New developments in the net neutrality debate

Democrats in the USA haven’t given up on net neutrality since the FCC voted to repeal the 2015 Open Internet Order in December.

Senator Markey, a Democrat from Massachusetts, has put forward a bill that would use the Congressional Review Act (CRA) to reverse the Federal Communications Commission’s (FCC) decision. The CRA allows lawmakers 60 legislative days after the FCC submits its regulations to Congress to take action.

That bill now has the support of more than 40 Senators, including Senator Susan Collins (R-Maine), its first Republican supporter.

Senator Markey needs 52 votes to get the bill passed in the Senate, which is unlikely given that Republicans remain in control of both chambers of Congress. Nevertheless, Democrats see value in forcing a vote on the bill ahead of the 2018 midterm elections. Polls indicate that 83 per cent of Americans support keeping the FCC’s net neutrality rules.

If the bill fails to move forward, Congress may pursue a legislative solution – a bill that would codify net neutrality rules into law, rather than a reversal of the FCC’s decision. In fact, the Republicans are possibly signaling an appetite to come to a legislative solution to this issue. Regardless of Continue reading

Deadline of Feb 1 for Nominations for Public Interest Registry (.ORG Operator) Board of Directors

Would you be interested in helping guide the future of the Public Interest Registry (PIR), the non-profit operator of the .ORG, .NGO and .ONG domains? If so, the Internet Society is seeking nominations for three positions on the PIR Board of Directors. The nominations deadline is 23:00 UTC on Thursday, February 1, 2018.

More information about the positions and the required qualifications can be found at: https://www.internetsociety.org/pir/call-for-nominations/

As noted on that page:

The Internet Society is now accepting nominations for the Board of Directors of the Public Interest Registry (PIR). PIR’s business is to manage the international registry of .org, .ngo, and .ong domain names, as well as associated Internationalized Domain Names (IDNs).

In 2018 there are three positions opening on the PIR Board. Two directors will serve a 3-year term that begins mid-year 2018 and expires mid-year 2021. One director will fill a vacant seat as soon as practical and serve until mid-year 2020.

If you are interested in being considered as a candidate, please see the form to submit toward the bottom of the call for nominations page.

The post Deadline of Feb 1 for Nominations for Public Interest Registry (.ORG Operator) Board of Directors Continue reading

14,000 Incidents: a 2017 Routing Security Year in Review

How was the state of the Internet’s routing system in 2017? Let’s take a look back using data from BGPStream. Some highlights:

• 13,935 total incidents (either outages or attacks like route leaks and hijacks)
• Over 10% of all Autonomous Systems on the Internet were affected
• 3,106 Autonomous Systems were a victim of at least one routing incident
• 1,546 networks caused at least one incident

An ‘incident’ is a suspicious change in the state of the routing system that can be attributed to an outage or a routing attack, like a route leak or hijack (either intentional or due to a configuration mistake).[i] Let’s look at just a few examples of incidents picked up by the media.

March 2017. SECW Telecom in Brazil hijacked prefixes of Cloudflare, Google, and BancoBrazil causing some outage for these services in the region.

April 2017. Large chunks of network traffic belonging to MasterCard, Visa, and more than two dozen other financial services companies were briefly routed through a Russian telecom. For several minutes, Rostelecom was originating 50 prefixes for numerous other Autonomous Systems, hijacking their traffic.

August 2017. Google accidentally leaked BGP prefixes it learned from peering relationships, essentially becoming a transit provider instead Continue reading

Future Thinking: Harlem Désir on Freedom of Expression Online

In 2017, the Internet Society unveiled the 2017 Global Internet Report: Paths to Our Digital Future. The interactive report identifies the drivers affecting tomorrow’s Internet and their impact on Media & Society, Digital Divides, and Personal Rights & Freedoms. We interviewed two people – the new OSCE Representative on Freedom of the Media and a an emerging leader from Brazil, an Internet Society 25 Under 25 awardee – to hear their different perspectives on the forces shaping the Internet’s future: Harlem Désir and Paula Côrte Real.

