Internet Society - News Headlines

Abbonamento a feed Internet Society - News Headlines Internet Society - News Headlines
Working for an Internet that is open, globally connected, and secure.
Aggiornato: 2 ore 21 min fa

Stakeholder Workshop Held to Discuss Tajikistan IXP

Mar, 20/11/2018 - 13:45

The Internet Society in conjunction with the Open Society Institute Assistance Foundation – Tajikistan and the CAREN3 project organised an IXP workshop on 25 October 2018 at the Center of Written Heritage of the Tajik Academy of Sciences, in Dushanbe, Tajikistan. This followed on from a previous workshop held in 2017, and brought together nearly 30 stakeholders from local ISPs, civil society, and academia to discuss progress on the establishment of an Internet Exchange Point in Tajikistan.

I opened the workshop by summarising the IXP Environment Assessment report for Tajikistan that was commissioned by the Internet Society in 2017. This highlighted that Internet usage was below average for the region, and partly contributed to the low levels of economic growth in the country. The number of Internet users is estimated at between 15-40% of the population, Internet services are costly, and areas outside of the main cities do not have good access to broadband.

Internet uptake and use has been constrained by a variety of different factors, some of which are related to the geographic conditions (such as the landlocked mountainous nature of the country), and these have led to high prices for international capacity, high cost of services for the public, and lack of carrier-neutral local hosting.

Other constraints include limited competition amongst transit providers, high taxes imposed on ISPs, but in particular the requirement to use a single international gateway operated by Tajiktelecom. However, there has previously also been a reluctance for local ISPs to cooperate, as this was viewed as damaging to their business models, even though there is substantial evidence from other countries around the world that IXPs reduce costs and lead to growth of the local Internet.

There was further input from Robert Janz (University of Groningen & CAREN) who highlighted how the expense and technical constraints imposed upon CAREN and the National Research and Education Network TARENA was significantly hampering some of the excellent research that was happening in Tajikistan, but which also relied on international cooperation.

Tarik Sahovic (World Bank) then outlined the Digital CASA project which aims to implement cross-border connections to improve broadband internet connectivity in the landlocked countries of Central Asia and parts of South Asia by encouraging private sector investment in infrastructure. The implementation of IXPs are seen as a key aspect of this to reduce transit costs, improve transmission latencies, and encourage local content provision, but the regulatory regime within Tajikistan was currently hampering the opportunities this offered.

The keynote speaker was Aziz Soltobaev (ISOC Kyrgyzstan) who discussed the challenges of setting-up the KG-IX Internet Exchange in Bishkek, but also the soon-to-be deployed Ferghana Valley Internet Exchange Point (FVIXP) that will be based in Osh and will improve connectivity in the south of Kyrgyzstan. He explained there had been inflexible regulatory regime within their country as well, but a collective and sustained lobbying effort from the Internet community had encouraged changes that had achieved substantially improved connectivity and much cheaper prices.

This was followed by round table discussions amongst the IXPs and other stakeholders present, who agreed that an IXP was needed in Tajikistan, and felt the location and technical implementation would be quickly agreed if the regulatory environments were conducive to this. It was recognised there were significant issues with the regulatory regime and incumbent operator, but there are officials sympathetic to improving the Internet connectivity issues, and there were also government targets with respect to this and implementation of e-government initiatives.

There was enthusiasm amongst the stakeholders for putting together a unified and coherent plan for the IXP, followed by some collective lobbying to explain that Tajikistan is falling behind the rest of Central Asia, how costs are inhibiting growth of its Internet, and how an IXP could dramatically improve the situation. The Internet Society was also asked whether it could help through provision of fact and figures illustrating this, along with some case studies on how IXPs have facilitated growth of the Internet in countries.

The 3rd CAREN Regional Networking Conference (CRNC2018) was also held during the preceding two days at the Tajik Academy of Sciences. This is the annual conference of the Central Asian research and education networking community, supported by the EU-funded CAREN3 project, and I took the opportunity to give a presentation on why DNS Security and Privacy is important.

The Internet Society would like to thank the Open Society Institute Assistance Foundation – Tajikistan, the CAREN3 project, and the Internet Society Kyrgyzstan Chapter for supporting this workshop, and would also like to thank the Tajik Academy of Sciences for hosting it.

The post Stakeholder Workshop Held to Discuss Tajikistan IXP appeared first on Internet Society.

Meeting Four of the Canadian Multistakeholder Process: Enhancing IoT Security

Mar, 20/11/2018 - 00:49

The Canadian Multistakeholder Process: Enhancing IoT Security meeting takes place in Ottawa today, November 20th, from 1PM-5PM EST.

This is the fourth session in a year-long series. The meetings have been convened to develop recommendations for a set of norms/policy to secure the Internet of Things in Canada and are a joint initiative of The Internet Society; Innovation, Science and Economic Development; the Canadian Internet Registration Authority; CANARIE; and CIPPIC.

Today’s session will build on the progress of the working groups, which were established during the second meeting: Consumer Education & Awareness, Labeling, and Network Resiliency. (Read the third multistakeholder meeting report.)

Register for the event or watch the livestream!

The post Meeting Four of the Canadian Multistakeholder Process: Enhancing IoT Security appeared first on Internet Society.

The Week in Internet News: The Bottom Line of IoT Security

Lun, 19/11/2018 - 16:52

The cost of IoT breaches: Companies struggling with Internet of things security are seeing a monetary impact, says WeLiveSecurity.com. About a quarter of companies struggling with IoT security have reported losses of at least US $34 million in the last two years, according to a recent survey.

International cyber deal: French President Emmanuel Macron called on other nations to join his country in an international pact against malicious activity online, reports ITworldCanada.com. Nations signing the Paris Call for Trust and Security in Cyberspace would agree to “condemn malicious cyber activities in peacetime, notably the ones threatening or resulting in significant, indiscriminate or systemic harm to individuals and critical infrastructure and welcome calls for their improved protection.” The pact, advanced at the Internet Governance Forum in Paris, was signed by 51 other countries, 224 companies, and 92 non-profits and advocacy groups. But the U.S., Russia, and China declined, ZDNet notes.

Booted from social media: In a three-week period, Chinese censors have deleted nearly 10,000 social media accounts operated by the country’s residents, reports the South China Morning Post via Yahoo News. Accounts shut down include those of a talk show celebrity and an entertainment blogger. The Chinese Cyberspace Administration also warned social media services Weibo, China’s version of Twitter, and WeChat for their “irresponsibility and lax management” and for “creating chaos.”

Not again: The Indian region of Jammu and Kashmir has seen 112 Internet shutdowns since 2012, reports The Tribune of India. That number includes 52 shutdowns in 2018 alone. Meanwhile, the Hindustan Times suggests that Internet shutdowns don’t really work. “We certainly cannot punish entire populations of a region, deprive them of Internet access to secure their safety,” the authors write. “Restrictions on rights, when left to unaccountable systems, ultimately increase in severity as they become a normalised implement of administrative control.”

Do you know the risks of what you’re buying? Get IoT smart!

The post The Week in Internet News: The Bottom Line of IoT Security appeared first on Internet Society.

El Buen Fin: Tips to Shop Smart

Ven, 16/11/2018 - 14:47

Last week I had the opportunity to participate in the first edition of the International Internet and Entrepreneurship Forum (FIIE), in Monterrey, Mexico. The event was convened by NIC Mexico and other organizations of the Internet community of Latin America and the Caribbean as part of the activities of INCmty, an entrepreneurial festival with several years of tradition. The intersection between both topics is a fertile ground for reflection, especially in relation to the security of Internet of Things (IoT) devices.

