Home / Blogs

Global Technical Internet Related Issues That Need Fixing

Paul Budde

Given its engineering background, many positive contributions can be made by the engineering community in the broader ICT world to assist in addressing some of the broader internet issues, often addressed within the more limited telecoms environment.. Of course some of this is already happening; however much more work would be needed to strengthen the technical foundations of the internet. Just as an example, the type of issues that could be addressed by a broader ICT engineering foundation could include, for instance:

  • providing strong encryption on all websites — 2048 bit keys
  • producing a list of compromised devices or code that has known vulnerabilities in it and work towards a mandated level of security
  • assisting the ITU in driving certificate transparency efforts and obtaining the support of all the member countries on this issue
  • developing encrypted SIP or VoIP that in general could be mandated across all providers

The above listed issues however, now all face the NSA and other spy agent's requests demanding back door access and access to the various software codes. Lessons learned from the current spying fallout means that the industry will need to insist that this will have to be organised within strict regulatory environments.

Another example of where the broader ICT industry can assist in internet related issues is privacy. The greater the public concern about privacy, the greater the opportunity to do something positive to protect privacy on a bilateral or multilateral basis.

The industry would also be greatly assisted if taxes, tariffs and monopoly control of undersea and inter-country fibre transport networks were removed, in order to stimulate the construction of new fibre routes that do not pass through the United States.

Interestingly, while the current NSA developments have alerted countries who depend on the USA for their internet transport, this situation originated not just because the bulk of internet traffic came from the USA — or because organisations were forced to transit through this country — but more particularly due to the level of competition that exists in that country, which was achieved through market liberalisation. Many countries, especially the developing economies, had and many still have highly restrictive and regulated markets that resulted in very high telecoms charges. Because of that high level of international infrastructure competition in the USA it was generally cheaper to move telecoms traffic through the US rather than develop links that were independent of that country, or use international links from other countries.

This does not have to be the case but it would require significant pro-competitive regulatory changes in many of the countries involved. (I refer here to my comments above about the lack of industry transformation in the telecoms world).

By Paul Budde, Managing Director of Paul Budde Communication. Paul is also a contributor of the Paul Budde Communication blog located here.

Related topics: Internet Governance, Policy & Regulation, Security, Telecom

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:


Nothing much to do on your list... jeroen  –  Dec 02, 2013 4:39 AM PDT

> providing strong encryption on all websites — 2048 bit keys

The keystrength matters little if one cannot trust the root authorities.
Note that every nationstate and large corporation has a root certificate and thus can generate any certificate and claim to be anything they want.

One has to check the fingerprint of the certificate to be sure it really is the cert on the server that you want.

And then, even if that matches, even if you have 2048 bits crypto, how sure are you that the crypto is correct (there are very few crypto folks who really understand crypto), then that that is properly implemented (very few people who know crypto and code) and more importantly: that that is actually running on the device you are using? :) The set of people who can verify that is equal to not even on.

> producing a list of compromised devices or code that has known vulnerabilities in it and work towards a mandated level of security

This is a near impossible task as one can never index which software runs where and thus which devices are compromised; next to the fact that software versions might differ and then might have different patches which might mean that the version is not vulnerable as the vendor already fixed it.

CVE (http://cve.mitre.org/) "solves" this in some way but it can never solve it completely, especially not in the way you state it.

Backdoors can always be present, 0-days are typically not fixed yet, thus the least one can do is keep all software up-to-date (and hope nobody sneaked something bad in there).

Note also that there are billions of devices out there; current fun one: Android, which is a very fragmented bunch of code that never gets updated on those devices. 70% of the market apparently is Android based though. For a fun one: http://www.engadget.com/2013/11/29/text-message-exploit-can-force-your-nexus-phone-to-reboot

> assisting the ITU in driving certificate transparency efforts and obtaining the support of all the member countries on this issue

What does the ITU have to do with the Internet? Let the ITU stick to their telephone lines and slowly disappear please, they would just slow down any effort to make things better.

> developing encrypted SIP or VoIP that in general could be mandated across all providers

SIP/TLS, SRTP and ZRTP already exist, are deployed and are in heavy use.
Except for ZRTP most of these protocols are freely available.

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

Encrypting Inbound and Outbound Email Connections with PowerMTA

Resilient Cybersecurity: Dealing with On-Premise, Cloud-Based and Hybrid Security Complexities

Verisign Releases Q4 2015 DDoS Trends - DDoS Attack Activity Increasing by 85% Year Over Year

Best Practices from Verizon - Proactively Mitigating Emerging Fraudulent Activities

Neustar Data Identifies Most Popular Times of Year for DDoS Attacks in 2015

The Framework for Resilient Cybersecurity (Webinar)

Dyn Weighs In On Whois

Season's Greetings - 2015 End of Year Message from DotConnectAfrica

Data Volumes and Network Stress to Be Top IoT Concerns

DKIM for ESPs: The Struggle of Living Up to the Ideal

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

Verisign & Forrester Webinar: Defending Against Cyber Threats in Complex Hybrid-Cloud Environments

"The Market Has No Morality" Sophia Bekele Speaks on Business Ethics and Accountability

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Faster DDoS Mitigation - Introducing Verisign OpenHybrid Customer Activated Mitigation

Dyn Comments on ICG Proposal for IANA Transition

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

Protect Your Network From BYOD Malware Threats With The Verisign DNS Firewall

Announcing Verisign IntelGraph: Unprecedented Context for Cybersecurity Intelligence

Introducing the Verisign DNS Firewall

Sponsored Topics

Afilias - Mobile & Web Services


Sponsored by
Afilias - Mobile & Web Services


Sponsored by


Sponsored by

DNS Security

Sponsored by