Close to 773 million unique email addresses and 22 million unique passwords were found to be hosted on cloud service MEGA. more
In the sci-fi movie Minority Report, a 'precrime' police unit relies on the visions of psychics to predict future crimes, then arrests the potential perpetrators before they do anything wrong. In the world of Internet governance, the future is now, as regulators want online services to predict and prevent safety threats before they actually occur. more
ICANN comment periods on policy proposals don't normally garner much attention. In the case of the current comment period on proxy/privacy services, however, things are very different. To date several thousand comments have been filed, while the topic of the policy proposals has received media attention across hundreds of outlets. more
Surveillance cameras in China can detect fevers with infrared cameras to an accuracy within 0.3℃ and recognize faces even if they are wearing masks. more
According to reports today, French police is planning to develop tough laws following the Paris terror attacks to help crack down on anonymous web browsing technology Tor, as well as free WiFi in public places. more
Phil Zimmerman's Pretty Good Privacy (PGP) and its offspring have been encrypting and decrypting email for almost 25 years -- but require enough knowledge and determination to use them that adoption has never taken off outside the technoscenti. Now initiatives from several quarters aim to fix that -- but will it all "just work," and will end users adopt it even if it does? more
It has been a very busy period in the domain of computer security. With "shellshock", "heartbleed" and NTP monlink adding to the background of open DNS resolvers, port 445 viral nasties, SYN attacks and other forms of vulnerability exploits, it's getting very hard to see the forest for the trees. We are spending large amounts of resources in reacting to various vulnerabilities and attempting to mitigate individual network attacks, but are we making overall progress? What activities would constitute "progress" anyway? more
Google is great at generating buzz, and they've done it again with their new social vitality tool, appropriately named Google Buzz. Buzz takes all of your Gmail contacts (and presumably other connections from elsewhere within the Googleplex), and makes them all your "friends" by default; it then shares your activity from Google Reader, YouTube, and other tools with all of them, and vice versa... more
The argument for end-to-end encryption is apparently heating up with the work moving forward on TLSv1.3 currently in progress in the IETF. The naysayers, however, are also out in force, arguing that end-to-end encryption is a net negative... The idea of end-to-end encryption is recast as a form of extremism, a radical idea that should not be supported by the network engineering community. Is end-to-end encryption really extremist? Is it really a threat to the social order? more
The U.S. House of Representatives voted unanimously today to pass H.R. 699, the Email Privacy Act, closing a loophole that allowed law enforcement authorities to obtain old email and other digital communications without a warrant from the court. more
Internet Governance like all governance needs to be founded in guiding principles from which all policy making is derived. There are no better fundamental principles to guide our policy making than the Universal Declaration of Human Rights, (UDHR). This article is Part 3 of a series exploring the UDHR as a guide and template for the digital governance and digital citizenship. We discuss UDHR Articles 6 through 12 and address topics such as fundamental digital values, cyberlaw, policymaking and the role of tribunals in digital governance. more
Earlier this week, I came across a working paper from Professor Peter Swire - a highly respected attorney, professor, and policy expert. Swire's paper, entitled "Online Privacy and ISPs", argues that ISPs have limited capability to monitor users' online activity. The paper argues that ISPs have limited visibility into users' online activity for three reasons: (1) users are increasingly using many devices and connections, so any single ISP is the conduit of only a fraction of a typical user's activity; (2) end-to-end encryption is becoming more pervasive, which limits ISPs' ability to glean information about user activity; and (3) users are increasingly shifting to VPNs to send traffic. more
The COVID-19 pandemic has led to the rapid migration of the world's workforce and consumer services to virtual spaces, has amplified the Internet governance and policy issues including infrastructure, access, exponential instances of fraud and abuse, global cooperation and data privacy, to name but a few. The need for practical, scalable and efficient solutions has risen dramatically. more
As I predicted ICANN is pursuing its case against EPAG. They're now not only appealing the case to a higher court in Germany but are also trying to get the entire thing referred to the European Court of Justice. In an announcement late last night ICANN made it very clear what their intentions are. While they're pursuing the appeal in the higher court in the German region, which makes sense at some level, it's also very clear that they're not taking "no" for an answer. more
In a seemingly never-ending row of news on hacks of websites now the news in which 2.3 million individual cases of privacy sensitive data were accessible through a leak in the websites of most public broadcasting stations in the Netherlands. To make the news more cheerful, the accessible data was, if compiled, sufficient to successfully steal a complete identity. What were thoughts that came to my mind after hearing this news on Friday? more