IoT for Innovation and Entrepreneurship

The Internet has been known as a technology for facilitating innovation and entrepreneurship. The pace of technological development, together with the evolution of the Internet, has given rise to new solutions that seek to make life easier. Such is the case of the various devices connected to the Internet, which form the Internet of Things ecosystem.

Therefore, one of the issues addressed during the Forum was the role of IoT devices in the entrepreneurial ecosystem in the LAC region. There I took the opportunity to share the Internet Society’s vision of IoT security: we want people to benefit from the use of these devices in a trustworthy environment. The issue is particularly relevant to the local environment taking into account that Mexico will celebrate “El buen fin,” a period known for shopping discounts, akin to Black Friday in the United States.

Basic Tips to Shop Smart

Among the discounted items of “El buen fin” are “smart” devices, which offer features that include Internet access. While such devices are focused on making people’s lives more comfortable, it’s worth taking into account security recommendations before purchasing products that can generate headaches and worse.

We must take into account that each IoT device we use in our home or office is part of the global Internet – by the mere fact that it’s turned on and connected. As users we have an important responsibility to help protect ourselves…and the Internet.

Here’s what we can do before and after we buy IoT products to help make them secure:

  • Learn to shop smart, especially for connected devices.
  • Update your devices and its applications.
  • Turn on encryption if available.
  • Take steps to make your home network more secure.
  • Use a strong password.

The connected future is here. Let’s make sure it’s secure. #GetIoTSmart

The post El Buen Fin: Tips to Shop Smart appeared first on Internet Society.

Route Leak Causes Major Google Outage

Gio, 15/11/2018 - 19:00

Google recently faced a major outage in many parts of the world thanks to a BGP leak. This incident that was caused by a Nigerian ISP – Mainone – occurred on 12 November 2018 between 21.10 and 22.35 UTC, and was identified in tweets from the BGP monitoring service BGPMon, as well as the network monitoring provider Thousand Eyes.

Google also announced the problem through their status page:

We’ve received a report of an issue with Google Cloud Networking as of Monday, 2018-11-12 14:16 US/Pacific. We have reports of Google Cloud IP addresses being erroneously advertised by internet service providers other than Google. We will provide more information by Monday, 2018-11-12 15:00 US/Pacific.

In order to understand this issue, MainOne Inc (AS37282) is peering at IXPN (Internet Exchange Point of Nigeria) in Lagos where Google (AS151169) and China Telecom (AS4809) are also members.

Google (AS15169) advertise their prefixes (more than 500) through the IXPN Route Server, where PCH (Packet Clearing House) collects a daily snapshot of BGP announcements of IXPN. Unfortunately, 212 prefixes (aggregates of those 500+ announcements) from Google were leaked, which was recorded by BGPMon and RIPEstat.

Looking at the RIPE stats it is evident that the first announcement via MainOne Inc (AS37282) was recorded at 21:12 UTC and the issue lasted for more than an hour:

As per the tweet from BGPMon, the issues lasted for 74 minutes:

Looking at the circumstances around this incident, it’s likely this was an inadvertent leak from MainOne caused by a configuration mistake. A Google representative is quoted in ArsTechnical as saying “officials suspect the leak was accidental and not a malicious hijack”, and also added that the affected traffic was encrypted which limited the harm that could result from malicious hijackings.

Later in the same day, the MainOne Twitter account posted on the BGPMon analysis thread, accepting the mistake and assuring the world that corrective measures are now in place:

So this was a configuration mistake that was quickly rectified and didn’t cause any reported financial damage (even though service outages do cause financial and reputational damage to the service provider and its users), but it does demonstrate the problems that can be caused by accidental mistakes, and especially how an actor with bad intent could do a great deal of damage  as with the Amazon Route 53 hijack. It therefore illustrates why greater efforts need to be made towards improving the security and resilience of the Internet.

This BGP leak could have been easily avoided if proper prefix filtering had been undertaken by MainOne (AS37282) or China Telecom (AS4809). It is very difficult for the networks in the middle to block such leaks, because the prefixes are still legitimately originating from the correct AS number (in this scenario AS15169 – Google).

As mentioned in many previous blogs, Mutually Agreed Norms for Routing Security (MANRS) can be part of the solution here. It calls for four simple but concrete actions that ALL network operators should implement to reduce the most common routing threats, including filtering which prevents the propagation of incorrect routing information (the other three are anti-spoofing, address validation, and global coordination).

Network operators have a responsibility to ensure a globally robust and secure routing infrastructure, and your network’s safety depends on a routing infrastructure that weeds out accidental misconfigurations and bad actors. The more network operators who work together, the fewer incidents there will be, and the less damage they can do. It’s time to implement the MANRS actions now!

The post Route Leak Causes Major Google Outage appeared first on Internet Society.

In Azacualpa, Honduras: “Smart Communities” Help Preserve Collective Memory

Gio, 15/11/2018 - 15:04

Access to the Internet can change people’s lives for the better. This is particularly true when communities take ownership of that access and take full advantage of it to improve their quality of life. This has been the case in the community of Azacualpa, a village in Intibucá in Honduras.

In Azacualpa, the members of the community took on the task of developing and implementing the project “Smart Communities” in order to reduce the digital divide – and preserve their collective memory. The project, which is part of the Internet Society’s Beyond the Net program, finds its origin in “Radio Azacualpa – The Voice of Women,” a community radio station that started in 2017.

By 2018, Smart Communities expanded its reach by impacting the nearly 400 families that inhabit the Azacualpa Valley. To achieve its objectives, the team divided the tasks into three main groups: administrative aspects, project governance, and technical aspects. The three working groups were accompanied by the Honduras Chapter of the Internet Society and the organization Sustainable Development Network Honduras (RDS-HN).

The participation of the community was fundamental. In addition to promoting a consultation with the community, the project facilitators promoted training in communications so that community members had the necessary tools to develop local content.

According to Eduardo Tomé, leader of the project, the deployment of the community network of Smart Communities is part of the efforts to increase diversity on the Internet: “Something we maintain is the importance of community networks and reaching those people that are not connected, to create a truly plural Internet. We cannot consider the Internet a global community until all sectors are present and represented”.

In this way, Smart Communities improved the communication of the families of Azacualpa, facilitated the installation of a telecentre, and significantly reduced the digital divide. These results were shared with the Latin America and the Caribbean community through a webinar which took place during October 2018. In 2019, there is a plan to expand the reach of the network and maintain training to the community to continue developing local content, as well as a training program for the network to have a sustainable business model.

Read more about the Azacualpa community and how they’re using the Internet to help preserve their traditions: How the Lenca Are Restoring the Past to Build Their Future and Las Marías of Azacualpa: Internet for Raising Women’s Voices.

Help build a digital future that puts people first. #SwitchItOn

The post In Azacualpa, Honduras: “Smart Communities” Help Preserve Collective Memory appeared first on Internet Society.

Inspecting Gadgets: Don’t Forget the Asterisk When Buying Smart Devices

Mer, 14/11/2018 - 17:59

As we approach the holiday buying season, excitement is building for all the new IoT gadgets – “smart” everything for the home, fitness/health trackers and a plethora of connected children’s toys. But this excitement should come with a giant asterisk:

* Are these products safe?

