With two simultaneous processes getting underway in the UN General Assembly's First Committee, the UN Group of Governmental Experts (GGE) and the Open-Ended Working Group (OEWG) on Cybersecurity, and several technology and multi-stakeholder initiatives pushing cybersecurity improvement, the world of cyber norms has become both more interesting and more complicated. more
Unlike most new IETF standards, DNS over HTTPS has been a magnet for controversy since the DoH working group was chartered on 2017. The proposed standard was intended to improve the performance of address resolutions while also improving their privacy and integrity, but it's unclear that it accomplishes these goals. On the performance front, testing indicates DoH is faster than one of the alternatives, DNS over TLS (DoT). more
Orin Kerr recently blogged about a 9th Circuit decision that held that scraping a public web site (probably) doesn't violate the Computer Fraud and Abuse Act (CFAA)... On its surface, it makes sense – you can't steal something that's public – but I think the simplicity of the rule is hiding some profound questions. One, I believe, can most easily be expressed as "what is the cost of the 'attack'"? That is, how much effort must someone expend to get the data? Does that matter? Should it? more
In the run-up to the 14th Internet Governance Forum in Berlin, Germany, 25 to 29 November, different groups are discussing best practices pertaining to specific internet governance policy questions. These groups are open and thrive on your input and experiences. Their findings will be presented at the IGF and published shortly after. The IGF Best Practice Forums intend to inform internet governance policy debates by drawing on the immense and diverse range of experience and expertise... more
A letter, signed by 51 CEOs, was sent to U.S. House and Senate and leaders of other committees today urging policymakers to pass a comprehensive national data privacy law. more
A new report on 5G and geopolitics by Oxford Information Labs details the complex landscape of 5G security. Importantly, it draws out how a variety of proven technical concerns around the quality of Huawei security practices and equipment are drowned out by the US' Twitter diplomacy. Critical international dialogue on genuine cybersecurity concerns relating to 5G and Huawei are being lost in the noise of the US-China trade war. more
A statement released by the Hong Kong Internet Service Providers Association (HKISPA) denouncing any plans that would restrict Hong Kong's open internet network. more
One of the most interesting aspects of the proposed merger of Sprint and T-Mobile is that the agreement now includes selling some of Sprint's spectrum to Dish Networks to enable them to become a 5G cellular provider. This arrangement is part of the compromise required by the Department of Justice to preserve industry competition when the major wireless carriers shrink from four to three. more
As part of a larger effort to make the internet more private, the IETF defined two protocols to encrypt DNS queries between clients (stub resolvers) and resolvers: DNS over TLS in RFC 7858 (DoT) and DNS over HTTPS in RFC 8484 (DoH). As with all new internet protocols, DoT and DoH will continue to evolve as deployment experience is gained, and they're applied to more use cases. more
Following the Christchurch massacre in March which resulted in the killing of 51 worshippers at two New Zealand mosques, Australian Prime Minister Scott Morrison while attending the G7 summit in France, said the government will establish a new framework to block domains linked to violent attacks. more
In a memo sent to employees on Monday, Ren Zhengfei, the 74-year-old Huawei founder, has asked its employees to work aggressively towards sales targets and warned that the company is facing a "live-or-die moment." more
It is both amusing and dismaying. Last year, Congress passed Ray Baum's Act telling the FCC to do something about those pesky incoming foreign SPAM calls and texts with the fake callerIDs. The FCC a couple of weeks ago responded with a chest thumping Report and Order claiming it has "extraterritorial jurisdiction" that is does not have, and promising it will do something. Don't hold your breath on that one. more
The US government is gearing up to begin the 2020 census which will be administered starting next April 20. For the first time, the census is going to rely heavily on people answering the census questions online. Live census takers will then follow-up with those that don't submit the online response. This seems like an odd decision since there are still many people who don't have home broadband. more
The Federal Communications Commission yesterday released a Report and Order in the matter of its implementation of Ray Baum's Act Section 503 and international call spoofing. The FCC mostly did the right things in the R&O except in one rather extraordinary assertion of legal ignorance and bravado. It asserted unilaterally that it could exercise "extraterritorial jurisdiction that Congress expressly provided in section 503 of the Ray Baum's Act," and it furthermore knew of no "treaty obligation [contravened],...nor other legal barrier...and...are aware of none." more
The online digital rights group, Electronic Frontier Foundation (EFF) on Tuesday published a post warning ICANN's latest move requiring the use of Uniform Rapid Suspension (URS) for .org domain names is a "bad fit." more