Aggregatore di feed

It Is a Challenging Time for the Internet: We Must Not Let It Be Undermined

Internet Society - News Headlines - Mer, 29/08/2018 - 14:00

On 1 September I start work as CEO of the Internet Society. I have a lot to do to live up to the example set by Kathy Brown with all that she achieved during her leadership. It is a great honour, and I appreciate the trust the Board of Trustees has placed in me. I will work daily to earn the same trust from the rest of the Internet community, in part by being transparent about what drives me to do this.

It is a challenging time for the Internet Society, because it is a challenging time for the Internet. For most of the Internet Society’s history, the expansion and development of the Internet could be regarded as an obvious good. There were always those who simply opposed technological development. There were always those who wanted their own interests protected from the Internet. But Internet users historically benefited so much, so obviously, that skepticism about the value of the Internet itself was rare.

Things have changed. Every technology can be used for negative ends. The Internet still, plainly, brings gains in efficiency, convenience, and communications. Yet in the recent past, some of the negative uses have become apparent, which leads some people to ask whether the Internet is just too dangerous. This environment has produced a golden opportunity for those who always preferred a sanitized, tightly-controlled utility to the generative, empowering Internet. These forces claim that only national governments, treaties, laws, regulations, and monopolies can protect us from the problems we face. They do not want the extraordinary collaboration of the Internet. They think there is some mere political choice to be made between the Internet we have known on the one hand, and a tidy, regulated network on the other. If these forces are successful, we will all lose.

The Internet connects people because of its basic design. Each network that joins the Internet does its own thing, but together they are all richer and more reliable. A network of networks cannot be centrally controlled because it has no centre. This is not some accidental design choice we could alter: without this essential feature, we do not have the Internet at all.

For that very reason, we – all humanity – must not let this technology be undermined. We must face, realistically, the challenges that the Internet produces for us all; but we must face them collaboratively and together. The Internet is for everyone, because only everyone can make the global network of networks.

I am inspired by the real Internet – the network of networks that is open, globally-connected, secure, and trustworthy. This is why I am so happy to become the CEO of the Internet Society at this challenging time. We are strong. Our chapters and members demonstrate the enormous value of the Internet. We wish, in every language and corner of the world, to welcome today those who were not connected yesterday and to reach out to those who will connect tomorrow. We collaborate with others throughout the world who embrace the value of the Internet.

Our potential lies not only in our diversity, but in the power of our community to act as one in service of our mission. Together, our stories of an Internet with people at its heart offer a unifying message for all the world. We can sing as a massed choir, all in harmony, to project the beauty and value of our shared, global heritage. We can take that harmony and common purpose to other communities, to governments, and to boardrooms, and enlist them all in our cause. Our history, linked to the early Internet, teaches us to work with a single mind toward that open, globally-connected, trusted, and secure future.

We will turn away from fear and narrow interests. We will not allow this tool of endless potential to be ruined, whether by vandal or greed. We will support and foster new technologies for all humans. We will promote the security and safety of all who connect.

The Internet Society is for the Internet, and the Internet is for everyone.

The post It Is a Challenging Time for the Internet: We Must Not Let It Be Undermined appeared first on Internet Society.

Strengthening Foundations for Creating Open Internet Standards

Internet Society - News Headlines - Mar, 28/08/2018 - 17:59

The Internet Engineering Task Force has reached a significant milestone in the process of evolving its own administrative structure to best suit the current requirements of its work. After nearly two years of discussion about various options, the IETF community has created the IETF Administrative LLC (IETF LLC), a new legal entity. Both the Internet Society’s CEO & President Kathy Brown and the Internet Society’s Board of Trustees Chair Gonzalo Camarillo have expressed strong support for the process that has led to this point, and for the direction the IETF has decided to take. Continuing its long-standing positions, the Internet Society also made financial commitments to support the process, and to the IETF going forward.

All of us at the Internet Society who work closely with the IETF believe this new administrative structure strengthens the the foundation for an Internet built on open standards. The new structure will not change any aspect of the IETF’s technical work or the Internet standards process, and clarifies the relationship between ISOC and the IETF. Importantly, the IETF and ISOC continue to be strongly aligned on key principles. ISOC initiatives related to the IETF, such as the Technical Fellows to the IETF and the Deploy360 Programme, will continue to support participation in the IETF and deployment of the standards created by the IETF.

In the more than three decades since it began, the IETF has evolved its administrative structure several times. The process that drove this latest evolution reflects a few important core operating principles of the IETF: open, consensus-based processes, improvement based on lessons learned from experience (“running code”), and always seeking ways to make the Internet work better – including the operational and administrative practices on which itself runs from day-to-day. We at the Internet Society look forward to the IETF’s continued success.

The post Strengthening Foundations for Creating Open Internet Standards appeared first on Internet Society.

Future Thinking: Mozilla Director of Public Policy Chris Riley on the Internet Economy

Internet Society - News Headlines - Mar, 28/08/2018 - 15:41

Last year, the Internet Society unveiled the 2017 Global Internet Report: Paths to Our Digital Future. The interactive report identifies the drivers affecting tomorrow’s Internet and their impact on Media & Society, Digital Divides, and Personal Rights & Freedoms. We interviewed Chris Riley to hear his perspective on the forces shaping the Internet’s future.