We’ve all seen the horror stories – hacked baby monitors, vulnerable door locks, robot vacuums turned into roving surveillance devices and connected toys pulled from shelves.

Clearly these gadgets need further inspection. This week the Internet Society has joined with Consumers International and Mozilla to advocate for a set of five minimum security and privacy standards IoT manufacturers should follow to improve the safety of their products. Mozilla has incorporated these into their evaluation of 70 products in the latest version of Privacy Not Included, their holiday IoT buyer’s guide. More detailed explanations of the guide and evaluation criteria are also available.

These minimum guidelines are great start to improve IoT security and privacy. They are a subset of our IoT Trust Framework, which comprehensively addresses key security, privacy and lifecycle principles that should be incorporated into IoT offerings. Manufacturers can use this list of principles to practice “trust by design,” resellers can use it as a checklist for determining which products to carry, and policymakers can use it to inform decisions regarding IoT security and privacy.

We are committed to helping improve safety and trustworthiness in IoT products. Check out our #GetIoTSmart page for consumer and enterprise IoT safety checklists and to keep up to date on our latest IoT activity. And in the meantime, before you buy, be sure to inspect those gadgets.

Do you know the risks of what you’re buying? Get IoT smart!

The post Inspecting Gadgets: Don’t Forget the Asterisk When Buying Smart Devices appeared first on Internet Society.

U.S. R&E Community Embraces Routing Security

Mer, 14/11/2018 - 15:00

The Internet Society participated in a Routing Security Workshop that was held during the Internet2 Technology Exchange 2018 on 15 October 2018 in Orlando, United States. The research and education networking community has been one of the key targets of the MANRS initiative that is promoting adoption of best practices to reduce threats to the global routing system, and this community workshop followed on from a previous engagement we had with Internet2 and a number of other R&E networks in the US earlier in the year.

Internet2 interconnects R&E institutes across the United States in conjunction with regional and state networks, so we see them as a key partner in raising awareness of the routing security issues, as well as encouraging the adoption of the four MANRS principles. Indeed, one of the aims of MANRS is for network operator communities to take ownership of this process by generating awareness and disseminating best practices, along with making recommendations for improvement. So this workshop was a fantastic step in this direction.

Another positive step was Internet2 formally becoming a MANRS participant shortly before the workshop, follow in the footsteps of ESnet, CAAREN, KanREN, George Washington University, Indiana University, and DePaul University. WiscNet subsequently also joined, which brings the total number of R&E networks participating in MANRS to nearly 30.

Around 50 participants attended the workshop, where the opening presentation was provided by myself (Kevin Meynell). This highlighted how the global routing system is constantly under attack, and provided some statistics on who the outages were affected, and who were the potential culprits. It also made the point that whilst more than 60,000 Autonomous Systems make up the Internet, only about 10,000 are considered part of the core, which means routing security can be greatly improved even if only a relatively small percentage of these adopt the MANRS principles.

The remainder of the workshop covered how to implement some of the routing security best practices, including the importance of Internet Routing Registry (IRR) updates, implementation of RPKI and uRPF, as well as how to implement BGP FlowSpec to implement packet filtering in order to mitigate Distributed Denial of Service (DDoS) attacks. There was also an interesting presentation on the Legal Barriers to Securing the Routing Architecture, followed by a discussion on what routing security means to Internet2 members implementing the next generation Internet.

Our colleague Ryan Polk assisted by Fabio Erdos also took the opportunity to interview the representatives of several MANRS participants attending the Internet2 Technology Exchange, to get their views on the routing issues they had encountered, how they were supporting routing security best practices, and why supported the MANRS initiative.

We would like to thank all those who agreed to be interviewed, Paul Howell, Anita Nikolich and Grover Browning who organised the workshop, and Internet2 for hosting it.

Further Information

The post U.S. R&E Community Embraces Routing Security appeared first on Internet Society.

We Won’t Save The Internet By Breaking It

Mar, 13/11/2018 - 12:30

On the anniversary of the armistice ending the First World War, more than 40 countries stood together for security online by signing the Paris Call for Security and Trust in Cyberspace. The call, which sets out a list of challenges the world needs to tackle, seems to be promising on paper. From hacking to harming the public core – all of this needs to be addressed. And it needs to be addressed urgently.

Others signed the call too. The Internet Society signed because we believe it is a continuation of calls we have made before. It maintains that solutions to Internet issues must be developed together with other Internet stakeholders — each performing its role, and all working collaboratively.

This approach is what allows the Internet to thrive and is key to the ultimate success of this call. Open, decentralized, and distributed. It’s not the traditional multilateral way of doing things, but it is the Internet way – the only one that can work.

There are real and pressing Internet security concerns. It’s critical that signatories to the call do not imagine they can address the concerns alone. The Internet depends, as a technical fact, on co-operative voluntary action, so unilateral action puts the Internet at risk. Countries, organizations, and individuals have a choice to make. We can pursue national or parochial interests, and eat away at the easy connectivity that makes the Internet an engine for growth and development. Alternatively, we can set aside those interests to take actions together to improve the security of the Internet, recognizing that our collective will and creativity, in the service of all humans, can defeat the attackers and continue to build the Internet for everyone.

Lately, we’ve heard a siren song of greater online regulation to make us safe, targeting everything from cyber-attacks and election interference to intellectual property theft and barriers to Internet access. The story is appealing: the Internet, once a force for good, is being subverted by evil-doers who must be stopped. Governments have a responsibility to protect the people in their society and have always done so. To protect people from online threats, the story goes, governments must act to protect their citizens.

It is, of course, true that governments should protect their citizens, and that they are the only ones in a position to offer such protections. It does not follow that every protective measure a government tries is one that will work. Some of them may even do harm.

The Internet connects people because of its open, distributed, and interoperable design. Each network that connects to the Internet then also becomes part of the Internet. Together these networks are richer, more reliable, and more valuable than any would be alone. And of necessity, they gain that value without the requirement for pre-existing contract or careful geography-based controls on connection. Attempts to impose such controls are, in effect, attempts to break the Internet.

Similarly, the Internet works at multiple layers. The layers that provide connectivity, for instance, work without attending to the content they are carrying. This kind of separation of responsibility is a hallmark of modern network design, and the Internet relies on it. Policies that do not respect these technical distinctions – policies that might mix issues of content and network neutrality, for instance – are damaging to the Internet. We are more likely to avoid such mistakes when we involve all stakeholders.

This all means that working together isn’t just effective. It’s necessary. Since all control on the Internet is distributed as a feature of the technical design, no actor or single group on the Internet – not industry, not governments – can solve the challenges alone. Distributed operation is what makes the Internet robust. That feature presents security challenges that are different than what’s found in other kinds of technology. Therefore, the only way to stay on top of evolving challenges around cybersecurity is by using the collaborative and distributed approach to decision-making – what allowed the Internet to thrive in the first place.

None of this, of course, means that every regulation that could possibly touch something connected to the Internet is automatically wrong. Many services that we use on the Internet (virtually every social media service, for instance) are closed systems that really operate on top of the Internet. It is possible that effective social responses to some of the challenges arising from those systems can be addressed in part through appropriate regulatory frameworks. But hasty action, unilateral movement, and attempts to legislate values along national lines are as likely to break the Internet as they are to address social issues arising from Internet use.