Harlem Désir is the Operation for Security and Cooperation in Europe (OSCE) Representative on Freedom of the Media. Prior to his current position, Désir was French Minister of State for European Affairs, attached to the French Minister of Foreign Affairs and International Development, and a member of the European Parliament for three consecutive terms from 1999 to 2014.

(You can read Paula Côrte Real’s interview here.)

The Internet Society: What could impact the future of freedom of expression online?

Harlem Désir: There is an ongoing shift under our feet which could result in a less open, global, and free Internet. A combination of factors, including legitimate security concerns in the fight against terrorism or the fight Continue reading

Future Thinking: Paula Côrte Real on Freedom of Expression Online

In 2017, the Internet Society unveiled the 2017 Global Internet Report: Paths to Our Digital Future. The interactive report identifies the drivers affecting tomorrow’s Internet and their impact on Media & Society, Digital Divides, and Personal Rights & Freedoms. We interviewed two people – the new OSCE Representative on Freedom of the Media and a an emerging leader from Brazil, an Internet Society 25 Under 25 awardee – to hear their different perspectives on the forces shaping the Internet’s future: Harlem Désir and Paula Côrte Real.

Paula Côrte Real is a 24-year-old Brazilian who hopes to help create a safe and secure Internet experience for Brazil’s youth through her involvement in several youth engagement programs. One of those, led by the Commission of Information Technology Law from the Brazilian Bar Association in Pernambuco, helps students learn how to protect themselves while using the Internet. It also tackles current issues such as cyberbullying and cyberstalking. To date, the project has reached approximately 2,000 public school students between the ages of 15 and 18. In 2017, she was awarded the Internet Society’s 25 under 25 award for making an impact on her community and beyond.

(You can read Harlem Désir’s interview here.)

The Continue reading

Promoting routing security in Middle East R&E

The Internet Society continues to deepen its engagement with the Middle East by participating in the e-AGE 2017 Conference. This was held on 2-4 December 2017 at the Arab League in Cairo, Egypt, and was organised by the Arab States Research and Education Network (ASREN) and co-sponsored by the Internet Society and ICANN.

ASREN is a non-profit association of National Research and Education Networks in the Middle East that aims to connect institutes to enable access to services, applications and computing resources within the region and around the world, and to boost scientific research and cooperation amongst its members. Its mandate covers 22 countries, and it has partnered with the major regional R&E networking initiatives elsewhere in the world, including GÉANT (Europe), Internet2 (United States), CANARIE (Canada), WACREN (West Africa) and RedCLARA (Latin America). International connectivity is supported by the EU-funded EUMEDConnect3 and EUMEDGrid projects.

There were two main themes to the conference – that NRENs were access pathways to global knowledge, and that NRENs needed to distinguish themselves by doing things that were not or could not be provided by commercial ISPs. Michael Foley (World Bank) highlighted how the NRENs had played a key role in the evolution of Continue reading

Preserving Our Future, One Bit at a Time

“Culture, any culture… depends on the quality of its record of knowledge.” — Don Waters, “‘Preserving Digital Information”

Our culture and society has been enriched by the creation and proliferation of the Internet. Information has become increasingly more accessible and has enabled so many of us to become active creators rather than passive consumers of content. With that, we’re experiencing an explosive growth of digital data, with 2.5 quintillion bytes of data created every day and that data needs a place to live.

Not only does our data need a place to live, but it needs a place to survive into the future. What happens if years from now, we are no longer able to access our photos, documents, music — essentially all the records of our lives? We will not only be forgotten, but we’ll be thrusting the future into a “digital dark age,” as Vint Cerf calls it.