Chris Riley is Director, Public Policy at Mozilla, working to advance the open Internet through public policy analysis and advocacy, strategic planning, coalition building, and community engagement. Chris manages the global Mozilla public policy team and works on all things Internet policy, motivated by the belief that an open, disruptive Internet delivers tremendous socioeconomic benefits, and that if we as a global society don’t work to protect and preserve the Internet’s core features, those benefits will go away. Prior to joining Mozilla, Chris worked as a program manager at the U.S. Department of State on Internet freedom, a policy counsel with the nonprofit public interest organization Free Press, and an attorney-advisor at the Federal Communications Commission.  

The Internet Society: Why is there a need for promoting a better understanding of technology amongst policy wonks, and of policy among technologists?

Chris Riley: While I started out as a mathematics and computer science student, I decided to shift into law and ultimately policy because I was concerned that the evolution of law and regulation around the tech industry wasn’t being driven from a point of technical clarity and understanding. I was worried  that this could have consequences, both intended and unintended, for the terrific socioeconomic benefits that we can and should derive from the Internet.

Today I say to every new cohort of employees at Mozilla that, as Lawrence Lessig once quipped, “code is law,” but “law is law,” too. Mozilla is at its strongest when we think about these things together, and the Internet is the same – when both the people building code and the people building legal systems have enough of a mutual understanding of what’s important and how the other works. The technologists need a broad policy understanding so that they can build that into their systems and their system policies; while the law and policy designers must have enough of an understanding of the technical side that they design law and policy that reflect and amplify the good parts of technology while leaving plenty of room for future flexibility, agility and innovation. I think it’s really those two things coming together that’s vital to the ecosystem as a whole.

How does Mozilla position itself in the Internet economy? Are you a platform?

Although there are some services that we have that are platform-ish (e.g. our acquisition of Pocket in 2017), the core of what we do is related to the fact that we’re a software company. Being a software company is really at the core of Mozilla’s ethos. We write open-source software and we distribute it to the world both as code and packages (downloads and applications).

I don’t expect Mozilla will, in the future, want to emerge as more of a platform company than a software company. We don’t have the scale or the style or the structure to do that. We’re small; we’re non-profit. We’re not ever going to be the model that’s geared towards the platform and social network economy of growing network effects at great debt in order to recuperate the economic benefits. We’re a mature and established business, and really focus on our strength as open-source software developers. That said, we have the right kind of expertise, mission and charter to speak for the Internet in a positive way. We’re therefore a hard-to-define duality of non-profit, mission-driven and software company. This is why it so hard to categorize us.

This year we’re focusing our annual Internet Futures report on consolidation in the Internet economy. We’re specifically investigating consolidation trends in the access, services and application layers of the Internet respectively, as well as consolidation trends acting vertically across layers (e.g. companies gaining dominance in more than one of the Internet’s layers).

Have you noticed a trend in this regard?

We’ve definitely noticed that the Internet is headed towards a more and more centralized future, defined in that sense by both horizontal and vertical centralization trends. We have fewer effective competitors who are presenting the same kinds of substitutable services to users, as well as fewer meaningful choices for users among servers within a single layer. In addition to horizontal consolidation, we’re also seeing many vertical mergers within the tech sector.

I think the world we live in now is too often one in which investment in start-up companies is geared towards reaching the point where they can be sold to one of the existing big players rather than grow into a big and independent enterprise itself. This is a challenge for me and for others because we grew up with an Internet where today’s big company is going to be tomorrow’s second tier. It’s not that I want to penalise any individual companies, but I want to believe in a market where we have the capacity to grow new companies that can become the giants of the next generation of the Internet. I’m not sure we’re there anymore. I think partly the reason why we’re not there is that some of the big companies today are aggressively staying ahead of the trend through massive investments in research and development and, to that extent, kudos to them, and may they continue to have the opportunity to outcompete others and continue to grow from that perspective.

But we’re reaching a point now where it’s going to be far too easy to bolster a weak product in one of these markets by effectively tying it to a dominant product in another market. And that’s the point where competition might have failed. That’s the point where we see good ideas get squelched not because of any technical or systematic problems with their design, implementation or approach, but simply because they weren’t being offered by or interested in being acquired by one of the existing dominant ecosystems.

How does this the trend impact Mozilla?

Concentration and consolidation is an issue that goes back to Mozilla’s history in a very deep way. We were effectively founded to respond to the duopoly of Microsoft Windows and Internet Explorer. We decided users should have a choice in web browsing and so we created something that became effective and even better than what Microsoft was offering. The window of opportunity we had to create this product was aided in no small part by competition inquiries into Microsoft that were ongoing then. Today, we want to ensure that future Mozillas will have the space to see places where some things are underperforming and to then innovate. We’re looking for the same opportunities ourselves as we’re seeking to diversify our product portfolio beyond Firefox.

How has technology’s role in societies changed in the time since you’ve been working in this field? Have you perceived a backlash against the tech industry?