Those attacking through the Internet alter their approaches to work around obstacles, and most regulatory responses are likely merely to look like obstacles. The attacks evolve. Internet security needs to do the same. Operators must learn new security approaches that do not depend on secure perimeters. Services must be designed to depend on minimal, compartmentalized user information. Governments must learn how to defend their societies in the face of asymmetric and adaptive attacks and must give up on the illusion of central control. Systems developers and standardizes must treat the urgent security challenges as an opportunity for new technical inventiveness, and vendors must bring those new inventions to market. Platform operators need to give users – humans – the necessary tools to defend themselves against manipulators, scammers, and attackers. This is hard work, but work that can only be accomplished by everyone who is interested in a healthy Internet working together.

The open Internet is not some utopian political promise, but a technical fact that gave us a reliable system built from unreliable parts. It did this precisely because of the diversity of the constituent networks. Unless we want to give up the Internet, we need our cybersecurity strategies to depend on the same diversity. We believe we can best tackle these issues in a new approach to the Internet Governance Forum that empowers its participants to create informed and tangible solutions that benefit everyone.

So, we support the values the Paris Call in as much as they are open, bottom-up, inclusive and collaborative. We hope those who signed on will hold those values as dear as we do. We’re here to help. We are ready to work with all of those who believe in the Internet – the true Internet – an open, globally-connected, trusted, and secure network of network that connects all of us.

Together we can protect the core principles and infrastructure of the Internet. By taking a collaborative approach to security, we can address problems at the source and make sure solutions do not have negative impacts on the architecture of the Internet. We must not try to save the Internet by breaking it, thereby denying humanity this tool that can benefit us all.

The post We Won’t Save The Internet By Breaking It appeared first on Internet Society.

IoT Offers Opportunity, But We Must Also Advocate for Privacy

Lun, 12/11/2018 - 20:13

Our world is evolving exceedingly fast these days. Within the last few years in what has been coined the fourth industrial revolution we have witnessed evolutionary developments. One of those fascinating advancements concerns the everyday things and devices now connected to the Internet, also known as the Internet of Things (IoT). However, while every invention brings brand new exciting opportunities, it also entails disadvantages and may result in possible adverse consequences, if the disadvantages are not taken notice of.

Certainly IoT first and foremost provides an opportunity for a more comfortable and organized life. People may enjoy the chance to not preoccupy themselves with, for instance, managing their morning routines that may include waking up at a specific time, preparing the breakfast, and so on. Nowadays when your alarm clock can be connected to the thermostat and the latter has the information about the heavy snowfall of the night, the alarm can automatically readjust itself to wake you up an hour earlier than planned so that you manage to get to work on time.

Other examples may include smart scheduling programs or fitness tracking watches. As a runner, I personally am at ease realizing that I do not have to calculate my average pace after every kilometer as my tracking device will do that for me. Similarly, as a lawyer, I may concentrate on my legal cases and do not worry about managing my schedule as my watch, email, and calendar are able to “talk” to each other and harmonize the changes that may occur.

Now imagine that your smart watch is hacked and you are located through your regular running routines that are revealed through the GPS data on the watch. Or your data is stored without your knowledge and consent – moreover, commercialized and sold. That is why it is essential to #GetIoTSmart and to know how to protect your rights while enjoying the advantages of IoT.

In 2016 I was selected as an Internet Society Youth@IGF2016 Fellow and had the privilege to participate in the Internet Governance Forum 2016 in Mexico. This experience enabled me to enlarge my knowledge in the Internet Governance as well as in the human rights implications related to technological developments. Personally placing much importance and value in my privacy, I realized that our privacy and data are one of the most vulnerable human rights aspects in this context. Therefore, I believe it is crucial to advocate for a more profound privacy protection.

Currently tech companies are in a rush of producing a bigger variety of IoT devices. To my mind, this haste may significantly affect the privacy and security of the devices.

Article 8 of the EU Charter of Fundamental Rights enshrines that everyone has the right to the protection of their personal data, access to data which has been collected concerning them, and the right to have it rectified. Further, with the enactment of the EU General Data Protection Regulation (GDPR) in May, 2018 that also applies to the IoT; both the data collectors and data processors located either in the EU or abroad dealing with EU citizens’ data are bound by privacy rules. The latter entails the approach of privacy by design and by default. In other worlds, it is much stricter than the previous EU directive. Moreover, while the GDPR aims at aligning the data protection laws in EU member states, the ePrivacy Regulation’s (not in force yet) goal is to align the online privacy rules in the member states. Thus, these developments in the European Union are undoubtedly significant steps towards achieving the goal of data protection.

In short, IoT has ample untapped potential. Nonetheless, similar to the developments in the EU, the states across the globe should adopt data protection laws that will apply to IoT, making them more secure and protected.

Do you know the risks of what you’re buying? Get IoT smart!

The post IoT Offers Opportunity, But We Must Also Advocate for Privacy appeared first on Internet Society.

The Week in Internet News: China Wants Fairer Internet, More Control

Lun, 12/11/2018 - 14:00

China wants fairness: Chinese President Xi Jinping called for international cooperation to make the Internet more “fair and equitable,” while also asserting the Chinese government’s authority to shape it, Reuters reports. Xi has pushed for his country’s “cyber sovereignty” while promoting “core socialist values” online. Chinese officials also promoted the idea that each country should choose its own Internet “governance model,” The Star says.

Drones for broadband: A U.K. company has begun using drones to build fiber broadband networks in remote areas, reports Computer Weekly. Openreach is using drones to lay fiber in remote areas of the Scottish Highlands, where river gorges have previously presented a challenge.

Encrypted chat busted: Dutch police have found a way to infiltrate IronChat, an encrypted chat service running on proprietary hardware, Gizmodo says. The police were able to read 258,000 messages on the service, which costs about US$1,700 for a six-month subscription. News reports suggest the encryption wasn’t as strong as the vendor may have claimed.

Saving the Web: World Wide Web creator Tim Berners-Lee has been pushing a new Contract for the Web, in hopes of defining the responsibilities that governments, companies and citizens each have on the Web. Shortlist.com examines his efforts, which include plans for publishing a new contract in mid-2019.

It gets worse: Internet of Things security will get worse before it gets better, because of the millions of poorly designed devices that have been rushed to market, ZDNet suggests. Many millions of devices are operated by users who have no idea they need better security, the author says.

Artificial news: China’s state-run news agency, Xinhua, plans to deploy a digitally generated news anchor to report the news in both Chinese and English, Newatlas.com says. The goal is to save employment costs of real talking heads. There appears to be some Artificial Intelligence component to the digital anchor, but so far, he lacks sophistication, the story adds.

Around the world, people are reacting to security challenges with laws to regulate technology – interventions that risk breaking the Internet. Instead, the collaborative approach is essential for cybersecurity. #DontBreakTheInternet

The post The Week in Internet News: China Wants Fairer Internet, More Control appeared first on Internet Society.

Global Cybersecurity and the Internet Conundrum

Dom, 11/11/2018 - 08:00

Today marks the 100th anniversary of the armistice that ended the first World War. The 1918 ceasefire re-introduced a fragile peace that had collapsed when the world failed to defend common rules and international cooperation. International security and stability are as important now as they were a century ago.

That’s why French President Emmanuel Macron and leaders from around the world are about to gather in Paris for the first Paris Peace Forum. The forum will attempt to pave a way forward for a world that is shifting and changing faster than most of us can keep up with. That change and shift, and the speed of it is enabled by the Internet.

