Accessibility Needs to Be at the Heart of Internet Policy, Planning and Design

The Internet Society’s 2017 Global Internet Report: Paths to Our Digital Future shows that new digital divides are emerging. It’s not just about accessing the Internet, but our ability to make the most of it.

One only has to look at the UN DESA 2015 Global Status Report on Disability and Development to start putting the pieces together. Not only does the report show a significant gap between people with and people without disabilities when it comes to things like education, employment, and health, but also, that those who are doubly disadvantaged (women, refugees, indigenous communities) experience the lowest level of inclusion and participation in society.

What does this mean for the Internet and information communication technology (ICTs)? They’re tools that help us bridge space and time, can start a business with the spark of an idea, and help kids stay in school.

If we want to build a digital future where people come first, accessibility needs to be at the heart of Internet policy, planning and design.

This means accessibility is first in. Not last out. It is always smarter, less expensive, and more functional to build accessibility into technology at the start rather than as a second-class add Continue reading

ENOG 14 in Minsk

The 14th Eurasia Network Operator’s Group (ENOG 14) that was held on 9-10 October 2017 in Minsk, Belarus featured 234 participants from the host country, the Commonwealth of Independent States and Eastern Europe who came together to discuss operational issues and share expertise about evolving the Internet in the region. This was the second event of the year and was supported by the Internet Society, the RIPE NCC and hoster.by, with participation from our Deploy360 colleague Jan Žorž.

The first morning featured a couple of useful tutorials – one in Russian on DNSSEC operations that was led by Philipp Kulin and Dremuchij Les, and the other on Best Practices in IPv6 BGP led by Nathalie Trenaman and Massimiliano Stucchi (RIPE NCC).

The opening trio of talks focused on network security, starting with a general overview of how to operate a secure network from Ignas Bagdonas (Equinix). Kirill Malevanov (Selectel) then offered up his experiences of IPv4 prefix hijacking whereby network traffic is erroneously routed due to incorrect BGP announcements that are advertised either accidentally or deliberately. Alexander Azimov (Qrator Labs) followed-up with an overview of BGPsec that has recently been published as a RFC standard, and which aims to provide cryptographic verification Continue reading

IPv6 prefix assignment BCOP published as RIPE-690

We’re pleased to announce that after a year of intensive work by IPv6 experts around the world, supported by the Deploy360 team, the RIPE community has reached consensus on the Best Current Operational Practices (BCOP) for IPv6 prefix assignment for end-users – persistent vs non persistent and what size to choose. These were officially published as RIPE-690 this week.

RIPE-690 outlines best current operational practices for the assignment of IPv6 prefixes (i.e. a block of IPv6 addresses) for end-users, as making wrong choices when designing an IPv6 network will eventually have negative implications for deployment and require further effort such as renumbering when the network is already in operation. In particular, assigning IPv6 prefixes longer than /56 to residential customers is strong discouraged, with /48 recommended for business customers. This will allow plenty of space for future expansion and sub-netting without the need for renumbering, whilst persistent prefixes (i.e. static) should be highly preferred for simplicity, stability and cost reasons.

The target audience of RIPE-690 is technical staff working in ISPs and other network operators who currently provide or intend to provide IPv6 services to residential or business end-users. Up until now, there have been no clear Continue reading

IETF 100 Hackathon: Bringing Innovation and Running Code to the IETF

Interested in contributing running code to the Internet Engineering Task Force (IETF)? Do you see a problem with DNS, DNSSEC, IPv6, TLS, or something else that you want to help fix?

The IETF is holding its next meeting in Singapore in November. Just before IETF 100, on 11-12 November, is a Hackathon to encourage developers to discuss, collaborate and develop utilities, ideas, sample code and solutions that show practical implementations of IETF standards.

Check out the Hackathon Wiki to learn more about how to register, get involved in a project, add your own topic of interest, or even participate remotely if you can’t make it to Singapore next month. You can also read more about a past Hackathon in this IETF Journal article.

As an added bonus, there are some prizes on the line! A panel of judges announces winners in several categories at the end of the event, with winners choosing from sponsor-donated prizes.