In the US, overwhelmingly so. In Europe, less so, because I feel that Europe was pretty much already there. I frequently categorize 2017 in the U.S. as the year that everyone starts to attack tech.  For many, many years, the tech industry had experienced a honeymoon period with the public and policymakers thanks to the scale of investment and growth, and the pace at which shiny new things that users like were produced by our industry.

We were forgiven the occasional (or so it seemed) negative social or economic  consequences that came with that. But that window of time has now closed. I think that time frame was shorter outside the US because many of the economic benefits that came from this industry were imbued here; it benefited the U.S. and the American economy. So those not quite so flushed with the economic benefits of the industry were quicker to see the unintended consequences and other social and economic harms that came from this model.

Certainly in the U.S., at least, we’ve seen growing awareness of problems associated with centralization. We’ve seen problems like the discrimination that can be reintroduced with machine learning systems that are trained by discriminatory data getting well-deserved public attention. We’ve seen incredible concerns with contentious and unpleasant, harmful, and sometimes illegal speech that appears on platforms and how platforms respond to that.

The world is therefore dramatically different now than to what it was two years ago in terms of how the public view the tech industry. I think it’s important for Mozilla and my colleagues in the tech industry to understand this dynamic and to really strive to make the Internet better. To try to turn that tide around. To acknowledge that there are problems and not everything is perfect. That we have to make some changes both internally and externally in the laws and regulations around us. We need to be serious, open, honest and collaborative in how we approach these problems so that we can get them solved.

What are your other fears for the future of the Internet?

I’m worried about a future of the Internet where users are choosing among four or five vertically integrated stacks of applications and services where they can’t pick and choose a heterogenous Internet experience from amongst them and where nobody with a brilliant idea can come up and create a new business because that space is already effectively occupied and there’s no room for them to grow, and no investment in their ideas because the economic model doesn’t make sense for a new business. If we reach a world where we have vertically integrated silos, competition would have failed. But I still very much believe that we can salvage it.

How should we prevent this from happening? Is competition law the best solution to these consolidation problems?

I’m worried that our understanding of competition law doesn’t deal with consolidation on the Internet properly, because traditional models of market concentration say that if you have four or five businesses that are relatively balanced, then you have a competitive market. But even if we had a competitive market in a traditional sense, it wouldn’t be the Internet.

I think there’s more that can be done with competition law and policy. The idea of U.S. antitrust law was to support consumer welfare, and it’s a powerful idea, one that hasn’t really been explored in the past thirty years or so. There’s a lot more room to interpret the existing legal precedents and statutes we already have. This is something the agencies could choose to pursue on their own, and we would welcome legislative interventions to make this a smoother process.

I think that the solution we should be pursuing in the near term as response to the consolidation trend is through competition law, rather than a reinterpretation or calling for a different kind of regulatory approach. It takes too long to do this: the last time that we tried to overhaul communications law in the United States (the Telecommunications Act of 1996), it was a twenty-year process.  If we take twenty years to address the challenge of centralization, the Internet will have been forever transformed and probably not for the better.

What are your hopes for the future of the Internet?

My hope is that we will see an industry-wide recognition of the impact and entanglement that our work has throughout our economy and our society and a humble and thoughtful approach to how best to approach and manage the responsibility that come with that. More and more open engagement with policymakers and with the public and a restoring of the public’s face that technology and the Internet are here to make our lives and our world better and not world. And I do actually believe that we can get there.

We’re getting ready to launch the 2018 Global Internet Report! Read the concept note and learn how the Internet Economy might shape our future.

Photo ©Karen de Jager

The post Future Thinking: Mozilla Director of Public Policy Chris Riley on the Internet Economy appeared first on Internet Society.

Watch the Experts Session on Encryption from Canberra

Internet Society - News Headlines - Lun, 27/08/2018 - 18:15

Internet Australia and the Internet Society are pleased to invite you to watch the recording of an Experts Session on Encryption on 20 August 2018 at Parliament House, Canberra, Australia.

Encryption technologies enable Internet users to protect the integrity and the confidentiality of their data and communications. From limiting the impact of data breaches, to securing financial transactions, to keeping messages private, encryption is an essential tool for digital security. As a technical foundation for trust on the Internet, encryption promotes commerce, privacy, and user trust, and helps protect data and communications from bad actors.

During the session, international and local experts from across the field discussed the technical aspects of encryption and digital security. They explained how encryption is used to secure communications and data, and explored its role in the Australian digital economy. Experts also discussed the risks associated with attempting to provide exceptional access to encrypted systems.

The post Watch the Experts Session on Encryption from Canberra appeared first on Internet Society.

The Week in Internet News: U.S. DOJ Pressures Facebook to Break Messenger Encryption

Internet Society - News Headlines - Lun, 27/08/2018 - 15:00

Encryption wars, part 2,403: The U.S. Department of Justice is pressuring Facebook to break the encryption in its Messenger app so that investigators can access communications by suspected Ms-13 gang members. The DOJ has asked a judge to force Facebook to allow the agency to tap into Messenger, with the outcome potentially affecting other tech companies, Fortune reports.