That is why the Internet Society is participating in the Forum.

I will be in Paris to speak on a panel about creating peace in cyberspace. Cybersecurity concerns across the world are real and justified and need to be addressed. We believe that the collaborative approach that helped to drive the growth of the Internet and allows it to thrive is essential for establishing cybersecurity.

The essence of a collaborative approach is that it allows stakeholders to create a shared vision for security.

The Shared Vision

At the Paris Peace forum there will be many places where we will talk and try to converge on a shared vision

For example, we  support the work of the Global Commission on the Stability of Cyberspace (GCSC) – for which I am allowed to serve as commissioner. The GCSC has developed the “Call to Protect the Public Core“.  In fact, in the lead up to the Paris Forum, the GCSC  introduced six more norms towards cyber stability.

But while a shared vision is necessary for successful collaboration, it is not sufficient. We need to get to action.

Securing Cyber

Implementing the cybersecurity vision doesn’t come from a single technical fix or upgrade, nor will it come from a treaty or declaration. Improving security is done in a highly distributed way with the responsibility in the hands of many. This means participation not only by policymakers and a few companies from Silicon Valley, but millions of security practitioners, developers, implementers, protocol developers, network operators, civil society groups, and researchers.

And as we work to secure the broader cybersecurity environment, we have to make sure that we do not break the Internet along the way.

Can You Actually Break the Internet?

In short: specific regulatory or even technical interventions may break the Internet.

And now for a longer explanation of what that means.

For the Internet Society, the Internet (capital I) is the open network of networks voluntarily interconnecting to deliver connectivity globally. This network of networks enables those that connect to develop and deploy applications.

A metaphorical description of the Internet Architecture is an hourglass.

The sand in the bottom half is the physical infrastructure that makes the Internet work. It is the network of networks each making their own competitive and technical choices to compete in the market of offering connectivity.

The sand in the top half of the hourglass is made of Internet applications like social media, blockchain, email, messaging, and all the all the apps we use in our daily lives.

While the top and bottom parts of this hourglass need each other for the hourglass to work, they are very loosely coupled and their interaction is limited. Basically, they are the two most co-dependant strangers you will ever come across.

The thin funnel at the center of the hourglass contains the protocols and technologies that provide the ability for the applications in the top half of the hourglass to benefit from a single global Internet. The Internet Protocol (IP), the global Domain Name System (DNS), various transport protocols such as the Hypertext Transport Protocol (HTTP), and global authentication and encryption infrastructure provide the ability to interoperate and establish a baseline of trust that allows all of these applications to flourish.

The beauty of the Internet is that the technology is agnostic. The bottom half and funnel of the hourglass have no idea what is running above it – whether it’s an email to your mom, a cat picture to Instagram, or a million rupee transaction.

It is the loose coupling between the top and bottom of the hourglass, that offers the ability to invent new applications without having to negotiate with the network; the networks do not need to have detailed knowledge about the working of the applications, and the applications do not have to understand the workings of the networks. Without this property of permissionless innovation, inventions like the World Wide Web, messaging apps, or Blockchain would likely not have been possible.

Losing out on either global connectivity or permissionless innovation will impact the ability that the Internet brings for social and economic prosperity.

A growing number of countries are putting these opportunities at risk by proposing policies or laws to regulate technology in the bottom half of the Internet hourglass in reaction to security challenges appearing on the top half of the hourglass. An example of this would be a law that restricts Internet connectivity in reaction to concerns about social media content. It is these kinds of policy approaches that worry us – while individual measures may not immediately break the Internet, they will lead us down a path where we find that we have lost the properties that make the Internet what it is. It will no longer be a global network of networks, but a tightly controlled tool where someone else is in charge of what we see and do.

We may think that pulling a hair or two is OK, but at some point, we’ll be bald.

Back to the Paris Peace Forum.

In Paris, we join a vision for a secure society in which the Internet plays a major role.

That vision calls for action.

  • Action that is deliberate, distributed, and takes a global perspective.
  • Action that is already ongoing all across the Internet technical community.
  • Action in which regulation, tax, and other government tools have a role but are not the only tools in the box.
  • Action that attempts to address issues at the appropriate layer – the half of the hourglass where the problems arise.
  • And most important: Actions that do not break the Internet itself while also addressing the legitimate needs of society.

The Internet Society CEO, Andrew Sullivan, recently summarized this as, “We must not save the Internet by breaking it, denying humanity this tool that can benefit us all.”

Tweet your support for an Internet that’s for everyone! #DontBreakTheInternet

The post Global Cybersecurity and the Internet Conundrum appeared first on Internet Society.

Making the Case for Community Networks at Africa IGF

Ven, 09/11/2018 - 16:03

Who supplies your Internet? If you live in urban Africa, you probably get Internet access through your mobile phone or through fibre at the office or home. When you travel to rural or underserved areas, there is probably limited or no Internet because mobile network operators and Internet Service Providers (ISPs) have yet to reach these areas. But what if people in rural and underserved areas could build their own networks to provide the telecommunications services that they need?

This notion has been tried successfully in several African countries. In Kenya, Tunapanda Institute has built TunapandaNET a wireless network connecting schools and youth centres in Kibera, Kenya’s largest slum. Bosco is a solar-powered wireless network that connects community ICT centres in Gulu, Northern Uganda. PamojaNet operates a wireless network to the community in Idjwi Island on lake Kivu, Eastern DRC, close to the border with Rwanda. Others such as Machaworks in rural Zambia and Zenzeleni Networks in Eastern Cape of South Africa provide similar services. These networks have been built by local communities to provide access to both offline content and Internet access where possible to the communities that they serve.

During a session at the 2018 Africa Internet Governance Forum in Khartoum, participants learnt about three community-owned networks, namely: Zenzeleni, Machaworks, and Pamojanet. They discussed their operational realities and success factors.

The network infrastructure is wholly owned by the community. For example Zenzeleni Networks has a data centre in the closest city, long distance WiFi links, and two towers which serve 10 business clients and 35 public hotspots. Pamojanet infrastructure was built by locals who provided time, resources, labour, and expertise using locally available materials on the island to fabricate, transport, erect, and install the masts that host the wireless network antennas. With such successful stories of people collaborating and investing their limited resources to change their own quality of life, many of the participants wondered whether this was a viable business model.

Social Entrepreneurship

The community networks have adopted different strategies to break even. Zenzeleni had grown to incubate small ISPs supplying Internet at cost to local villages. Zenzeleni also provides training, legal and regulatory support, maintenance support, as well as wholesale negotiation for the smaller networks. After a few years of operations, the ISP started in Mankosi now has surplus that they have reinvested in the network. About $100,000 had gone to operating expenses and $36,000 to infrastructure. 40% of the expenses were paid from client contributions while the rest was funded by donors and government.

In the case of Machaworks, the network could not sustain itself solely through provision of Internet services. It had to develop other revenue streams such as a nursing school, an international school for children of rural professionals, and a craft shop. Tunapanda is 80% sustained through offering services such app development, market research, corporate trainings, and human-centered research for local and international organizations. Pamojanet covers 60% of their costs from clients. They have networked a local hospital and trained staff on use of tablets and a patient management system.

