Keynote speaker, and noted security industry commentator, Bruce Schneier (Co3 Systems ) set the tone for the two days with a discussion on how humans name things and the shortcomings of computers in doing the same. Names require context, he observed, and "computers are really bad at this" because "everything defaults to global." Referring to the potential that new gTLDs could conflict with internal names in installed systems, he commented, "It would be great if we could go back 20 years and say 'Don't do that'," but concluded that policymakers have to work with DNS the way it is today. more
In a recent video interview conducted while he attended the World Economic Summit in Davos, Switzerland, ICANN CEO Fadi Chehade stated "legitimacy comes from accountability". That statement is correct. It is also troubling, in that many of ICANN's recent policies and activities raise serious questions regarding whether it is sufficiently accountable and therefore perceived as acting in a legitimate manner - as well as whether it is continuing to faithfully abide by the Affirmation of Commitments (AOC) it entered into when the US government terminated direct oversight of ICANN in 2009. more
The United States government (USG) has provided its first official reaction to the October 2013 Montevideo Statement issued by organizations responsible for coordination of the Internet technical infrastructure, the upcoming April Internet governance conference in Sao Paulo, Brazil , as well as other matters related to Internet governance -- including the ITU Plenipotentiary meeting scheduled for October in Busan, South Korea. more
2012 will always be remembered as the Year of Wikileaks. Similarly, 2013 shall also be remembered as the year that Edward Snowden, a computer security specialist and former CIA employee and National Security Agency contractor, leaked classified information regarding the NSA global surveillance programs. Whilst Wikileaks was about US diplomatic cables, the Edward Snowden disclosure of classified NSA information to private media organizations such as the UK Guardian newspaper has had graver implications for global Internet privacy. more
Given its engineering background, many positive contributions can be made by the engineering community in the broader ICT world to assist in addressing some of the broader internet issues, often addressed within the more limited telecoms environment.. Of course some of this is already happening; however much more work would be needed to strengthen the technical foundations of the internet. Just as an example, the type of issues that could be addressed by a broader ICT engineering foundation could include... more
This article was originally intended to be a short one focused on indications that ICANN was exploring the establishment of a legal nexus outside the United States and discussing what that might mean - and whether it was consistent with the Affirmation of Commitments (AOC) entered into with the United States in 2009. Then, as completion neared, came the sudden and nearly simultaneous release of the October 7th Montevideo Statement and the announcement two days later of a proposed 2014 Brazil "Summit" focused on restructuring Internet governance. At that point the task vastly expanded. more
As each day brings new revelations about surveillance online, we are starting to see increasing activity in national legislatures intended either to establish more control over what the security services can do to their nationals (in countries like the US), or to limit access by foreign secret services to the personal information of their citizens (countries like Brazil). Unfortunately, neither of these approaches address the underlying problem: we have a paradigm for surveillance that's fit for the analogue past, not the digital present, let alone the future. more
Doug Madory from Renesys reports: "In response to recent NSA spying allegations, Brazil is pressing ahead with a new law to require Internet companies like Google to store data about Brazilian users inside Brazil, where it will be subject to local privacy laws. The proposed legislation could be signed into law as early as the end of this week. However, Google's DNS service started leaving the country on September 12th, the day President Rousseff announced her intention to require local storage of user data." more
The idea that the US would maintain a strategic position in the Internet was always a pipe dream. Allowing the US to pick the DNS contractors is one thing, allowing the US the power to arbitrarily shut countries off the net is quite another. And that is what deployment of DNSSEC and the rPKI under the current models would do. The idea that some US congressman would promote a bill to force ICANN to drop Cuba, Palestine or the enemy of the moment off the Internet is really not far fetched. The US government was just shut down for over two weeks in a bizarre act of political theater. more
If approved, the code would technically be voluntary for Canadian ISPs, but the active involvement of government officials suggests that most large providers would feel pressured to participate. The move toward an ISP code of conduct would likely form part of a two-pronged strategy to combat malicious software that can lead to cybercrime, identity theft, and other harms. First, the long-delayed anti-spam legislation features new disclosure requirements for the installation of software along with tough penalties for non-compliance. more
What does authorized access mean? If an employee with authorized access to a computer system goes into that system, downloads company secrets, and hands that information over to the company's competitor, did that alleged misappropriation of company information constitute unauthorized access? This is no small question. If the access is unauthorized, the employee potentially violated the Computer Fraud and Abuse Act (CFAA) (the CFAA contains both criminal and civil causes of action). But courts get uncomfortable here. more
ICANN has opened the Generic Names Supporting Organization (GNSO) Whois study on privacy/proxy abuse for public comment. Performed by the National Physical Laboratory (NPL), this study is one of many commissioned by the GNSO to examine the current, disparate, and often maligned registration directory service, and aims to measure the hypothesis that "a significant percentage of the domain names used to conduct illegal or harmful Internet activities are registered via privacy and proxy services to obscure the perpetrator's identity." more
The new Community Priority Evaluation (CPE) guidelines prepared by the Economist Intelligence Unit (EIU), and published by ICANN are now past their feedback period. We, at Radix, believe that ICANN has received feedback from approximately 10 stakeholders, and I for one, am looking forward to those being published. In light of the fact that none of the comments that ICANN received have been made public yet, I decided to blog about my multiple concerns with the new guidelines. Sparing a thought for the not-so-involved reader, I have limited my rant to some of the more important issues. more
Bruce Schneier in an op-ed piece published in the Guardian on Thursday writes: "Government and industry have betrayed the internet, and us. By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract..." more
When the scale of global surveillance carried out by the NSA (USA) and by the GCHQ (UK) was exposed by Edward Snowden through The Guardian, people around the world were shocked to discover how two established democracies routinely resort to methods that they have long deplored -- and rightly so -- in dictatorships, theocracies and other single-party arrangements. In a previous article, I lamented the fact that by carrying out this surveillance on an unprecedented scale, the US and the UK are, in fact, converging with the very regimes they criticize. more
A World-Renowned Source for Internet Developments. Serving Since 2002.