Hacking the Apple: An infamous North Korean hacking group has created their first macOS malware as a way to compromise a cryptocurrency exchange, Bleeping Computer reports. The hackers who created the so-called AppleJeus malware are going to great lengths to make it work – even creating a fake company and software product to deliver it.

AI loves TV: As researchers explore ways to give Artificial Intelligence systems curiosity, AIs will sometimes choose to watch TV all day, QZ.com says. AIs playing video games will sometimes die on purchase to see the game-over screen or fixate on a fake TV and remote and flip through channels to find something new.

Certified secure? Trade group CTIA is offering a security certification for cellular-connected Internet of Things devices, TechRepublic reports. Security experts and test labs have participated in the program. With so many potential security vulnerabilities in IoT, it can’t hurt, right?

The righteous Internet: Chinese President Xi Jinping recently defended tight controls over the Internet, saying it must be “clean” and cleansed of vulgar content, Reuters reports. China must “uphold a clean and righteous Internet space,” Xi said.

Don’t be a pack rat: Michael Cohen, U.S. President Donald Trump’s former lawyer, was apparently a fan of encrypted communications apps like WhatsApp and Signal, but that didn’t stop him from getting into legal trouble. Cohen kept logs of his conversations on those apps on his phone, and investigators were able to access those logs somehow, Fast Company says.

Enforcing fair algorithms: Scientists from IBM want AI developers to testify that their creations aren’t biased, as a way to protect against concerns about unfair algorithms, Futurism reports. Under the proposal, developers would publish a Supplier’s Declaration of Conformity that shows how well the algorithm performed at standardized tests of performance, fairness and other measures.

Encryption is under threat around the world. Learn how you can protect encryption, protect our data, and protect one another.

The post The Week in Internet News: U.S. DOJ Pressures Facebook to Break Messenger Encryption appeared first on Internet Society.

Deploying TLS 1.3

Internet Society - News Headlines - Dom, 26/08/2018 - 06:46

Last week saw the formal publication of the TLS 1.3 specification as RFC 8446. It’s been a long time coming – in fact it’s exactly 10 years since TLS 1.2 was published back in 2008 – but represents a substantial step forward in making the Internet a more secure and trusted place.

What is TLS and why is it needed?

Transport Layer Security (TLS) is widely used to encrypt data transmitted between Internet hosts, with the most popular use being for secure web browser connections (adding the ‘S’ to HTTP). It is also commonly (although less visibly) used to encrypt data sent to and from mail servers (using STARTTLS with SMTP and IMAP/POP etc..), but can be used in conjunction with many other Internet protocols (e.g. DNS-over-TLS, FTPS) where secure connections are required. For more information about how TLS works and why you should use it, please see our TLS Basics guide.

TLS is often used interchangeably with SSL (Secure Socket Layers) which was developed by Netscape and predates it as an IETF Standard, but many Certification Authorities (CAs) still market the X.509 certificates used by TLS as ‘SSL certificates’ due to their familiarity with users. It should be noted though, that all versions of the SSL protocol are now obsolete whilst TLS 1.0 is deprecated and should not be used.

How is TLS 1.3 improving things?

TLS 1.3 offers a number of technical advantages such as a simplified handshake to establish secure connections, and allow clients to more quickly resume sessions with servers. This should reduce setup latency and the number of failed connections on poor links that is often used as a justification for maintaining HTTP-only connections.

Just as importantly, it also removes support for several outdated and insecure encryption and hashing algorithms that are currently permitted (although no longer recommended) to be used with earlier versions of TLS, including SHA-1, MD5, DES, 3DES and AES-CBC, whilst adding support for newer cipher suites. Other enhancements include more encrypted elements of the handshake (e.g. the exchange of certificate information is now encrypted) to reduce hints to potential eavesdroppers, as well as improvements to forward secrecy when using particular key exchange modes so that communications at a given moment in time should remain secure even if the algorithms used to encrypt them are compromised in the future.

How can I use TLS 1.3?

So we’ve established that TLS 1.3 is a good thing for the Internet. but how can people actually take advantage of it? Of course, both the client and server need to have the ability to support TLS 1.3 to take advantage of the improvements, but the good news is that developers, vendors and service providers have been actively working to implement it for some time now, and it’s already supported by a number of applications.

Starting with web browsers, Google Chrome (including the Android version) from version 67 onwards, and Mozilla Firefox from version 61 onwards, already have support for TLS 1.3 by default. The latest version (54) of Opera also supports it, although it needs to be specifically enabled.

Apple has already implemented draft support for TLS 1.3 in both MacOS 10.13 and iOS 11, although this also needs to be specifically enabled.

With respect to server-side applications, many of these utilise TLS libraries and several of the more popular implementations including OpenSSL 1.1.1, GnuTLS 3.5.x, Google’s Boring SSL and Facebook’s Fizz are already supporting TLS 1.3. This should allow the protocol to quickly and easily be added to many widely used server applications, and indeed a number of Internet services including Google, Facebook, Akamai and Cloudflare are already supporting TLS 1.3 from compatible clients.

