Gigabyte Motherboard Firmware Exposes Millions of PCs to Potential Cybersecurity Threats

In a potentially damaging cybersecurity revelation, researchers from the cybersecurity company Eclypsium have identified a hidden mechanism in the firmware of motherboards manufactured by Taiwanese company Gigabyte. more

Global Standards Collaboration: Is It Possible?

On 24-27 April, a 33-year-old international organisation of ICT organisations will convene a meeting at London under ETSI auspices after a four-year hiatus. Known today as the GSC or Global Standards Collaboration organisation, it began its existence in the Spring of 1990 at Fredericksburg, Virginia, as an umbrella mechanism for all of the world's ICT standards bodies to collaborate on "high interest subjects." more

Telecoms Infrastructure As a Service

More than a decade ago we predicted that the telecoms industry would be transformed, driven by its own innovations and technological developments. As a result we indicated that in many situations the telecommunications infrastructure would be offered as a service by hardware providers. We also predicted that this would open the way for a better sharing of the infrastructure. more

The Value of Community Broadband

There are many voices calling for increased initiatives by municipalities to build and operate broadband internet infrastructure as a public utility, but until this week, very little in the way of economic analysis to fully examine whether the benefits justify the costs. A paper released this week finds that local efforts produce small economic benefits, but cause a notable increase in the size of local government. more

EU Telecom Overhaul One Step Closer

Europe's electronic communications sector is currently governed by directives adopted in 2002. These stipulated that the directives and regulatory framework should be reviewed, a processed initialised in November 2007. Both the European Council and the European Parliament need to adopt the proposed changes, and none of the initial consultations conducted by the EC indicated that a major overhaul was on the cards, or even required. Yet this is what has transpired. more

Botnet Metrics and Calibration

As ISP's continue to spin up their anti-botnet defenses and begin taking a more active role in dealing with the botnet menace, more and more interested parties are looking for statistics that help define both the scale of the threat and the success of the various tactics being deployed... To overcome this problem there are several initiatives trying to grapple with this problem at the moment.. Obviously, if every ISP was using the same detection technology, in the same way, at the same time, it wouldn't be such a difficult task. Unfortunately, that's not the case. more

Sovereignty Strikes the Internet: When Two Don’t Become One

On January 28, the UK government was set to announce whether it would allow Huawei, the Chinese information and communication technologies provider, to develop its 5G infrastructure. Given Brexit and its need to form new alliances, the decision was marked as a significant moment for the UK's trade future. Leading up to the day of the decision, the UK was subjected to a significant amount of pressure from the United States government to reject any deal with Huawei. more

A Stronger PIR and .ORG: Standing Behind Our Commitments

We respect the right of all parties who wish to express a point of view on the Internet Society's sale of Public Interest Registry ("PIR") to Ethos Capital. However, it's important those views are based on facts -- which has not always been the case. Some have expressed concern that for-profit ownership of .ORG will automatically mean .ORG prices will rise dramatically, or that .ORG's principles will change. more

US Copyright Office Expands Security Researchers’ Ability to Hack Without Going to Jail

The Librarian of Congress and US Copyright Office has updated the Digital Millennium Copyright Act extending some essential exemptions ensuring that computer security researchers won't be treated like nefarious criminals for their contributions to society. more

The Impact of a Pandemic on Cyberattacks and Business Continuity Plans

A new survey of security and IT leaders by csoonline.com sheds light on how organizations across industries are dealing with the COVID-19 crisis, how prepared they were when the pandemic first hit, how vulnerable they are, and what the long-term impact on companies may be. Unsurprisingly, the survey found there has been an increased number of employees working from home. more

When to Consider ‘Both Sides of the Dot’ in a Domain Name Dispute

In the case, filed by Michelin, the panel found the domain name 'tyre.plus' confusingly similar to the trademark TYREPLUS. Specifically, the panel wrote: "If one ignores the 'dot' between the Second-Level Domain ('tyre') and the Top-Level Domain ('plus'), the mark and the Domain Name are identical..." It's an issue that's arising with increasing frequency -- just as I had predicted. more

ISOC Issues Statement in Response to Increasing Internet Access Restrictions by Governments

The Internet Society (ISOC) has addressed human rights issues related to Internet access stating "[t]he increasing pressure to limit access to the Internet has escalated the sense of urgency in addressing this situation." ISOC, in the announcement, reaffirmed its policy area and its work to bring attention to the impact of Internet freedom on other aspects of human rights. more

Impact of Hurricane Irene on the Internet

Effects of hurricane Irene were clearly visible in the Internet's global routing table, as tens of thousands of networks were cut off from the rest of the world, according to analysis by Renesys. From the report: "Overall, it seems that the East Coast's power and Internet infrastructure fared pretty well during this storm, with good evidence of restoration after the storm had passed. This is good news, given the important role Twitter now plays in ad hoc rescue coordination, and the importance of the Web for keeping people informed about what they're facing in an emergency situation." more

Continued Move Towards Unified Communications

A couple of new notes that underscore the continued convergence of real-time communications services (e.g. voice/video/IM) into a presence-based real-time IP communications infrastructure... I haven't seen this shift just yet, but increasingly the folks responsible for managing voice and video systems are integrating their planning with the groups in charge of instant messaging and collaboration. I expect this trend to accelerate as we move forward. more

Problems With the Burr-Feinstein Bill

What appears to be a leaked copy of the Burr-Feinstein on encryption back doors. Crypto issues aside -- I and my co-authors have written on those before -- this bill has many other disturbing features. (Note: I've heard a rumor that this is an old version. If so, I'll update this post as necessary when something is actually introduced.) One of the more amazing oddities is that the bill's definition of "communications" (page 6, line 10) includes "oral communication", as defined in 18 USC 2510. more