Any form of public communications network necessarily exposes some information about the identity and activity of the user's of its services. The extent to which such exposure of information can be subverted and used in ways that are in stark opposition to the users' individual interests forms part of the motivation on the part of many users to reduce such open exposure to an absolute minimum. The tensions between a desire to protect the user through increasing the level of opacity of network transactions to third party surveillance, and the need to expose some level of basic information to support the functions of a network lies at the heart of many of the security issues in today's Internet. more
The capabilities IPv6 provides will enhance online security, but the shift to the new Internet address scheme may also present risks if not properly managed. Previously, Internet security was largely an after-thought for the early Internet, as its primary purpose was to facilitate open, end-to-end, any-to-any communications and information exchange for bridging and accelerating research efforts. Today, we have a much more complex online ecosystem that spans billions of users across the globe and serves not only as an engine for e-commerce, but as an engine for all commerce. more
Do you recall when you were a kid and you experienced for the first time an unnatural event where some other kid "stole" your name and their parents were now calling their child by your name, causing much confusion for all on the playground? And how this all made things even more complicated - or at least unnecessarily complex when you and that kid shared a classroom and teacher, or street, or coach and team, and just perhaps that kid even had the same surname as you, amplifying the issue! What you were experiencing was a naming collision (in meatspace). more
The October 21 DDoS attacks against the 13 root-name servers containing the master domain list for the Internet's Domain Name System (DNS), (which reportedly took offline 9 of the 13 servers) remain a clear and daunting reminder of the vulnerabilities associated with online security. Many DNS authorities have named the most recent hit the largest DDoS attack against the root server system. Chris Morrow, network security engineer for UUNET, the service provider for two of the world's 13 root servers, recently told The Washington Post... more
Distributed Denial of Service is a big deal -- huge pools of Internet of Things (IoT) devices, such as security cameras, are compromised by botnets and being used for large scale DDoS attacks. What are the tools in hand to fend these attacks off? The first misconception is that you can actually fend off a DDoS attack. There is no magical tool you can deploy that will allow you to go to sleep every night thinking, "tonight my network will not be impacted by a DDoS attack." more
With companies shifting away from on-premises and "traditional" telecom networks to Internet-based protocols - such as Voice Over IP (oIP) - the market for critical communications infrastructure - most notably SIP trunking - is on the rise; not only multiple failover sites but cloud-based SIP-as-a-service solutions are now popular options. However, there's a caveat: problems unique to SIP systems that can cause IT headaches if you're not prepared. Here are three of the most common. more
One of the most striking and enduring dichotomies in the conceptualization of electronic communication networks is summed up in the phrase "the Internet as weapon." With each passing day, it seems that the strident divergence plays in the press -- the latest being Tim's lament about his "web" vision being somehow perverted. The irony is that the three challenges he identified would have been better met if he had instead pursued a career at the Little Theatre of Geneva and let SGML proceed to be implemented on OSI internets rather than refactoring it as HTML to run on DARPA internets. more
There are many big questions in telecom these days, and this is one that's on my mind right now. Over the past few months, I've participated in events or briefed with leading vendors in our space, namely Avaya, ShoreTel, BroadSoft, Aastra, Metaswitch, Mitel, Interactive Intelligence, and this week Cisco. Every analyst has their own core circle of vendors they stay close to, but I'd say that's a pretty fair representation of who's driving telecom. To varying degrees, all of these vendors have a cloud story, and the more I hear it, the more I start to wonder what it really means. more
With so much "cloud-talk" across every industry -- many presume that every company with serious telecom operations has already moved there -- but they haven't. In fact, 20 to 25% of global companies are still using legacy PBX systems and MPLS networks and waiting to replace them and move over to SD-Wan/mesh solutions. These advancements can be done successfully after an infrastructure audit has been conducted to identify operational weaknesses and threat vulnerabilities and measuring efficiencies of each feature for usage optimization and increased productivity. more
Since the inception of ITU precursors in 1850, its various bodies have treated the subject of telecommunication network security as both an obligation of signatories to the treaty instruments as well as an ongoing collaborative activity. However, what it actually did in those activities was constrained by its jurisdiction and participant competency -- which encompassed international public telecommunication services provided primarily by designated government agency service providers known as PTTs. more
I've posted to SSRN my paper on why most telecom companies, even though they operate networks, don't appreciate the fundamental business dynamics of network structures. This will be a chapter in a book Wharton is publishing on network-based strategies and competencies. In the paper, I describe two views on telecom and Internet infrastructure... more
As the FCC moves forward with its plans to regulate the internet in the U.S., it's worth taking a look at what's happened when the government has regulated other innovative industries. As a facilitator of innovation, I've always been fascinated with the history of Bell Labs. Bell Labs was once thought of as the source of most modern innovations... The work done at Bell Labs built the foundation for modern invention leading to phones, space exploration, the internet, music distribution, cell phones, radio and television and more. more
At the RIPE 67 meeting in Athens, Greece, the RIPE IPv6 Working Group ran a little experiment to test the feasibility of an IPv6-only network and to identify challenges in user experience. While the results were highly encouraging, they indicated that there is still work to be done before IPv4 can be switched off once and for all. As IPv6 is slowly but surely deployed around the world, we've entered a phase where it's necessary for your devices to be able to communicate using either of the two IP protocols currently in use. more
The Best Practice Forum (BPF) on IPv6 at the Internet Governance Forum (IGF) explored what economic and commercial incentives drive providers, companies and organizations to deploy IPv6 on their networks and for their services. The BPF collected case studies, held open discussions online and at the 2016 IGF meeting, and produced a comprehensive output report. This article gives a high-level overview. more
A Tipping Point for the Internet? Catching the precise moment of a tectonic shift in a global system as large and important as the Internet may be viewed as an exercise in the improbable. However, I point out in this summary that I think we are precisely in the midst of such a shift... more
A World-Renowned Source for Internet Developments. Serving Since 2002.