Microsoft does not yet support TLS 1.3 on any of its operating systems or in the Edge and Internet Explorer browsers, preferring to wait until the specification was finalised. It should be noted that early implementations of TLS 1.3 have been based on various versions of the specification (of which there were 28 in all), so a shakeout period will be required to bring implementations up to full standard, but this is likely to be short given the significance and importance of this protocol.

So what can possibly go wrong?

Well it’s not really a problem with TLS 1.3 per se, but whilst it has a mechanism to negotiate TLS 1.2 connections to those devices that can only support that protocol, there are a significant number of older applications that can only support earlier versions of TLS. As use of TLS 1.3 becomes more widespread and secure connections become expected, many devices and applications that cannot be upgraded may no longer be usable. However, the question that must be asked whether it’s advantageous or reasonable to keep supporting older protocols (e.g. TLS 1.0 and 1.1) when they become obsolete and potentially insecure?

The 0-RTT feature that allows data to be sent earlier when resuming secure connections to enable performance comparable with unencrypted handshaking, has been identified as having a potential weakness with respect to replay attacks (see Section 8 of RFC 8446). Nevertheless, replay attacks can happen with earlier versions of the TLS as well, and applications already need to implement specific restrictions on the scope of requests. 0-RTT can also be optionally turned off, or similarly limited in scope if this is a concern for particular types of application, and some guidelines for this can be found in RFC 8446.

Last but not least, many organisations implement middle box solutions to inspect and monitor traffic that is traversing their networks, particularly organisation have have strong regulatory and compliance requirements, This may be used identifying unauthorised or malicious communications, malware, or for monitoring self-signed or fake certificates for example, but as TLS 1.3 changes the handshake behaviour and encrypts certain parts of this (e.g. the certificate information exchange), this may affect middlebox functionality, downgrade TLS connections, or even prevent connections being made entirely.

The issue was identified during testing of early implementations of TLS 1.3, and changes made to allow certain features of the TLS 1.2 handshake to be replicated even though these are not actually necessary for the functioning of the new protocol. In addition, it’s still possible to implement other workarounds such as terminating all connections at the middlebox or distributing custom root certificates that allow decryption of the traffic, with the caveat there are resource and administrative practicalities to consider.

It should be appreciated though, that TLS 1.3 has been introduced to address some of the potential and actual vulnerabilities of earlier versions of the protocol such as the Triple Handshake, BEAST, FREAK and Logjam attacks. Whilst TLS 1.2 is not inherently a poor or even insecure protocol, it does require careful configuration to ensure obsolete cipher suites with identified vulnerabilities are not used in conjunction with it. TLS 1.3 removes the need to make these decisions, and brings significant performance improvements which should ensure there are no longer any reasons to be using unencrypted connections in future.

What You can do!

TLS 1.3 is being deployed now in browsers and many other applications, and in many cases you can already use it by selecting a browser that supports it. We also encourage you ask your IT teams, server administrators and developers to ensure that your sites and services support it, so we can collectively build a more secure Internet!

The Internet Society supports making encryption the new norm on the Internet, and our Deploy360 programme is developing resources on how to implement TLS in different applications.

Further Information

The post Deploying TLS 1.3 appeared first on Internet Society.

The Internet Society and Global Scribes Work Together to Amplify Young Voices

Internet Society - News Headlines - Ven, 24/08/2018 - 12:00

On International Youth Day, the Internet Society and Global Scribes partnered to connect youth around the world to let their voices be heard, allowing them to become empowered and engaged global citizens, striving toward a more united and sustainable digital future.

As local and international actors innovate to solve the most pressing issues that we face in the world today, young people are often left out of the equation with little or no participation in important discussions and decision-making processes.

Youth across the world are often overlooked as a potential resource to solving global challenges, such as climate change, migration, health, and unemployment, despite being directly impacted by these issues and having opinions on how to solve them.

This also happens in the Internet ecosystem, where young people often do not have a place at the table when it comes to decisions that shape the Internet’s future.

While youth are recognized as “the future generation” and perceived as key to a more sustainable tomorrow, they are seldom given adequate platforms to let their voices be heard or allow them to contribute to their societies in a meaningful way, in their own right as youth.

Young people are often deprived of the opportunity to serve as catalysts for a more united and sustainable world today, and not merely as potential change agents and future decision-makers once they become adults.

There is a need to acknowledge the potential of youth and provide an enabling environment for them to not only survive, but thrive in society today – and as the leaders of tomorrow.

Global Scribes fosters such an environment of creative expression, innovation, and cross-cultural connections, encouraging youth to share and explore their passions and talents, acquire crucial 21st century skills, and turn aspirations into reality through collaboration with peers from around the globe.

The Internet Society also contributes to building this environment by constantly celebrating and encouraging youth around the world who are taking action and using the Internet as a force for good in society.

Through this partnership, we aim to connect youth around the world and let their voices be heard, allowing them to become empowered and engaged global citizens, striving toward a more united and sustainable digital future.

Together, we ask young people around the world to raise their voice and show the world the remarkable impact they can bring about as young global citizens using the Internet for positive impact. Your voices and actions count.

