Encryption is a way to keep private information private in the digital world. But there are government actors, particularly here in the US, that want access to our private data. The NSA has been snooping our data for years. Backdoors have been snuck into router encryption code to make it easier to break. Today at M3AAWG we had a keynote from Kim Zetter, talking about Stuxnet and how it spread well outside the control of the people who created it. more
Every time there is a tragic attack on people or property, there is a cry from various authorities or politicians for law enforcement to get unfettered access to all kinds of communication tools. But that would cause far more harm than good, and is a really bad idea. The argument goes something like this: 'These bad actors hide behind encrypted communications to plan their evil deeds...' more
Every person and every entity must have a philosophy if they are to be successful. Consumer trust is one of the key issues at the heart of keeping the Internet open as well as prosperous. The ICANN Affirmation of Commitments was signed in 2009 and has been the guiding principle for ICANN's activities going forward. The title of section 9.3 is Promoting competition, consumer trust, and consumer choice. This section is in essence the embodiment of the commitment of ICANN. more
The essence of information privacy is control over disclosure. Whoever is responsible for the information is supposed to be able to decide who sees it. If a society values privacy, it needs to ensure that there are reasonable protections possible against disclosure to those not authorized by the information's owner. In the online world, an essential technical component for this assurance is encryption. If the encryption that is deployed permits disclosure to those who were not authorized by the information's owner, there should be serious concern about the degree of privacy that is meaningfully possible. more
Governments often use small players as pawns in their global games of chess. Two weeks ago the European Court of Justice invalidated the EU-US Safe Harbor ("Safe Harbor") framework, turning Internet businesses into expendable pawns in a government game. But for the past fifteen years, Safe Harbor allowed data flows across the Atlantic -- fostering innovation and incredible economic development. more
Companies such as Apple, Google and others will be banned from offering encryption so advanced that even they cannot decipher it when asked to under the UK's Investigatory Powers Bill. more
In a statement released today, Electronic Frontier Foundation (EFF) has criticized ICANN for not being proactive on privacy matters, saying the organization "can't seem to wrap its head around" the issue. more
I recall from some years back, when we were debating in Australia some national Internet censorship proposal de jour, that if the Internet represented a new Global Village then Australia was trying very hard to position itself as the Global Village Idiot. And the current situation with Australia's new Data Retention laws may well support a case for reviving that sentiment. more
E-commerce has revolutionized how businesses sell to consumers -- including those involved in illicit activities, such as websites peddling illegal narcotics, pirated movies and music, or counterfeit handbags. For example, 96 percent of Internet pharmacies do not comply with U.S. laws, and as they ship pills tainted with paint thinner, arsenic, and rat poison, they put the health and safety of consumers at risk. Why don't law enforcement officials do more to combat this problem? Partly because of the difficulty of identifying who is actually operating the illegal pharmacies. It is time to fix this, while allowing anonymity for those who deserve it. more
In 2013 I wrote a blog Telecoms as a spying tool, in which I mentioned that those who use the internet to spy indiscriminately will have to face the reality that such activities will only start a cat-and-mouse game -- the technology will always be able to stay one step ahead of those who are using the internet for criminal purposes. Since that time some very significant developments have taken place that have confirmed our prediction. more
The following is the easyDNS response to ICANN's public comment period on GNSO Privacy & Proxy Services Accreditation Issues Working Group Initial Report. The public comment period is open until July 7, 2015. We strongly urge you to make your voice known by signing the petition over at Save Domain Privacy. I submit these comments as a CEO of an ICANN accredited registrar, a former director to CIRA and a lifelong anti spam contributor with an unblemished record of running a managed DNS provider that maintains zero tolerance for net abuse or cybercrime... more
"The most profound technologies are those that disappear. They weave themselves into the fabric of everyday life until they are indistinguishable from it." -Mark Weiser ...The Internet of Things is a step in this very direction. And like all things new and mysterious, it has its fair share of utopian and dystopian soothsayers; with an almost certain probability that neither of their deterministic predictions will completely come to fruition in the future. more
In one of the email conversations with my expert colleagues from around the globe, an interesting article was discussed written by Bruce Scheier in Wired: When it comes to security, we're back to feudalism. An interesting aspect of the discussion was the conclusion that Google's and Facebook's consumers are not their customers. The distinction is important, because consumers are the product being sold to their actual customers who are their advertisers. more
Phil Zimmerman's Pretty Good Privacy (PGP) and its offspring have been encrypting and decrypting email for almost 25 years -- but require enough knowledge and determination to use them that adoption has never taken off outside the technoscenti. Now initiatives from several quarters aim to fix that -- but will it all "just work," and will end users adopt it even if it does? more
Today, anyone can use WHOIS to identify the organization or person who registered a gTLD domain name, along with their postal address, email address, and telephone number. Publishing this data has long been controversial, creating a system riddled with problems. On one hand, anonymous access to all WHOIS data enables misuse by spammers and criminals and raises concerns about personal privacy. On the other hand, incomplete or false WHOIS data prolongs Internet outages and leaves crime victims with little recourse. more
A World-Renowned Source for Internet Developments. Serving Since 2002.