Remember, the IETF needs operational expertise to make sure its protocols and standards actually work in real life networks.

The post IETF 100 Hackathon: Bringing Innovation and Running Code to the IETF appeared first on Internet Society.

KRACK proves we need more encryption on the Internet

A serious weakness in Wi-Fi security was made public earlier today. The Key Reinstallation Attack (KRACK) can break Wi-Fi encryption, opening your data up to eavesdropping. This, combined with issues in Linux and Android, make it possible for attackers to change websites you view. This is a serious problem for Wi-Fi Protected Access 2 (WPA2), a protocol used in millions of networks worldwide.

Luckily, the use of Transport Layer Security (TLS) is on the rise. Mozilla’s data shows that over 60% of pages loaded in Firefox use TLS. More and more companies are using encryption for all traffic and removing the ability to connect to unencrypted versions of their sites. When connecting to these sites, KRACK isn’t as big of a deal, because the data is encrypted before it’s sent across Wi-Fi. Even if WPA2 is broken, the data is still secure.

Unfortunately there are still millions of sites that don’t provide this security. Their users are vulnerable to eavesdropping, fake content, malware injection, and more. We need more companies and operators to use TLS and HTTP Strict Transport Security (HSTS) to mitigate the potential impact of KRACK.

Internet traffic exists in layers, which makes it possible to use more Continue reading

KRACK proves we need more encryption on the Internet

A serious weakness in Wi-Fi security was made public earlier today. The Key Reinstallation Attack (KRACK) can break Wi-Fi encryption, opening your data up to eavesdropping. This, combined with issues in Linux and Android, make it possible for attackers to change websites you view. This is a serious problem for Wi-Fi Protected Access 2 (WPA2), a protocol used in millions of networks worldwide.

Luckily, the use of Transport Layer Security (TLS) is on the rise. Mozilla’s data shows that over 60% of pages loaded in Firefox use TLS. More and more companies are using encryption for all traffic and removing the ability to connect to unencrypted versions of their sites. When connecting to these sites, KRACK isn’t as big of a deal, because the data is encrypted before it’s sent across Wi-Fi. Even if WPA2 is broken, the data is still secure.

Unfortunately there are still millions of sites that don’t provide this security. Their users are vulnerable to eavesdropping, fake content, malware injection, and more. We need more companies and operators to use TLS and HTTP Strict Transport Security (HSTS) to mitigate the potential impact of KRACK.
Internet traffic exists in layers, which makes it possible to use more Continue reading

On Approaches to Internet Security, Cybersecurity, and the Path Forward

On 5 October, I had the pleasure of speaking at the New York Metro Joint Cyber Security Conference, which brings together a community of security practitioners from the New York Metro area. Two talks stood out for me. First, the keynote by Maria Vullo, Superintendent Financial Services for the state of New York, who explained her drivers for regulating cybersecurity requirements for the Financial Sector [link to the presentation]. Second, a presentation by Pete Lindstrom from IDC, who, in a presentation on how perimeter security needs a thorough rethink, kept returning to the economics of security.

The reason I refer to these two talks is because I can appreciate them for their own, almost diametrical approaches for improving security. Pete Lindstrom making a strong economic and risk-based approach, questioning whether patching every vulnerability that comes along makes any sense from an economic risk and scale analysis. Maria Vullo, on the other hand, using capacity-based regulation to incentivise stronger security controls.

Those two points resonate strongly with what I was trying to get across: There is no magic security bullet, there is no security czar, and maintaining trust needs an active approach from all stakeholders.

Starting off with how our Continue reading

BGPSec – A reality now

The Secure Inter Domain Routing (SIDR) initiative held its first BoF at IETF 64 back in November 2005, and was established as a Working Group in April 2006. Following the Youtube Hijack incident in 2008, the need to secure BGP became increasingly important and SIDR WG charter explains it well:

• Is an Autonomous System (AS) authorized to originate an IP prefix
• Is the AS-Path represented in the route the same as the path through which the NLRI traveled.

This last vulnerability was the basis for defining an AS Path validation specification which has become known as BGPsec.