“We’re building our Global Scribes platform on the Internet to connect youth around the world. Thanks to this platform, we share our dreams and goodwill for a better future. We care about the world and work to raise awareness about important issues. An open and globally-connected Internet is one of our aspirations for the future. By telling our personal stories with the Internet Society about what we do and how we are making a positive change thanks to the Internet, we hope that more people will hear our stories & join us in shaping a better future”

– Emirhan Şimşek, Age 16, Turkey

Are you a passionate young person who thinks you should have a role in shaping the Internet? Learn what you can do at #CountMyVoice and then join Youth SIG!

Young people need a space where they can have a conversation about what they want the Internet to look like. Join Global Scribes!

Photo: Scribers Irfan Kalender (Age 17, Turkey) and Fares Dehbi (Age 18, Morocco/Qatar) at TEDx Waltham 2018 with Global Scribes: Youth Uniting Nations

The post The Internet Society and Global Scribes Work Together to Amplify Young Voices appeared first on Internet Society.

AfPIF 2018 Day Three: Cloud Infrastructure, Local Content, and More

Internet Society - News Headlines - Ven, 24/08/2018 - 09:26

The growth of cloud infrastructure in Africa has been credited with the growth of local content in many regions, and it holds the key for Africa’s ability to attract content carriers and distribution networks.

The first panel of day three at the Africa Peering and Interconnection Forum (AfPIF) was dedicated to discussing the current scenario of cloud infrastructure and what it will take to grow the sector further, get the market interested, and eventually grow the level of content hosted locally.

South Africa has the most extensive cloud market, compared to other African countries, and it took concerted efforts from the different players, under the ISP Association, for the market to be deregulated and the laws to be put in place. The laws can take time, but industry players agree the laws are vital to investments in the market.

Although the industry may be small in Africa, cybersecurity is key, as businesses are susceptible to cybercrime, just like other global operators. That means the enactment of cyber security laws in the different countries, and continued training and awareness by industry players.

Power and cooling is another vital part, with many countries enjoying monopoly of power distribution. Liquid Telecom said it has had extensive discussions with the power company in South Africa as it seeks to set up carrier-neutral data centers in South Africa, similar to East Africa Data Centers in Kenya. This will be a different company operating the data centers, just like EADC is separate from Liquid in Kenya.

In discussions with the power companies, Liquid challenges them to evaluate the importance of power stability and availability as a determining factor for international companies determining whether to set up data centers in a particular country or not.

Pricing is key for the market, for enterprises to shift from hosting abroad to local the cost must make sense. If the cost is the same when hosting locally, compared to U.S. or European companies, companies will make the right decisions. The pricing also has to be accompanied by stable power and cooling, well-trained engineers and overall security and privacy.

The debate of Over The Top (OTT) services has gained momentum in Africa for the last two years, as disruptive services like WhatsApp, Uber, AirBnB, and Netflix among others have entered the markets.

The debate is on whether these services should be taxed or not, whether they should be licensed like traditional services or not, and whether governments and ICT industry operators should go back to the drawing board and come up with a new way of operating that doesn’t kill the existing market while at the same time promoting innovation.

A study by the Commonwealth Telecommunications Union found that OTT services had led to a rise in bandwidth usage and growth in infrastructure, with operators expanding 3G and 4G coverage to meet the growing demand.

The majority of African governments are grappling with how to handle Internet services, as online advertising revenues continue growing compared to traditional advertising. Most of them are looking for ways to get new tax revenue sources and at the same time grow the economy.

The research was presented at the 5th council of African regulators in Lome, Togo in July this year, and is expected to form the basis of conversations with the government, network operators, OTTs, and the public.

AfPIF 2019 will be in Mauritius, voted the best place for doing business and most competitive economy in Africa by the World Economic Forum’s Annual Global Competitiveness Report 2017-2018.

The post AfPIF 2018 Day Three: Cloud Infrastructure, Local Content, and More appeared first on Internet Society.

Announcing the Online Trust Audit & Honor Roll Methodology for 2018

Internet Society - News Headlines - Gio, 23/08/2018 - 14:44

The Online Trust Alliance (OTA) is an Internet Society initiative that aims to enhance online trust, user empowerment, and innovation through convening multistakeholder initiatives and developing and promoting best practices, ethical privacy practices, and data stewardship. One of OTA’s major activities is the Online Trust Audit & Honor Roll, which promotes responsible online privacy and data security practices and recognizes leaders in the public and private sectors who have embraced them. This morning, we released the methodology we’ll use for this year’s audit.

The report will analyze more than 1,000 websites on consumer protection, site security, and responsible privacy practices. Based on a composite weighted analysis, sites that score 80 percent or better overall, without failing in any one category, will be recognized in the Honor Roll.

