With two simultaneous processes getting underway in the UN General Assembly's First Committee, the UN Group of Governmental Experts (GGE) and the Open-Ended Working Group (OEWG) on Cybersecurity, and several technology and multi-stakeholder initiatives pushing cybersecurity improvement, the world of cyber norms has become both more interesting and more complicated. more
Unlike most new IETF standards, DNS over HTTPS has been a magnet for controversy since the DoH working group was chartered on 2017. The proposed standard was intended to improve the performance of address resolutions while also improving their privacy and integrity, but it's unclear that it accomplishes these goals. On the performance front, testing indicates DoH is faster than one of the alternatives, DNS over TLS (DoT). more
Almost every institution which purports to provide space for public accountability includes some sort of formalized process by which the public can have their say. And in almost every instance, they struggle with a tension between the desire to provide a commenting process which is meaningful and substantive (or, at least, which appears to be so), and a desire to adopt whatever course of action the institution thinks is best. more
Orin Kerr recently blogged about a 9th Circuit decision that held that scraping a public web site (probably) doesn't violate the Computer Fraud and Abuse Act (CFAA)... On its surface, it makes sense – you can't steal something that's public – but I think the simplicity of the rule is hiding some profound questions. One, I believe, can most easily be expressed as "what is the cost of the 'attack'"? That is, how much effort must someone expend to get the data? Does that matter? Should it? more
In the run-up to the 14th Internet Governance Forum in Berlin, Germany, 25 to 29 November, different groups are discussing best practices pertaining to specific internet governance policy questions. These groups are open and thrive on your input and experiences. Their findings will be presented at the IGF and published shortly after. The IGF Best Practice Forums intend to inform internet governance policy debates by drawing on the immense and diverse range of experience and expertise... more
Muscle memory is a funny thing. We don't even think about it really, but when we do the same thing over and over again, it just becomes second nature to us. This is how we've come to use WHOIS over the past two decades to get contact information for registered domain names. If you wanted to see who owned a domain, you'd simply do a WHOIS search. I've probably done hundreds of thousands of them during my time in the industry. Well as of this week, a major step in the retirement of WHOIS officially took place. more
A new report on 5G and geopolitics by Oxford Information Labs details the complex landscape of 5G security. Importantly, it draws out how a variety of proven technical concerns around the quality of Huawei security practices and equipment are drowned out by the US' Twitter diplomacy. Critical international dialogue on genuine cybersecurity concerns relating to 5G and Huawei are being lost in the noise of the US-China trade war. more
The map below shows countries working with Huawei 5G in red and pink. As can be seen, Huawei is doing very well in 5G, although it's not as dominant as the colors here suggest. Ericsson is actually close to Huawei in 5G revenue, aided by the ban in the US and Australia. Years ago, Huawei was the price leader in order to break into the European market. more
One of the most interesting aspects of the proposed merger of Sprint and T-Mobile is that the agreement now includes selling some of Sprint's spectrum to Dish Networks to enable them to become a 5G cellular provider. This arrangement is part of the compromise required by the Department of Justice to preserve industry competition when the major wireless carriers shrink from four to three. more
As part of a larger effort to make the internet more private, the IETF defined two protocols to encrypt DNS queries between clients (stub resolvers) and resolvers: DNS over TLS in RFC 7858 (DoT) and DNS over HTTPS in RFC 8484 (DoH). As with all new internet protocols, DoT and DoH will continue to evolve as deployment experience is gained, and they're applied to more use cases. more
It is both amusing and dismaying. Last year, Congress passed Ray Baum's Act telling the FCC to do something about those pesky incoming foreign SPAM calls and texts with the fake callerIDs. The FCC a couple of weeks ago responded with a chest thumping Report and Order claiming it has "extraterritorial jurisdiction" that is does not have, and promising it will do something. Don't hold your breath on that one. more
The US government is gearing up to begin the 2020 census which will be administered starting next April 20. For the first time, the census is going to rely heavily on people answering the census questions online. Live census takers will then follow-up with those that don't submit the online response. This seems like an odd decision since there are still many people who don't have home broadband. more
The Federal Communications Commission yesterday released a Report and Order in the matter of its implementation of Ray Baum's Act Section 503 and international call spoofing. The FCC mostly did the right things in the R&O except in one rather extraordinary assertion of legal ignorance and bravado. It asserted unilaterally that it could exercise "extraterritorial jurisdiction that Congress expressly provided in section 503 of the Ray Baum's Act," and it furthermore knew of no "treaty obligation [contravened],...nor other legal barrier...and...are aware of none." more
New Cuban regulations regarding private WiFi networks went into effect yesterday, and the New York Times and others proclaimed that "Cuba expands Internet access to private homes and businesses." Yes, Cubans can legally import and install WiFi routers in their homes, small cafes, B&Bs, etc., but these regulations will make little difference in Internet access. more
At IETF 105, held in Montreal at the end of July, the Technical Plenary part of the meeting had two speakers on the topic of privacy in today's Internet, Associate Professor Arvind Narayanan of Princeton University and Professor Stephen Bellovin of Colombia University. They were both quite disturbing talks in their distinct ways, and I'd like to share my impressions of these two presentations and then consider what privacy means for me in today's Internet. more
51 CEOs Call on US Congress for Urgent Nationwide Data Privacy Law Overriding State-Level Laws
Huawei Founder in a Staff Memo Warns Company Is Facing a 'Live-or-Die Moment'
Google Reported to Be Pushing Trump Administration for Exemption on Huawei Ban, Citing Security Risk
Microsoft Sees Serious Appetite for Revised Privacy Laws in US, Says It's Time to Match EU's GDPR
National Telecommunications and Information Administration (NTIA) Chief David Redl Resigns
US Federal Trade Commission Says It Lacks Resources to Go After Privacy Violations Effectively
Representatives From EU, NATO, USA, Japan, Australia Hold Meeting on 5G Security and Policy Measures
UK Government Planning on New Laws for IoT Devices Including a Mandatory Security Labelling Scheme
Canada Says Facebook Has Refused to Address Serious Privacy Deficiencies Concerning Its Local LawsA World-Renowned Source for Internet Developments. Serving Since 2002.
| Service Partners: |
DNS Management by Constellix |
|
Managed Hosting by Hostway |
|