Community networks do not subscribe to the typical commercial business model. They also answer to social needs within their communities to improve the quality of life in the community. People living within their coverage are gaining digital literacy skills, learning about network maintenance, and financing new businesses from the money made through the economy created from the community networks. Most importantly, locals own, protect, and grow the networks. It is truly a bottom up approach to development.

Challenges

Not all is rosy with these community networks. Fred Mweetwa from Machaworks describes running a community network as a calling. “You have to be fully invested in the community in order to get the community to build something for themselves. Running the network requires a lot of adaptation to align activities with the local culture, community processes, and methods”. Patrick Byamungu, manager of Pamojanet, agrees. His village in Idjwi Island is close to the border with Rwanda. As the terrain is challenging, they get their data from Rwanda at a very high cost owing to international tariffs. Carlos Rey-Moreno states that it is important for the networks to own their own infrastructure so that they can charge for services at cost. However, network equipment is expensive and often has to be imported. The import taxes and duties for telecommunications equipment are often very high in most countries.

Other challenges facing the networks include lack of electricity, high cost of end-user devices, and compliance with various regulations. Community networks require licenses from communications regulators as well as business licenses from local authorities. As the networks grow, they also require Internet number resources from Regional Internet Registries (RIR). Unfortunately, most of the regulatory regimes were created with commercial players in mind. Their requirements are prohibitive to small social enterprises like community networks.

Support Needed

The community networks presented during this session showed that there are alternatives to connecting the unconnected as aspired to in the sustainable development goals. They are a model that could be scaled up if more governments took a proactive approach on efficient use of underutilised telecommunications resources such as unused spectrum, towers and masts of national broadcasters, public funded fibre networks, etc. for use in underserved areas. They could also be funded by universal service funds which are in most countries reserved for use by mobile network operators.

Beyond provision of resources for setting up these networks, there is also need for more accommodative licensing frameworks for the social enterprises. On this issue, Carlos Rey-Moreno from APC inquired whether relevant authorities demanded architectural designs and structural drawings for rural domestic house structures as they would for urban commercial structures. Therefore, subjecting community networks to stringent licensing requirements only increases the cost of delivering access without due consideration the operating realities of the targeted areas. At the same time, the regional Internet registry, AFRINIC, could also offer discounts for community networks requiring resources to advance Internet access in unconnected areas. Governments could also reduce taxes for importation of equipment for use in setting up networks in underserved areas.

The Internet is among the greatest advancements of science in our time but over half of people in Africa cannot access or afford it. For many years, efforts to connect the unconnected have focused on expanding the reach of commercial service providers to underserved areas. Community networks shift this paradigm as the unconnected reach the nearest point of the Internet. They deserve our support.

Learn more about community networks and then let’s work together to #SwitchItOn.

Image ©PamojaNet

The post Making the Case for Community Networks at Africa IGF appeared first on Internet Society.

IETF 103, Day 4: Trusted Systems, IoT & IPv6

Mer, 07/11/2018 - 23:00

This week is IETF 103 in Bangkok, Thailand, and we’re bringing you daily blog posts highlighting the topics of interest to us in the ISOC Internet Technology Team. Thursday actually represents the last day of the meeting this time, although there’s still several sessions to draw attention to.

SUIT is meeting first thing at 09.00 UTC+9. This is considering how the firmware of IoT devices can securely updated, and the architecture and information models for this will be discussed. There are three other drafts relating to manifest formats that are the meta-data describing the firmware images.

NOTE: If you are unable to attend IETF 103 in person, there are multiple ways to participate remotely.

DMM is the first of the afternoon sessions at 13.50 UTC+7, and there are several IPv6-related drafts under consideration. Proxy Mobile IPv6 extensions for Distributed Mobility Management proposes a solution whereby mobility sessions are anchored at the last IP hop router, whilst Segment Routing IPv6 for Mobile User Plane defines segment routing behaviour and applicability to the mobile user plane behaviour and defines the functions for that. There’s also three updated drafts on 5G implementations which may interest some.

To round off the week, there’s a choice of two sessions starting at 16.10 UTC+7.

ACME will be focusing on the ACME TLS ALPN extension that allows for domain control validation using TLS, and Support for Short-Term, Automatically-Renewed (STAR) Certificates. It will also consider how ACME can support TLS certificates for end-users.

Alternatively, 6TiSCH will be focusing on the specification for a combining a high speed powered backbone and subnetworks using IEEE 802.15.4 time-slotted channel hopping (TSCH). The 6top protocol that enables distributed scheduling is now heading for publication as an RFC, and there are also updates to the description of a scheduling function that defines the behavior of a node when joining a network and to define a security framework for joining a 6TiSCH network. If there’s time, a method to protect network nodes against a selective jamming attack will be discussed.

With that, IETF 103 comes to a close and we say Sà-wàd-dee to Bangkok. Many thanks for reading along this week… please do read our other IETF 103-related posts … and we’ll see you at IETF 104 which is being on 23-29 March 2019 in Prague, Czech Republic.

Relevant Working Groups

The post IETF 103, Day 4: Trusted Systems, IoT & IPv6 appeared first on Internet Society.

IETF 103, Day 3: DNS Privacy, TLS & IoT

Mar, 06/11/2018 - 23:00

This week is IETF 103 in Bangkok, Thailand, and we’re bringing you daily blog posts highlighting the topics of interest to us in the ISOC Internet Technology Team. Wednesday is a relatively light day in this respect, although there’s some pretty important matters being discussed today.

DPRIVE kicks off the day at 09.00 UTC+9, and will mostly be discussing user perspectives with respect to the recently introduced implementations of DNS-over-TLS and DNS-over-HTTPS, as well as the issues of DNS privacy between resolvers and authoritative servers. There’s also a new draft up for discussion on DNS-over-TLS for insecure delegations that describe an alternative authentication mechanism without need for DNSSEC support.

NOTE: If you are unable to attend IETF 103 in person, there are multiple ways to participate remotely.

TLS holds its second session of the week immediately after lunch at 12.20 UTC+7. This will carry-on where it left off on Monday, although will be discussing a DANE Record and DNSSEC Authentication Chain Extension for TLS. The intention is to allow TLS clients to perform DANE authentication of a TLS server without needing to perform additional DNS record lookups.

Then at 13.50 UTC+7, Homenet will be focusing on Homenet Naming and Service Discovery Architecture. There’s also an agenda item for general security questions, and a demonstration of SecureHomeGateway, before moving into discussions on re-chartering the group.

For more background, please read the Rough Guide to IETF 103 from Olaf, DanSteve, and myself.

Relevant Working Groups

The post IETF 103, Day 3: DNS Privacy, TLS & IoT appeared first on Internet Society.

Internet Hall of Fame Nominations Open 1 January

Mar, 06/11/2018 - 15:28

Do you know someone who has played a major role in the development and advancement of the Internet? On 1 January 2019, the Internet Hall of Fame will open nominations for its 2019 class of inductees.

The Internet Hall of Fame was launched in 2012 by the Internet Society. With more than 100 inductees, the Internet Hall of Fame celebrates Internet pioneers and innovators from around the world who have helped change the way we live and work today. Their trailblazing accomplishments are as broad and diverse as the Internet itself; expanding the Internet’s benefits into new regions and communities, and creating new technologies and standards that were foundational to the Internet’s development and expansion.