BGPsec attempts to assure a BGP peer that the content of a BGP update it has received, correctly represents the inter-AS propagation path of the update from the point of origination to the receiver of the route.

So far, 39 RFCs have originated from the SIDR WG, with three drafts currently under discussion. Seven RFCs were published last month (September 2017) providing a big boost to the securing routing work:

• RFC 8205 (was draft-ietf-sidr-bgpsec-protocol) – BGPsec Protocol Specification
• RFC 8206 Continue reading

Our Fellows Speak: “The Internet of the Future is Feminist“

The Internet Society invited four fellows from Latin America to the Forum on Internet Freedom in Africa 2017, which was held 27-29 September in Johannesburg. Two of the fellows, Veronica Vera and Anais Cordova-Paez of the ISOC Ecuador Chapter, shared their focus of work related to Internet freedom.

By Veronica Vera and Anais Cordova-Paez, ISOC Ecuador Chapter

Actions online are equally important toactions offline, which is why talking about freedom in the Internet is talking about human rights. In a world that is reproducing violence in all fields we need to talk about freedom embracing women’s rights; in this point of history seeking freedom is seeking gender equality.

Can we talk about Internet freedom if we don’t think about how we want Internet to be? And what do we have to do to achieve it? This is a conversation we need to have, because violence against women is everywhere, in all dimensions. In the cyberspace, human rights defenders, activists, or any woman who speaks out loud about her rights becomes a target of abuse, cyberstalking, revenge pornography, body shaming, and all kinds of violence that make us realize why it is really important to have a discussion about the principles of Continue reading

Strong Encryption Is Essential to Our Security, Not a Barrier

Encryption technologies help protect user data from theft and they help secure critical infrastructure and services that societies depend on. But, encryption is also available to criminals and terrorists. This puts law enforcement agencies in a difficult position. In effect, they are faced with the dilemma of how to gather evidence on criminals and other adversaries who may be using encryption, while at the same time, not putting the safety of law-abiding citizens at greater risk. While we at the Internet Society recognize the challenges facing law enforcement, we believe that strong encryption should be available to all Internet users as it is an important technical solution to protect their communications and data.

This dilemma was voiced by U.S. Deputy Attorney General Rod Rosenstein in a recent speech. He argued that “Encrypted communications that cannot be intercepted and locked devices that cannot be opened are law-free zones that permit criminals and terrorists to operate without detection by police and without accountability by judges and juries.”

This problem, claimed Rosenstein, can be solved with what he calls “responsible encryption.” To Rosenstein, “responsible encryption” could “involve effective, secure encryption that allows access only with judicial authorization.” Unfortunately, if Continue reading

New Policy Brief published on Community Networks and Access to Spectrum

Yesterday we published a new policy brief: Spectrum Approaches for Community Networks

Access to affordable and available spectrum is critical for Community Networks. Policy makers can play a key role in ensuring adequate access to spectrum. The policy brief examines the various ways that Community Networks can gain access to spectrum, including:

• the use of unlicensed spectrum,
• sharing licensed spectrum, and
• innovative licensing.

Network operators also play a key role in helping Community Networks. The policy brief outlines recommendations for operators which include:

• access to backhaul infrastructure at fair rates,
• equipment and training partnerships, and
• the sharing of infrastructure as well as spectrum.

Please read our press release for more information about this new paper.  Also visit our World Telecommunications Development Conference (WTDC) 2017 page for more about what our team is doing there in Buenos Aires this week.

The post New Policy Brief published on Community Networks and Access to Spectrum appeared first on Internet Society.

New Paper on Online Privacy in the Wake of Pervasive Surveillance Revelations

In 2015, I was lucky enough to give an invited keynote at the 20th anniversary of the Ethicomp conference. I found that many of the issues up for discussion were ones in which the Internet Society also has a keen interest: for example — responsible innovation, the ethics of autonomous systems, and what do in the wake of Edward Snowden’s revelations about pervasive state monitoring of the Internet. The conference has now produced a special edition of the Journal of Information, Communication and Ethics in Society (JICES), specifically to report on a global set of surveys on the responses to Snowden. I was invited to write a paper for this special edition, to accompany the more traditional academic analyses of the surveys. My full article, “After Snowden – the evolving landscape of privacy and technology” is now available.