Building largely on past criteria, this year’s updates include GDPR compliance and other security and privacy standards and practices, as well as adding a healthcare sector. From the press release:

Key changes to this year’s Audit include:

  • Consumer Protection (email authentication, domain security and anti-phishing technologies) – more granular assessment of Domain-based Message Authentication, Reporting and Conformance (DMARC) support, and increased weight for use of opportunistic Transport Layer Security (TLS), which encrypts email between servers
  • Site Security (site configuration, TLS/SSL infrastructure, presence of site vulnerabilities, observed malware, and related security and data protection enhancing controls) – increased weight for “HTTPS-everywhere” and elements such as patching cadence, application and network security, as well as bonus points for Certificate Authority Authorization (CAA)
  • Privacy (policies and practices including data retention, disclosures, user anonymity, third-party data sharing, opt-out mechanisms and observing sensitive data barriers) – increased weight for archived privacy policies, broader inclusion of settlements and breaches, and bonus points for support of General Data Protection Regulation (GDPR) language

The full 2018 Audit methodology is posted at https://otalliance.org/2018Methodology.

You can see last year’s Audit here, and many organizations may find Appendix E, the Best Practice Checklist, especially useful.

The post Announcing the Online Trust Audit & Honor Roll Methodology for 2018 appeared first on Internet Society.

AfPIF 2018 Day Two: Connecting Cape Town to Cairo

Internet Society - News Headlines - Gio, 23/08/2018 - 12:30

Africa’s dream of Cape Town to Cairo fiber connectivity has moved closer, with Liquid Telecom announcing that it has made considerable progress is signing agreements with regulatory authorities and partners within the route.

Liquid Telecom has an ambitious plan of reducing latencies in connectivity between Cape Town and Cairo. Currently, traffic is routed through Europe, with latencies of 209ms, and it will be reduced to 97ms.

In his keynote speech at the Africa Peering and Interconnection Forum (AfPIF), Ben Roberts, Liquid CTO, said that the project will be implemented through existing Liquid infrastructure within different countries, partnership with existing infrastructure providers, and regulators. The project is expected to be done by 2020 and to eventually connect East and West Africa.

Liquid is expecting the African Continental Free Trade Area (AfCFTA) agreement, signed and ratified recently, to drive city-to-city interconnectivity, as more countries look for ways to trade with each other and eventually exchange Internet traffic. The goal to increase intra-Africa broadband traffic.

Roberts projects the infrastructure currently being set up will be highly used by the youth, who have grown up online – through education, social media, and gaming applications. The Internet of Things is expected to grow; currently most of IoT deployments are in South Africa, but it is expected to grow in areas such as health, agriculture, smart cities, transport, and logistics.

Cloud infrastructure, combined with IoT is expected to drive utilities, water, sewerage, health, agriculture, smart cities, transport, and financial services.

Growth in data centers and cloud infrastructure has been key to growth in content and fall in connectivity costs. Most content carriers and distributors depend on the data center growth to determine whether to enter the market or not.

Michele McCann from Teraco presented about the growth of their data center space, highlighting the factors they consider before deciding whether to enter a market. Teraco currently has more that 350 AS numbers represented at their facilities and they are growing every month.

Teraco started with networks building structured cabling between each other and peering, cloud services were built and as power and cooling became more reliable, content providers and distributors, financial, and enterprise markets set up services. One of the smaller South African banks was able to gain significant market ground as it focused on its online strategy instead of the traditional brick and mortar approach.

What trends will drive data center growth? Moving content closer to users is driving CDNs to move into Africa, accelerated migration to the cloud as companies look to reduce capital expenditure, lower connectivity costs, growth in online services, and availability of peering.

Availability of statistics has improved over the years, with Telegeography presenting its data on Africa’s traffic trends and pricing. This year, Africa’s Internet grew by 45% while in Sub Saharan Africa, it grew by 40%, compared to 72% last year.

Telegeography measures international traffic, so if there was an increase in local traffic, it is not likely to reflect on the Telegeography statistics. The goal of AfPIF is for local traffic to be exchanged locally, however, 82% of capacity from Africa is still going through Europe.

It is projected that as latencies fall, more CDNs will be attracted to Africa and in areas like Latin America. CDNs have ended up investing in four submarine cables, as they seek to lower connectivity costs and reach more users.

Watch the Livestream of AfPIF 2018!

The post AfPIF 2018 Day Two: Connecting Cape Town to Cairo appeared first on Internet Society.

There’s a Techlash. The G20 Should Listen.

Internet Society - News Headlines - Gio, 23/08/2018 - 09:58

The Internet is at risk. Once thought of as the global equalizer, opening doors for communication, work opportunities, commerce and more – the Internet is now increasingly viewed with skepticism and wariness. We are witnessing a trend where people fare feeling let down by the technology they use. Fueled by unease and uncertainty about the growing scope of threats to security and privacy that come with an always-on, tech-driven world, people are now looking for ways to disconnect and are placing greater emphasis on values and human interaction.

The way we live our lives is now inextricably linked to the Internet – which is estimated to contribute US$6.6 trillion a year, or 7.1 percent of total GDP in the G20 countries by 2020. In developing nations, that digital economy is growing steadily by 15 to 25 percent a year. Yet the Internet essentially is under attack. Large scale data breaches, uncertainties about how our data is being used and monetized, cybercrime, surveillance and other online threats are impacting Internet users’ trust. We are at an important crossroads for the Internet and its healthy development is at stake.