The Internet Hall of Fame recognizes:

  • Individuals who were instrumental in the design and development of the Internet with exceptional achievements that impacted the Internet’s global advancement and evolution; or
  • Individuals who made outstanding technological, commercial, or other advances and helped to expand the Internet’s positive impact on the lives of others; or
  • Individuals who made major contributions to the growth, connectivity, and use of the Internet, either on a global scale or within a specific region that resulted in global impact.

If you know an extraordinary person who helped to make the Internet what it is today, now is the time to start planning your nomination.  For more information on the nomination process, visit: http://internethalloffame.org/nominations

If you have any questions, email internethalloffame@isoc.org.

The post Internet Hall of Fame Nominations Open 1 January appeared first on Internet Society.

IETF 103, Day 2: IPv6, NTP, Routing Security & IoT

Lun, 05/11/2018 - 23:00

This week is IETF 103 in Bangkok, Thailand, and we’re bringing you daily blog posts highlighting the topics of interest to us in the ISOC Internet Technology Team. And following on from the previous day, Tuesday also features a packed agenda.

LPWAN will be discussing whether to move to a Working Group Last Call on the Static Context Header Compression (SCHC) framework for IPv6 and UDP, that provides both header compression and fragmentation functionalities. Three other drafts describe similar schemes for SigFox,LoRaWAN and IEEE 802.15.4 type networks.

NOTE: If you are unable to attend IETF 103 in person, there are multiple ways to participate remotely.

Then at 11.20 UTC+7, IPWAVE will be focusing on updates to the specification for transmitting IPv6 Packets over IEEE 802.11 Networks in Vehicular communications, and the use cases for IP-based vehicular networks. There have also been a couple of updates to DNS Name Autoconfiguration for Internet of Things Devices and IPv6 Neighbor Discovery for Prefix and Service Discovery in Vehicular Networks, so these may also be discussed.

6MAN will be meeting at 13.50 UTC+7 and has nine drafts up for discussion. The couple of working group sponsored drafts relate to specifying a IPv6 Segment Routing Header (SRH) and how this can be used by Segment Routing capable nodes, and specifying a Router Advertisement flag to indicate to hosts that a link is IPv6-only. There are also a couple of new drafts that specify how IOAM (In-situ Operations, Administration and Maintenance) records are encapsulated in IPv6, and defining the building blocks that can be used for OAM in Segment Routing with IPv6.

The other drafts being discussed cover communicating NAT64 prefixes to clients with Router Advertisements, Updates to Requirements for IPv6 Options, Path MTU Discovery solutions, a new Path MTU Hop-by-Hop Option to record minimum Path MTU from source to destination, and IPv6 Packet Truncation procedures.

Running in parallel is SIDROPS that is discussing five drafts. RPKI Validation State Unverified proposes to introduced a new ‘Unverified’ validation state for route prefixes, whilst BGPsec Validation State Unverified proposes a similar validation states for BGPsec routes. Two other drafts introduce and define a digitally signed object into an RPKI  that provides a means of verifying that a Customer Autonomous System holder has authorised a Provider Autonomous System to be its upstream provider. That leaves a draft considering policy for dropping invalid routes – including hijacked and missing or erroneously created ROAs for route prefixes.

To conclude the day, there’s a choice of two sessions at 16.10 UTC+7.

NTP is a working group we’ve decided to cover as (amongst other things), it’s working to improve the security of the Network Time Protocol. There’s no less than 20 drafts on the agenda, although Network Time Security for the NTP specifies a mechanism for using TLS and Authenticated Encryption with Associated Data (AEAD) to provide cryptographic security for the client-server mode of NTP. Following on from this will be a review of the NTS implementations and interoperability testing.

T2TRG researches the issues of turning the IoT into reality, and will continue to discuss the State-of-the-Art and Challenges for the Internet of Things Security, the guidance for designing IoT systems using the REST architectural style, and a new data and interaction model called CoRAL (The Constrained RESTful Application Language).

For more background, please read the Rough Guide to IETF 103 from Olaf, Dan, Steve, Karen and myself.

Relevant Working Groups

The post IETF 103, Day 2: IPv6, NTP, Routing Security & IoT appeared first on Internet Society.

The Youth Internet Governance Forum India: Our Experience

Lun, 05/11/2018 - 20:58

On 12 October, the Internet Society’s India Delhi Chapter (ISOC-Delhi) hosted the Youth Internet Governance Forum (YIGF) in New Delhi, India. Adarsh Umesh and Praneet Kaur share their thoughts on the event.

Hello everyone! A special “Hi!” from our side to the youth because this blog is specially dedicated to the youth of India.

We’re very much inspired to write this blog due to the wonderful experience with the India Youth Internet Governance Forum (YIGF 2018). It was amazing to be a part of the multistakeholder advisory group and the event overall was a grand success. This would not have been possible without the consistent support from inSIG, ICANN, APNIC and the Internet Society.

The YIGF 2018 was organized as day 0 event on the 12th October 2018, a day before the India School on Internet Governance 2018 (inSIG-2018) at Indira Gandhi Delhi Technical University for Women (IGDTUW). The event was well-designed and planned with a lot of technical exposure as well as fun. It extended support to youth from all over the country to attend the event. We provided fellowships to 15 delegates from different parts across India. The fellowship covered both travel and accommodation expenses for five delegates and accommodation expenses for the other ten delegates, and we received more than 200 overwhelming expressions of interest.

The event was inaugurated by the chief guests: Samiran Gupta, ICANN GSE; Amrita Choudhury, ISOC-Delhi; Sunny (Srinivas) Chendi, APNIC; Glenn McKnight, the Internet Society Board of Trustees; Dilpreet Kaur, ICANN APAC; and Anand Raje, ISOC-Kolkata. Thanks to IGDTU also for all of their support to make the event a great success.

Samiran Gupta gave a wonderful speech on Internet Governance. It covered the basics of Internet Governance and also provided pertinent details which enabled better understanding of the Internet by the audience. This was followed by multistakeholder role play by the organizing team, titled “Connecting the Next Billion.” It was an interactive session which allowed conversation and bonding between the participants. All the stakeholder teams came up with ideas for connecting the next billion through Internet Governance.

The Internet has been identified as a key enabler of development by helping facilitate positive results in education, healthcare, agriculture, employment, commerce, and many other areas. Despite the progress achieved since the emergence of Internet, more effort is necessary in order to connect the next billions, the last billion, and to address the digital divide. Connecting these people requires not just addressing the challenges of the supply side: building the infrastructure needed to provide universal and affordable access; but also addressing the considerable challenges of the demand side: local capacity-building to enable not just adoption, but also production and consumption of localized content and services through training for all people, especially youth and disadvantaged populations, along with support for local small and medium sized enterprises.

As part of the second half of the day, the sessions started with a game called as “How the Internet Works – IPGo Game” by Sunny Chendi and Dilpreet Kaur. All the delegates enjoyed the exciting learning experience and Sunny gave a wonderful presentation which included a hands-on section involving all participants for a better experience of the Internet working process. It was a memorable activity and multiple delegates approached Sunny to carry out the game in their respective universities. The main highlights are documented below.

  • Focus was laid on how the Internet works starting from the ISPs obtaining IP addresses to real-time network deployments.
  • The concept of IP address classification, port number assignment and range issues was explained in a very understandable manner by making use of custom playing cards.
  • NAT- and URL-based naming conventions were put together and presented to the participants.
  • Lastly, the function of various bodies involved in the functioning of the modern day Internet such as IANA, ICANN, IGF, W3C was highlighted.

