Despite headlines now at least a couple of years old, the InfoSec world is still (largely) playing lip-service to the lack of security talent and the growing skills gap. The community is apt to quote and brandish the dire figures, but unless you're actually a hiring manager striving to fill low to mid-level security positions, you're not feeling the pain -- in fact, there's a high probability many see problem as a net positive in terms of their own employment potential and compensation. more
Michael Geist reporting in his blog: "The United Nations Special Rapporteur on the promotion and protection of the right to freedom of opinion and expression has released an important new report that examines freedom of expression on the Internet. The report is very critical of rules such as graduated response/three strikes, arguing that such laws may violate the International Covenant on Civil and Political Rights. Moreover, the report expresses concerns with notice-and-takedown systems, noting that it is subject to abuse by both governments and private actors." more
Today the Berkman Center announced a new project that might be of interest to readers. Since 2002 I've studied Internet filtering around the world, most recently as part of the OpenNet Initiative. Last year with support of the MacArthur Foundation we published "Access Denied," a study of filtering in about 40 states. Our work so far has been centralized... We're now complementing that effort with a distributed reporting system... more
As the time ticks away on Senator Cruz's ersatz Doomsday clock, possibly accompanied by the fat sound of Mic Michaeli's analog synthesiser riff, it is easy to dismiss all his arguments as the ravings of a disappointed Cecil Underwood. Some in the ICANN community have described Cruz as a skilled orator. This isn't precisely accurate. He is certainly a competent orator but his outstanding skill is that he is a brilliant courtroom advocate. more
Shalini Singh reporting in the Hindu: "The raging controversy over possible excessive state regulation of the internet based on the IT Rules 2011 is now likely to be dwarfed by discussions in Geneva later this week over India's proposal to the United Nations General Assembly, for government control of the Internet... In its proposal submitted to the General Assembly in New York on October 26, 2011, India has argued for a radical shift from the present model of multi-stakeholder led decision-making, to a purely government-run multilateral body..." more
InterConnect announces the first in a developing series of new Master Classes on "Internet Infrastructure and Governance" starting June 30 through July 3, 2014. more
Security expert and malware analyst, Lenny Zeltser has examined a creative malware distribution method in the real world where fliers placed on windshield of cars scare drivers into visiting a malicious website. Zeltser writes: "Several days ago, yellow fliers were placed on the cards in Grand Forks, ND. They stated: 'PARKING VIOLATION This vehicle is in violation of standard parking regulations. To view pictures with information about your parking preferences, go to website-redacted' ... If you went to the website, you'd see several photos of cars on parking lots in that specific town..." more
With the COVID-19 health crisis evolving so quickly, it's hard to predict the extent of the long-term impact on business and the economy. While every business sector is facing different considerations, it's safe to say all are handling challenges from supply chain interruptions, rapid shifts to remote work, and massive changes in consumer spending and communication habits. more
I've worked with a number of small communities that want to explore the idea of having a community-owned ISP. My advice to small communities is the same as with all clients - economy-of-scale really matters for ISPs. Economy-of-scale is the economic term for describing how businesses get more efficient as they get larger. It's fairly easy to understand, and the classic example is to look at the impact of the salary and costs of the general manager of an ISP. more
The Internet Society announced today the appointment of Kathryn C. Brown as its new Chief Executive Officer effective 1 January 2014. Ms. Brown succeeds Lynn St. Amour, who will be stepping down after 15 years with Internet Society. Ms. Brown most recently served as a Senior Advisor at Albright Stonebridge Group, an international consulting firm, and as Senior Vice President, Public Policy and Corporate Responsibility at Verizon. more
Zero-touch provisioning (ZTP) -- whatever does that mean? Of course, it is another marketing term. I think the term "closer to zero touch provisioning" is probably better, but CTZTP -- as opposed to ZTP -- is a bit more of a mouthful. Whenever I hear language like this that I'm not familiar with, I get struck by a bolt of curiosity. What is this new and shiny phrase that has just appeared as if from nowhere? more
Marilyn Cade was an exceptionally hardworking, always gracious leader in ICANN and IGF. She was a strong supporter of U.S. interests at ITU and a member of the U.S. delegation at the WCIT. Dozens have spoken of her at a memorial site, including Vint Cerf: "Marilyn was an elemental force in the ICANN, IGF and policy worlds. She was an advocate who could be counted upon to speak passionately for the causes to which she was dedicated..." more
Russian government hackers are reported to be behind latest cyber-intrusions into the business systems of U.S. nuclear power and other energy companies with efforts to assess networks. more
Project Liberty's Institute sat down with Wendy Seltzer, an advisor to the Decentralized Social Networking Protocol (DSNP). Wendy was counsel to the World Wide Web Consortium (W3C), and has served on the boards of The Tor Project, Open Source Hardware Association and ICANN. more
Sophie Curtis of eWeek reports: "Researchers have discovered a hole in the secure sockets layer (SSL) protocol, enabling man-in-the-middle attackers to hack into secure applications despite traffic encryption. According to security researcher Chris Paget, hackers can exploit this flaw by breaking into shared hosting environments, mail servers and databases, and inserting text into encrypted traffic as it passes between two end users. This could lead to fragmentation of SSL transactions, giving hackers the opportunity to inject false commands such as password resets into communications which are otherwise encrypted." more
A World-Renowned Source for Internet Developments. Serving Since 2002.