Writing the paper gave me a chance to step back and look at how the privacy advocacy community’s work has changed since Snowden – one of those rare moments in which the frog gets to hop out of the rapidly warming water and contemplate the saucepan. Here are a few of the trends I noted.

First, there has been Continue reading

Applied Networking Research Prize: Winners Announced, Nominations for 2018 Now Open

As we rapidly approach the last Internet Engineering Task Force meeting for the year, we’re pleased to report that the final winners of the Applied Networking Research Prize (ANRP) for 2017 have been announced.

The ANRP awards for IETF 100 go to:

Paul Emmerich for developing the high-speed packet generator MoonGen.
Paul Emmerich, Sebastian Gallenmüller, Daniel Raumer, Florian Wohlfart, and Georg Carle, “MoonGen: A Scriptable High-Speed Packet Generator,” in Internet Measurement Conference (IMC) 2015, Tokyo, Japan, Oct. 2015.

Roland van Rijswijk-Deij for analysing the impact of elliptic curve cryptography on DNSSEC validation performance.
Roland van Rijswijk-Deij, Kaspar Hageman, Anna Sperotto and Aiko Pras, “The Performance Impact of Elliptic Curve Cryptography on DNSSEC Validation,” in IEEE/ACM Transactions on Networking, Volume 25, Issue 2, April 2017.

For the 2017 award period of the ANRP, 39 eligible nominations were received. Each submission was reviewed by several members of the selection committee according to a diverse set of criteria, including scientific excellence and substance, timeliness, relevance, and potential impact on the Internet. Based on this review, six submissions were awarded an Applied Networking Research Prize in 2017.

Paul and Roland will present their work at the IRTF Open Meeting during IETF 100 in Singapore. Continue reading

Partnerships to Connect the World

Today the Secretary-General of the International Telecommunication Union Houlin Zhao opened the World Communication Development Conference (WTDC) with a critical message: Partnerships make things happen.

The Internet Society is at the WTDC this week, and our ask is clear. We’re urging the 100+ Ministers attending to implement policies on infrastructure and digital skills that enable connectivity for thousands of communities around the world.

But turning that ambition into action won’t happen if we do not work together.

Today we are pleased to announce that the Internet Society and Argentina’s National Communications Agency (ENACOM) signed a Memorandum of Understanding to cooperate in supporting community networks in Argentina.

It’s an exciting moment for everyone who believes that the Internet brings limitless opportunities for good.

If you believe that closing the digital divide is critical, community networks are something everyone can support. These are networks built in communities, by communities, and through partnerships with a variety of stakeholders.  They are a compliment to traditional models for access and are something you can promote, donate to, or even build yourself.

The agreement stands as an excellent example to other governments on how working together can help bring connectivity to some of the world’s Continue reading

Solutions needed! It’s time to close the digital gender divide

By Raquel Gatto and Joyce Dogniez

If you could sneak peek a future in 10 years in which the Internet is everywhere, would it still be the same access for men and women, boys and girls?

The latest Internet Society report focused on the future of the Internet Society shows that new digital divides are emerging. One of them is a gender divide.  Today 250 million fewer women than men use the Internet. If we don’t act now to close this gap, we will lose out on a digital future that includes everyone.

Closing the digital divide and bridging the gender gap is a promise the world made to itself in 2015 when world leaders ratified the Global Goals for Sustainable Development.

This week more than 100 Ministers and 1,500 delegates are attending the World Telecommunications Development Conference, a 10-day meeting dedicated finding new solutions on how Information and Communication Technologies can advance development.

We’re here to send a message that to shape a digital future that benefits all of humanity, we need new thinking, new approaches and new tools for this rapidly changing world around us.

We need your help.

If you’re at the World Telecommunications Development Conference Continue reading

A Community Network in the Remote Georgian Region of Tusheti

About a year ago, Internet Society partnered with its Georgian Chapter, Small and Medium Telecom Operators Association of Georgia, Freenet LTD Association, Internet Development Initiative and Tusheti Development Fund to help the remote and mountainous region of Tusheti to build access to the Internet. The network was recently completed as a true community effort and became fully operational in August.