Later, we had a panel discussion on “Privacy & Safeguards on the Internet,” moderated by Amrita Choudhury. It was a very informative discussion and covered a lot of areas related to privacy on the Internet.

  • Internet and digital privacy are viewed differently from traditional expectations of privacy. Internet privacy is primarily concerned with protecting user information. Given the dynamic nature of the online sphere, privacy concerns and issues are rapidly changing.
  • Existing practices such as secure connections, firewalls, and antivirus services in order to overcome or better prevent mishaps due to breach in privacy.
  • The Information Technology Act (ITA) 2000, which includes India’s most comprehensive legal provisions that speak to privacy on the Internet was also discussed briefly.

The event received a lot of appreciation from multiple communities. The organizing team provided a remarkable direction with this event, to getting started with Internet Governance for all the young minds of India. Heartfelt thanks to everyone for the extended support. We look forward to making this journey a greater success by reaching out to more people and enlightening them with more events like this.

The post The Youth Internet Governance Forum India: Our Experience appeared first on Internet Society.

The Week in Internet News: Companies Fear AI Will Destroy Business Models

Lun, 05/11/2018 - 15:36

AI against businesses: More than 40 percent of U.K. companies believe Artificial Intelligence will destroy their business models within five years, according to a Microsoft survey featured on CNBC.com. Still, more than half of businesses in the U.K. have no AI strategy. And while 45 percent workers are concerned their job could be replaced by AI, 51 percent are not learning skills to prepare for the changes.

Government AI board: Meanwhile, Public Knowledge, a digital rights advocacy group, has called on the U.S. government to create a new federal authority to develop AI expertise, as a way to effectively regulate and govern the technology, reports IP-watch.org. “The rapid and pervasive rise of artificial intelligence risks exploiting the most marginalized and vulnerable in our society,” the group argues.

Math against fake news: Professors from the U.K. and Switzerland have released a mathematical definition of fake news, in the hope that it will give lawmakers ideas on how to combat it, Phys.org says. The researchers have also introduced a model for fake news that can be used to study the phenomenon.

Vietnam against fake news: A new cybersecurity law in Vietnam is intended to combat fake news and other security problems, government officials say. But companies like Google and Facebook have objected to the law, saying it will make it easier for authorities to seize customer data and expose local employees to arrest, Reuters reports.

Giant bundle of bad: A huge bundle of ransomware is being offered for sale in a discounted bundle deal on the dark Web, ZDNet reports. Infamous pieces of ransomware available in the $750 “2018 ransomware pack” include SamSam, Satan, CryBrazil, and XiaoBa.

Don’t surf for porn at the office: Employees of the U.S. Geological Survey’s Earth Resources Observation and Science Center in South Dakota used the office network to surf over to more than 9,000 porn sites, reports Securityboulevard.com. Some of those adult sites redirected to Russian pages infected with malware, compromising the agency’s computer system. Oops.

Free the speech: One member of the U.S. Federal Communications Commission suggested community-financed broadband networks threaten free speech, reports Motherboard. His thinking: Government-owned broadband networks could put speech limits on users. There’s no evidence of this happening, however, critics say.

Community networks can help close the digital divide. You can be a part of the movement to build a digital future that puts people first! #SwitchItOn

The post The Week in Internet News: Companies Fear AI Will Destroy Business Models appeared first on Internet Society.

IETF 103, Day 1: IPv6, TLS, DNS Privacy & Other Crypto

Dom, 04/11/2018 - 23:00

The Working Group sessions start tomorrow at IETF 103 in Bangkok, Thailand, and we’re bringing you daily blog posts highlighting the topics of interest to us in the ISOC Internet Technology Team. Only four days have been scheduled for the working groups this time around, which means there’s a lot of pack into each day; with Monday being no exception.

V6OPS is a key group and will be meeting on Monday morning starting at 09.00 UTC+7. It’s published four RFCs since its last meeting, including Happy Eyeballs v2, and this time will kick-off with a presentation on the CERNET2 network which is an IPv6-only research and education in China.

There’s also four drafts to be discussed, including three new ones. IPv6-Ready DNS/DNSSSEC Infrastructure recommends how DNS64 should be deployed as it modifies DNS records which in some circumstances can break DNSSEC. IPv6 Address Assignment to End-Sites obsoletes RFC 6177 with best current operational practice from RIPE-690 that makes recommendations on IPv6 prefix assignments, and reiterates that assignment policy and guidelines belong to the RIR community. Pros and Cons of IPv6 Transition Technologies for IPv4aaS discusses different use case scenarios for the five most prominent IPv4-as-a-service (IPv4aaS) transitional technologies, whilst NAT64/464XLAT Deployment Guidelines in Operator and Enterprise Networks is an updated draft that describes considerations with respect to applications or devices using literal IPv4 addresses or non-IPv6 compliant APIs, as well as IPv4-only hosts on an IPv6-only network.

NOTE: If you are unable to attend IETF 103 in person, there are multiple ways to participate remotely.

Running in parallel on Monday morning is ROLL which focuses on IPv6 routing issues for low-power and lossy networks. This will be discussing an update ton the ROLL-BIER design that extends RPL to support routing based on Bit Index Explicit Replication (BIER) in environments with limited and lossy updates. There are also seven other drafts up for discussion, all related to RPL enhancements.

CFRG will be held during the late morning at 11.20 UTC+7. The group has yet to publish the agenda, but there’s a number of currently active drafts covering issues that include Public Key ExchangeThe Transition from Classical to Post-Quantum Cryptography, Randomness Improvements for Security ProtocolsRe-keying Mechanisms for Symmetric Keys, and Hash-Based Signatures.

There’s a choice of two sessions after lunch, starting at 13.50 UTC+7.

TLS holds the first of its two sessions (the second is on Wednesday afternoon) and has a number of important drafts up for discussion including the proposed DTLS 1.3 specification, and Connection Identifiers for DTLS, to avoid the need for additional handshaking upon NAT rebinding. There is also a proposal to deprecate TLS 1.0 and 1.1 as these versions lack support for current and recommended cipher suites.

Other drafts cover TLS Authentication using ETSI TS 103 097 and IEEE 1609.2 certificates, a TLS 1.3 extension that allows a server to authenticate with a certificate while also providing a pre-shared key (PSK) as an input, and definition of universal PSKs for TLS that use an extra key derivation step to reuse the same secret for all TLS 1.3 KDF hashes. In addition, a revised working group charter has been proposed.

DNSOP meets at the same time, and there’s a couple of interesting drafts worth mentioning. One outlines how run a root server instance on the same server as a recursive resolver in order to decrease access time, and another specifies a way of resolvers telling clients what its associated DNS-over-HTTPS (DoH) servers are.

6LO concludes the day at 16.10 UTC+7. This will be discussing drafts to update RFC 6775 to support registration extensions for simplifying these operations in 6LoWPAN routers, to update Address Protected Neighbor Discovery for Low-power and Lossy Networks, to update RFC 4944 with a simple protocol to recover packet fragments over a mesh network, as well preparing the IPv6 Backbone Router draft for a Working Group Last Call. The session will be rounded-off with a performance report on fragment forwarding and recovery.

For more background, please read the Rough Guide to IETF 103 from Olaf, Dan, Steve, Karen and myself.

Relevant Working Groups

The post IETF 103, Day 1: IPv6, TLS, DNS Privacy & Other Crypto appeared first on Internet Society.