Members of the European Parliament have taken stock of the lack of action taken to safeguard citizens' fundamental rights following revelations of electronic mass surveillance. more
Out of the 3 billion users on the Internet, how many can trust that their online communications will not be monitored or censored? How many feel safe that they can express their opinions online and will not be arrested for their ideas? How many feel confident in communicating anonymously online? For us at the Internet Society this is a key element of an Internet of opportunity: Internet access is only meaningful if people can trust that their fundamental rights will be respected and protected online as well as offline. more
The European Union has struck a deal "in principle" with the United States on a new data-sharing agreement to allow digital information to flow between borders. more
Facebook lobbyists are working behind the scenes for a major cyber bill set for a final Senate vote Tuesday despite growing opposition to the bill among tech companies, according to a digital rights advocacy group fighting against the measure. more
Despite positive discussions currently underway at the ICANN54 meetings in Dublin regarding protection of privacy services for domain name registrants, another meeting in Paris seems to be contradicting the efforts. more
There's been a lot of media attention in the last few days to a wonderful research paper on the weakness of 1024-bit Diffie-Hellman and on how the NSA can (and possibly does) exploit this. People seem shocked about the problem and appalled that the NSA would actually exploit it. Neither reaction is right. In the first place, the limitations of 1024-bit Diffie-Hellman have been known for a long time. RFC 3766, published in 2004, noted that a 1228-bit modulus had less than 80 bits of strength. That's clearly too little. more
Near the end of the first decade of this century, the world reached an Internet milestone. The number of Internet-connected devices surpassed the number of people alive on planet Earth. At the time, seven billion devices had already been connected to the Internet, and this went completely unnoticed by most people. This moment represented an important sign of the rapid pace in which we are adopting technology and embracing Internet connectivity. more
The personal data of Europeans held in the United States by Internet companies is not safe from US government snooping, the European court of justice ruled today, in a landmark verdict that hits Facebook, Google, Amazon and many others. more
Federal databases, such as those being compiled by the Consumer Financial Protection Bureau and the Federal Trade Commission, contain data about many people and businesses. Although some of this data may be protected personal information (PPI), there is also extensive information in federal databases that is publicly disseminated via the internet. If the information is wrong, it has the potential to be a vector of tortious mischief. more
Earlier this year, I wrote about a recent enhancement to privacy in the Domain Name System (DNS) called qname-minimization. Following the principle of minimum disclosure, this enhancement reduces the information content of a DNS query to the minimum necessary to get either an authoritative response from a name server, or a referral to another name server. more
The Internet Engineering Task Force has approved a Draft RFC for "The .onion Special-Use Domain Name" by the Tor Project, the provider of online anonymity and privacy services. more
For the past two years a diverse group of stakeholders from the ICANN community, including myself, has been working hard to come to a consensus on a set of recommendations related to development and implementation of an ICANN accreditation program for privacy & proxy service providers. The result of this effort will replace the interim specification defined in the 2013 Registrar Accreditation Agreement (RAA) that is due to expire at the end of 2016. more
ICANN comment periods on policy proposals don't normally garner much attention. In the case of the current comment period on proxy/privacy services, however, things are very different. To date several thousand comments have been filed, while the topic of the policy proposals has received media attention across hundreds of outlets. more
Decix, the largest internet traffic exchange point (IXP) worldwide, has had it with the snoops. The Frankfurt company on Thursday confirmed a report by the Sueddeutsche Zeitung that it will file a complaint at the German Federal Administrative Court against the obligation to grant broad access to the German Intelligence Service (BND) to the traffic transiting its large switches. more
In August of last year I wrote in a blog about the importance of cryptech to wide-scale trust in the Internet. For those who don't know about it, http://cryptech.is is a project aiming to design and deploy an openly developed, trustable Hardware Security Module (HSM) which can act both as a keystore (holding your secrets and keeping them private) and as a signing engine. more
A World-Renowned Source for Internet Developments. Serving Since 2002.