In short: “More and more of our lives are bound to the ones and zeroes of bits residing on a cloud server, or mobile device. Those bits in turn are mediated by the software and hardware implements we use every day. The bitstreams are unintelligible, however, without Continue reading

Un-Nintendo Consequences: Protect Your Devices from Attacking Gaming Networks

This holiday season, we published a buying guide for “smart toys,” as well as steps you could take to secure them once they were home. As we start the new year, it’s a good time to revisit Holiday DDoS Attacks: Targeting Gamers (Plus Five Things You Can Do). Last year Ryan Polk wrote, “gaming networks are most often targeted by DDoS attacks, as the end of year holidays usually bring many users online who are eager to try out their new games and systems.” He included the following helpful tips.

Meltdown and Spectre: Why We Need Vigilance, Upgradeability, and Collaborative Security

Today the tech media is focused on the announcement of two security vulnerabilities, nicknamed Meltdown and Spectre, that are found in almost all CPUs used in modern devices. Mobile phones, laptops, desktop computers, cloud services, and Internet of Things (IoT) devices are all vulnerable.

There are many articles being published on this topic. The best source of information I’ve found is this site by the security researchers at the Graz University of Technology:

https://meltdownattack.com/

At the bottom of that page are links to the security blog posts, advisories, and other statements from companies and organizations across the industry. In an excellent example of the principles of Collaborative Security, the announcement was coordinated with the release of patches and updates for a wide range of operating systems and devices.

For readers wanting a deeper technical dive, the site from Graz University has links to multiple academic papers. Google’s Project Zero team also published a detailed technical analysis.

From our perspective, today’s news highlights a couple of points:

• Keeping up to date on patches is critical. We each need to ensure that we upgrade our own systems and devices. If we work for organizations/companies, we need to ensure that processes are in place Continue reading

2018: Advocacy and Action

Happy New Year!

2018 offers exciting promise and opportunity for the Internet Society and the work of our global community for a better Internet. We’ll continue the positive momentum we started in 2017, when we celebrated our 25 year milestone and strengthened our impact around the globe.

Thank you to all who joined us on this amazing journey.  Take a look back at many of last year’s highlights.

Our ongoing mission to protect and to shape the Internet for future generations is not an easy task. However, we are well positioned with the people, resources, and commitment from across our global community to be a bold, powerful force for change.

To carry forward our focus on access and trust as the two most pressing issues facing the Internet today, in 2018 we will execute our Action Plan that outlines our advocacy efforts in these areas with a detailed set of priorities for maximum impact. In addition, we will continue to extend our community and organization to build a stronger foundation for realizing our vision, and foster new initiatives that respond to today’s rapidly changing world.

While I have announced my plans to pass on the CEO baton once the Continue reading

Making a Lasting Impact: A Look Back at 2017

As just a couple of days remain in 2017, let’s take a moment to reflect on some of the year’s highlights! It was an extraordinary year, with the Internet Society celebrating its 25th anniversary and launching a new website – while continuing to advocate for an Internet that is open, globally connected, and secure. These values were evident in the many projects undertaken throughout the year and in some of my favorite blog posts:

Access is fundamental.

We shared stories of people working to create community networks around the world, including remote Tusheti, Georgia, where pack horses carried equipment up mountain peaks; rural South Africa, where one of the most economically disadvantaged communities in the country became a telecom operator; and Yemen, where the Internet@MySchool project connected classrooms in four secondary schools. We also published resources such as Spectrum Approaches for Community Networks and the Small Island Developing States report, which offered practical solutions to building community networks. But access also means accessibility, and the Internet Society recently launched the Accessibility Toolkit, which aims to reduce barriers so that people with disabilities can get online.

So is privacy and trust.

The WannaCry and Petya ransomware attacks Continue reading

From Zero to One Hundred in the Arctic Slope

In November 2017, the Internet Society hosted the inaugural Indigenous Connectivity Summit in Santa Fe, New Mexico. The event brought together community network operators, Internet service providers, community members, researchers, policy makers, and Indigenous leadership. One of the participants shared her story.

