Cybersecurity |
Sponsored by |
|
A Twitter thread on trolls brought up mention of trolls on Usenet. The reason they were so hard to deal with, even then, has some lessons for today; besides, the history is interesting. (Aside: this is, I think, the first longish thing I've ever written about any of the early design decisions for Usenet. I should note that this is entirely my writing, and memory can play many tricks across nearly 40 years.) more
One of the chronic features of the Bitcoin landscape is that Bitcoin exchanges screw up and fail, starting with Mt. Gox. There's nothing conceptually very hard about running an exchange, so what's the problem? The first problem is that Bitcoin and other blockchains are by design completely unforgiving. If there is a bug in your software which lets people steal coins, too bad, nothing to be done. more
These days in Washington, even the most absurd proposals become the new normal. The announcement yesterday of a new U.S. State Department Cyberspace Bureau is yet another example of setting the nation up as an isolated, belligerent actor on the world stage. In some ways, the reorganization almost seems like a companion to last week's proposal to take over the nation's 5G infrastructure. Most disturbingly, it transforms U.S. diplomacy assets from multilateral cooperation to becoming the world's bilateral cyber-bully nation. more
U.S. Chamber of Commerce President Thomas J. Donohue on January 10, 2018, warned that "techlash" is a threat to prosperity in 2018. What was he getting at? A "backlash against major tech companies is gaining strength -- both at home and abroad, and among consumers and governments alike." "Techlash" is a shorthand reference to a variety of impulses by government and others to shape markets, services, and products; protect local interests; and step in early to prevent potential harm to competition or consumers. more
In simple terms, Meltdown and Spectre are simple vulnerabilities to understand. Imagine a gang of thieves waiting for a stage coach carrying a month's worth of payroll. There are two roads the coach could take, and a fork, or a branch, where the driver decides which one to take. The driver could take either one. What is the solution? Station robbers along both sides of the branch, and wait to see which one the driver chooses. more
There are relatively few venues today for the development of public international cybersecurity law among Nation States. One was the United Nations Group of Governmental Experts (UNGGE) at which the U.S. several months ago announced its de facto withdrawal with some concern expressed. A much older, well-established venue is newly assuming considerable significance - the Expert Group on the International Telecommunication Regulations (EG-ITRs). more
It is once again time for our annual review of posts that received the most attention on CircleID during the past year. Congratulations to all the 2017 participants for sharing their thoughts and making a difference in the industry. 2017 marked CircleID's 15th year of operation as a medium dedicated to all critical matters related to the Internet infrastructure and services. We are in the midst of historic times, facing rapid technological developments and there is a lot to look forward to in 2018. more
In 2018, Internet Governance will be one of the top priorities in the geo-strategic battles among big powers. In today's world, every global conflict has an Internet-related component. There is no international security without cybersecurity. The world economy is a digital economy. And human rights are relevant offline as well as online. It is impossible to decouple cyberspace from the conflicts of the real world. more
It is now out -- all 539 pages entitled "Declaratory Ruling, Report and Order, and Order" (Reversal Order). As someone who has dealt with this subject matter at a working level over the past 40+ years, it seems clear that the FCC will readily prevail here and the protagonists need to move on. (Admittedly that is wishful thinking given the appellate revenue to be made and press blather opportunities.) The document from a Federal Administrative Law perspective is very thorough and well-crafted. more
I don't (and probably won't) have anything substantive to say about the technical details of the just-announced Meltdown and Spectre attacks. What I do want to stress is that these show, yet again, that security is a systems property: being secure requires that every component, including ones you've never heard of, be secure. These attacks depend on hardware features... and no, many computer programmers don't know what those are, either. more
A World-Renowned Source for Internet Developments. Serving Since 2002.