters I’ll watch once they come out on video, or simply paying electrical bills, the Internet has become an important part of my life.
Yet, while I have come to rely on the Internet, I don’t always do what is best for it.
I don’t always patch my connected devices or applications, leaving them vulnerable to compromise and use in a botnet. I don’t look for security when buying an app or a device, let alone look at the privacy policies.
While I know I am hurting the overall security of the Internet, I find myself thinking, “I’m just one person, how much damage could I do?”
Unfortunately, according to one recent survey, there are a lot of people who act just like me.
The results from the 2018 CIGI-Ipsos Global Survey on Internet Security and Trust* suggest that many users fail to make security a priority as they shop for Internet of Things (IoT) devices. (IoT refers to “scenarios where network connectivity and computing capability extends to objects, sensors and everyday items not normally considered computers, allowing these devices to generate, exchange and consume data with minimal human Continue reading
The Week in Internet News: Governments Shut Down Internet for School Testing
Couldn’t you just take their phones away? The government of Algeria told telecom carriers to shut down Internet service for several hours a day during high school testing season, according to several news reports. The government is trying to prevent the repeat of a situation in 2016, when exam questions were leaked online, reports Al Jazeera. The government of Iraq has taken similar action, the news agency says. It’s unclear how a short shutdown each day will prevent leaks.
Why IoT security is terrible: The headline is certainly catchy, but the IEEE Spectrum suggests that the Internet of things has some special security challenges including nation state hackers that are targeting the systems (although that’s true of other IT systems as well). Another of the six reasons: Many IoT systems, like your connected refrigerator, don’t have dedicated IT security workers looking out for them.
Score one for encryption: Using the encrypted WhatsApp, Syrian school girls banned from attending school in Islamic State-controlled territory, are taking pictures of school work and sharing it with each other, notes NakedSecurity, referencing a report on the BBC. “Education is everything, and it’s our weapon,” one of the girls says.
Not so fast, WhatsApp: Continue reading
Routing Security & IPv6 at NANOG 73 in Denver
We’ll be at NANOG 73 in Denver, CO, USA this week talking about routing security, MANRS, and IPv6.
The North American Network Operators Group (NANOG) is the professional association for Internet engineering, architecture and operations. Its core focus is on continuous improvement of the data transmission technologies, practices, and facilities that make the Internet function. NANOG meetings are among the largest in the region, bringing together top technologists on a wide range of topics.
Routing Security
On Tuesday, 26 June, at 1:30PM, Andrei Robachevsky will give a talk called, “Routing Is At Risk. Let’s Secure It Together.”
From the session abstract:
“Stolen cryptocurrency, hijacked traffic blocking access to whole countries, derailing vital Web resources for thousands of people. Routing used to fly under the radar. As long as incidents weren’t too bad, no one asked too many questions, and routing security never made it to the top of the to-do list. But these days, routing incidents are regularly making the news, executives are getting nervous, and engineers are under pressure to make sure their network isn’t next. The problem is, you cannot secure your own network entirely by yourself. But you can help secure the global routing system Continue reading
Watch Live On Monday, 25 June – DNSSEC Workshop at ICANN 62 in Panama
With the DNSSEC Root Key Rollover coming up on October 11, how prepared are we as an industry? What kind of data can we collect in preparation? What is the cost benefit (or not) of implementing DANE? What can we learn from an existing rollover of a cryptographic algorithm?
All those questions and more will be discussed at the DNSSEC Workshop at the ICANN 62 meeting in Panama City, Panama, on Monday, June 25, 2018. The session will begin at 9:00 and conclude at 12:15 EST (UTC-5). [Note: this is one hour different than current US Eastern Daylight Time – Panama does not change to daylight savings time – and so this will begin at 10:00 EDT (UTC-4).]
The agenda includes:
- DNSSEC Workshop Introduction, Program, Deployment Around the World – Counts, Counts, Counts
- Panel: DNSSEC Activities and Post Key Signing Key Rollover Preparation
- DANE: Status, Cost Benefits, Impact from KSK Rollover
- An Algorithm Rollover (case study from CZ.NIC)
- Panel: KSK Rollover Data Collection and Analysis
- DNSSEC – How Can I Help?
- The Great DNSSEC/DNS Quiz
It should be an outstanding session! For those onsite, the workshop will be in Salon 4, the ccNSO room.
Leveling Up Women One Edit at a Time
Only 1 in 10 Wikipedia editors is a woman. Unfortunately, the underrepresentation of female perspectives is quite common within the tech world. In order to help achieve gender equality in content creation and dissemination, Wikipedia Editathons are held as a way of bridging the gap and encourage female editors to increase the coverage of women’s topics.
The Internet Society India Delhi Chapter, in partnership with the Women Special Interest Group and supported by the Wikimedia Foundation, organized the 1st Global Editathon “Girls in ICT” on 28 April, 2018. Various Chapters and groups participated in this event to increase Wikipedia pages about Asian women who have contributed to any technology-related fields.
“Women are seriously underrepresented in Wikipedia’s content,” says Amrita Choudhury, treasurer of the Internet Society India Delhi Chapter. She has over 17 years of experience in IT and the Internet industry and is a member of the SIG Women team. “Exact figures vary depending on which research you’re reading, but only around 17% of individuals profiled on Wikipedia are women.”
What Chapters were involved and how did you work together?
“As devoted to the #ShineTheLight movement, we decided to collaborate with the SIG Women, whose main interest Continue reading
Announcing NDSS 2019 & the Call for Papers
It may seem far away, but it’s time to begin planning for the 26th Network and Distributed System Security Symposium. NDSS 2019 will once again be held in sunny San Diego at the lovely Catamaran Spa and Resort from 24-27 February 2019.
This annual security symposium is a premiere venue for fostering information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
NDSS 2019 will have a new General Chair, Dr. Trent Jaeger of Pennsylvania State University. In addition, the Program Committee for NDSS 2019 is being chaired by Dr. Alina Opera of Northeastern University and Dr. Dongyan Xu of Purdue University. Additional positions will be announced in the coming weeks.
Most importantly for all you researchers out there, the NDSS 2019 Call for Papers has been released. As in years past, the focus of the symposium will be the many aspects of security and privacy including the security of emerging Continue reading