“‘Mom, did you have YouTube?’” Patuk Glenn, recalls her six year old son asking. Glenn, who lives in Utqiaġvik – a city in Alaska north of the Arctic Circle – laughs as she remembers one of his first words: “loading,” thanks to the sluggish Internet speeds on the Arctic Slope. But things are changing, and soon. Fiber optic cable is going live in Glenn’s community and she has travelled to the Indigenous Connectivity Summit looking for lessons from other Indigenous communities. “We’re going from zero to one hundred overnight,” says Glenn. “How can we best prepare our people?”

It’s not just a question of digital literacy. Glenn’s looking for information on cybersecurity and entrepreneurship – as high-speed Internet opens avenues for economic development and for community members to share their own content with the rest of the world. Like many summit participants, Glenn sees connectivity as a pathway to enable education: not only unlocking online courses, but Continue reading

Reflections on the Internet’s Past

Earlier this year, as part of the Internet Society’s 25th anniversary celebration, we asked you to share your memories of the early Internet. As we look forward to the new year, it’s fun to read through the stories and look back at where we started.

One of the earliest memories was from Stanford University.

There was also this dose of funny reality from nearly ten thousand kilometers away, in Moscow:

Another member shared this memory from INET ’93 San Francisco:

Let’s Make the Internet Safe for All

Imagine you’re at the starting line of a race, excited about the opportunity that awaits you when you complete the course. The starting pistol is fired and you try to take off, but instead of soaring with the other runners, you stumble. You look down to see that someone has slashed your shoelaces. As you crouch down to try to fix them, you see the others gain distance ahead of you.

This is the reality for many women who use the Internet. The technology is the same and its potential is the same for men and women. But when women go online, there are barriers to access and safety that men do not experience. While men might worry about identity theft or a virus, women – along with trans and non-binary users – are navigating a minefield of sexualized harassment, whether they’re on a dating site, gaming, or using social media. The sexual violence women are exposed to in the physical world translates to the online space.

According to a 2017 survey from Pew Research Center, women and men experience and view online harassment very differently. The survey found that, while 41 percent of Americans have experienced online harassment, Continue reading

This Holiday Season, Make Sure Your Smart Toy Isn’t a Toy Soldier

In the classic holiday story The Nutcracker, toy soldiers under command of a nutcracker spring to life to fight an army of evil mice. With the growth of smart toys, armies made up of toy “soldiers” could soon become reality. Using the same features that make them “smart,” smart toys can be taken over by outside actors and forced to do their bidding.

But rather than being led by a nutcracker to fight off evil rodents, real armies of toys could be led by criminals to attack you or me.

“Smart toys” (Internet or Bluetooth-enabled toys) are some of the most popular toys this holiday season. Internet or Bluetooth functionality enables smart toys to have amazing features. There are:

• stuffed animals that play back messages sent from loved one’s smartphones
• robots that teach children how to code
• toys integrated with apps that teach reading and spelling skills while still providing physical exercise

Smart toys can do incredible things. Yet, if left unsecured, they not only present real privacy risks to the children and families who use them, but also security risks to everyone who relies on or uses the Internet.

Any Internet-connected device, be it a computer, connected thermostat, or smart toy, is at risk of being Continue reading

The Future of Journalism in the Internet age: Watchdogs or Lapdogs?

Media watchdogs, increasingly criticized, threatened and attacked by corporate interests and global governments, are also among the prominent victims of falling public trust in the wake of the proliferation of so-called ‘fake’ news.

Despite some self-inflicted problems, such as those highlighted by the Leveson inquiry in the United Kingdom five years ago, news media and responsible journalism remain of critical importance to democracy.

The Internet Society’s 2017 Global Internet Report reveals how media is intricately entwined with society and it will become more so as more people and services go online. The Internet has grown from 400 million users in 2000 to 3.5 billion users today and as access expands further the media have countless new opportunities to increase their reach and better inform their audiences.

But “going online” also introduces unique challenges for the media. In the next five to seven years, the Internet will continue to fundamentally impact society and the media. According to Reporters without Borders, media freedom violations – impacting particularly anonymity, privacy and free expression – have increased by 14 percent in the past five years, for example.