Impact

When the Internet Society team visited the village of Omalo in Tusheti two weeks ago for an official launch ceremony, the Internet speeds measured at 4-5 Mbps. A dramatic change to a region, where many villages are not even covered by mobile signal!

During our brief stay in Omalo the impact of the newly established Internet connection was not evident at first glance. Apart from a couple of visible repeaters on the surrounding mountains, people were getting on with their usual daily chores while a group of tourists travelled past on horseback. The local community, however, was exuding a sense of achievement and optimism. The recently established Internet access opens new opportunities for tourism and cultural preservation, and provides an essential communication channel for healthcare and potential emergency situations.

Partnership

The engine behind this effort was a solid Continue reading

First Practical Workshop on IoT to Increase Awareness and Interest in Ethiopian Universities

The Department of Computer Science College of Natural Sciences of the Addis Ababa University (AAU), in collaboration with the Internet Society and International Center for Theoretical Physics (ICTP) successfully concluded the 1^st practical workshop in Ethiopia on Internet of Things (IoT). The workshop, which took place in Addis Ababa, Ethiopia, from 23-29 September 2017 aimed at increasing the awareness and interest of IoT amongst Universities in Ethiopia and in the long run enhance the understanding and involvement of Africans in IoT standardization at the Internet Engineering Task Force (IETF).

The workshop came at an important crossroad as we are at the beginning of a new revolution, witnessing our pots and cups turned to be part of the computing world. The wrist watch no longer tells us the “time” only, but also a lot more information – from the status of the weather to our health. Our “things” can be enabled to compute and even communicate to one another; and this takes us to new mode of computation known as IoT.

Dawit Bekele, Director of the African regional bureau of Internet Society reflected on this issue saying that “the potential of IoT in all Continue reading

Deploy360 @ ENOG 14

Our colleague Jan Žorž from the Deploy360 team will be presenting at the 14th Eurasia Network Operators Groups (ENOG 14) on 9-10 October 2017 in Minsk, Belarus. This is being preceded by workshops on Best Practices in IPv6 BGP and DNSSEC Operations.

Jan will be talking about his real life experiences with NAT64/DNS64 and will be demonstrating the NAT64check tool on Monday evening (17.00-18.15). Following after his talk is a BoF on the Internet-of-Things (18.30-19.30), which is also sure to include discussions about the importance of IPv6 to scale the expected many billions of devices in future.

We’d also like to highlight the Cloudflare update on IPv6, DNS, DNSSEC, CA certs from Martin Levy (Cloudflare) on the Tuesday (10.00-11.30), who seems to be managing to cover just about all the Deploy360 topics in one talk. And for routing security, Kirill Malevanov, (Selectel) will be discussing his experiences of IPv4 prefix hijacking.

More Information

• Programme and logistical details
• Registration

The post Deploy360 @ ENOG 14 appeared first on Internet Society.

Support New Ways of Working To Connect The World

The World Telecommunications Conference (WTDC) begins today. This is a key moment to remind the world that together we can shape a digital future that puts humanity at the heart of the Internet.  But to do this we need your help.

Help send the message that to close the digital divide we’ll need new ways of working, new ways of thinking, and new policies support it all.

Much of what we are speaking on at WTDC serve as real-world examples of the kinds of things we need policy and decision makers to support – community networking being a key focus.

We will keep you up-to-date on what is happening and what we need to do next the conference.

Here’s how you can help:

Take part in a Pre-Event Roundtable

On Sunday, October 8, 17:20 UTC (4:20 PM Argentina Local Time) Internet Society’s Vice President, Global Engagement Raúl Echeberría will speak on the importance of community networks at a Pre-Event-Private Sector Roundtable on Partnering for the SDGs. Watch it here.

 Share Raul’s Blog

Raul’s wrote a critical blog to launch our WTDC message.  Please share it across your channels.

“Every Connection Matters – Shape Tomorrow and Help Close Digital Continue reading

“Keep those eyebrows up!” – Cybersecurity at the Global Women’s Forum