As the Internet and news media become more converged, it is relatively easy to identify Continue reading

Starting a new BCOP – “How to run and protect an email server on IPv6”

After the recent series of technical Best Current Operational Practices (BCOP) documents that we initiated and co-authored, it’s time for new one. This time on how to run an incoming email server on IPv6 and survive!

Back in 2010 we started the IPv6 series of BCOP documents, starting with the popular RIPE-501 that was superseded by the even more popular RIPE-554 that discusses how to specify IPv6 functionality and compliance when ordering ICT equipment. This document emerged from listening to the Internet community that is deploying IPv6, and figuring out the common problems in order to come up with recommendations on how to solve them.

The next most common issue that we heard about, was that helpdesks of network operators would melt down if they deployed IPv6 to their end customers as they don’t know anything about IPv6. So we built an online tool and wrote some helpdesk procedures on how to troubleshoot IPv6 issues when users call them – resulting in another useful document that was published as RIPE-631.

After addressing this, we then repeatedly heard questions about what size of IPv6 prefixes should be given to end-users and should it be assigned statically or dynamically. We therefore put Continue reading

Chapterthon 2017 Winner: Closing the Digital Gap

We are excited to announce the winner of Chapterthon 2017.

As we truly believe that Internet Society and our community have an important role to promote the use of the Internet for education, we organized the Chapterthon 2017 on Digital Schools.

Chapterthon is a global Chapters marathon, where our chapters can participate by developing a project within a timeline and budget to achieve the common goal of improving education by using the Internet.

During the past months, 31 Chapters from all the regions have worked hard to extend the education benefits of the Internet to their communities. Connecting schools to the Internet, teaching coding to girls, training teachers and parents, raising awareness about the safe use of the Internet, developing an online platform for a school and helping to create educational, and local content are just some examples of the amazing work our chapters have done.

Each project has proven us once more that the Internet plays an important role in achieving the Sustainable Development Goal on Education. Each project has contributed to shaping the future of children, parents and teachers.

While all the projects have left an important mark on local schools, the Internet Society community members have voted Continue reading

Today’s Steps to Make a Better Tomorrow!

We are delighted to announce the launch of 2016 Beyond the Net Impact Report and 13 amazing new projects.

As we look at the past year, we are proud of the achievements our community has made with funding from the Beyond the Net Programme. We have some great examples of how the Internet can have a positive impact in people’s everyday lives. By building community networks in Africa and Europe, improving Internet connections in North America, or ensuring that people can trust their connection in Asia, we’re contributing to things like closing the gender gap, building partnerships, and helping kids stay in school.

In 2016, we took a huge step forward to consolidate the Beyond the Net Programme. When we see how the Internet can improve the lives of hundreds of farmers in Latin America or how children can develop new skills by learning how to use the Internet in the Middle East, the aim of the program and of our organization becomes crystal clear. The numbers and the stories behind them are a good reminder that the Internet was built as a force for good.

The projects highlighted in this report serve as a critical reminder that as long Continue reading

Monitoring your DANE deployment

In a previous series of articles (part 1, part 2) we described how to install and use DANE for verifying your email and web server certificates through the DNS. In this article, I discuss how to monitor whether your TLSA records still match the certificates used for your services.

The aim is help people doing something similar, as this monitoring system saved the DANE deployment in the Go6lab from being broken many times, especially at the very beginning of deployment when the automated systems we built didn’t work completely correctly all the time

If we’re using self-signed certificates for our services and we manually change the underlying key, then we’ll probably also change the values of the TLSA records. If we forget to change them or are using, for example, Let’s Encrypt that automatically renews the certificate every 90 days, then we need to have some automatic DANE monitoring system that informs us of misalignment between the certificate being used and the TLSA record.

For this reason there are more and more online tools to check individual services by entering the URL and port, and with a press of a button tell if things are still working fine. A few Continue reading