It is our collective duty to find a response to the current “techlash.” It should be a G20 priority to reinject hope into technological innovation: by putting people, their rights, and needs first. The fact that over 100 organizations are calling on the leaders attending the G20 Digital Economy Ministerial Meeting on 23-24 August to commit to putting people at the center of the digital future, only highlights the urgency. While the G20 will address important topics such as connectivity, future of work and education, they must not ignore topics that are of great concern to people across the world: security and privacy.

The guarantee of privacy and security is critical to building trust in technological innovation and the Internet in particular. It must be in the interest of the G20 as a global economic powerhouse to address these issues, so that our digital societies can continue to thrive. Recent, high-profile data breaches make it clear that we must hold companies accountable when they use invasive advertising techniques, manipulate user choice, don’t keep our personal data safe, or share our data without permission. Similarly, we must remind governments that hasty regulation to some of these abuses may be misguided.

Lack of end-to-end encryption, backdoors for law enforcement, platform and network shutdowns, all put people at risk – and significantly erode trust. People should also be better empowered to have more control over their data and the ways in which it is used by both governments and the private sector. G20 members should commit to protect any and all users’ information, whether or not they are citizens of a G20 country.

No government will be able to address challenges posed by networked societies alone or in isolation. In trying to do so, they risk damaging this global public resource for all. G20 leaders have a historical opportunity to protect the development of the Internet. They can set an example by underscoring why the Internet is so important to evolving societies, and why countries need to be better curators of this vital resource.

As we prepare for the 2018 G20 summit in Argentina, we also recall words from the Argentine President, Mauricio Macri, that to tackle the challenges of the 21st century we must “put the needs of people first.” Our future must build on a healthy Internet, a web we want. One that is trusted and empowers people regardless of economic resources or demographics. We must commit to the Internet as a global public resource, which bridges divides and helps us come together.

The techlash is real. And it is questioning the benefits of the digital society. We need to reset our relationship with technology and prioritize the needs of people. The G20 can play its part in assuming responsibility – by taking people’s concerns seriously, starting with privacy and security.

Cathleen Berger, Mozilla
Constance Bommelaer de Leusse, The Internet Society
Nnenna Nwakanma, The Web Foundation

The post There’s a Techlash. The G20 Should Listen. appeared first on Internet Society.

Until we meet again…

Internet Society - News Headlines - Mer, 22/08/2018 - 21:00

As I wrap up my tenure at the the helm of the Internet Society on September 1,  I want to thank each and all of you for your engagement, support and friendship.  The last five years have been exhilarating—getting to know you, learning so much from you and acting together — to make the Internet better.

You have made a critical difference in strengthening and growing the Internet Society. The organization is now over 100 staff strong, serving on every continent but Antarctica.  We have grown to 126 Chapters in 108 countries, with 8 global Special Interest Groups (SIGs). The Online Trust Alliance (OTA) has joined our organizational membership and we have new and vibrant partnerships with civil society and human rights organizations. The IETF has adopted a new structure to better serve its administration. Our
youth outreach and our engagement with the Internet Hall of Fame honorees and ISOC alumni have allowed us to look to the future as we gain wisdom from those who shaped the Internet and the Internet Society. More policy makers and governmental organizations look to us for our reports, research and expertise allowing for increased dialogue and collaboration at a time when it is so necessary.

Because of your passion and persistence, we have made significant progress in establishing the Internet Society’s presence worldwide — advocating and organizing across the globe for action on the core imperatives of our time — connecting the still unconnected and addressing the clear anxiety around trustworthiness and security online. Together, we have laid a path for the Internet Society to be a leading voice on ensuring an open, globally connected, trustworthy Internet that works for everyone.

I am pleased that Andrew Sullivan has been selected to lead this dedicated, global community knowing that, with his leadership, you will continue to work tirelessly to safeguard the principles that make us the Internet Society. I wish the Board, our new CEO, PIR, the IETF, all of the I* organizations and the entire Internet Society community success in advocating for and advancing the technical, policy and development requirements that protect the Internet as a global technical infrastructure, a resource to enrich people’s lives, and a force for good in society.

The Internet is for Everyone.

With deep gratitude, I wish you a fond adieu!

Editor’s Note: More thoughts and reflections  can be found in our interview with Kathy Brown.

Photo: A visit to a project in Agua Azul, Mexico.

The post Until we meet again… appeared first on Internet Society.

AfPIF 2018 Kicks Off

Internet Society - News Headlines - Mer, 22/08/2018 - 09:17

The ninth edition of Africa Peering and Interconnection Forum (AfPIF) kicked off today, with more than 400 tech executive in attendance.

This year, the forum was organized and held jointly with iWeek- South Africa ISP Association’s premier tech event. The event is underway at the Cape Town International Convention Center.

This year’s event is dubbed AfPIF@iWeek has attracted tech executives, chief technology officers, peering coordinators and business development managers, Internet service providers and operators, telecommunications policymakers and regulators, content providers, Internet Exchange Point (IXP) operators, infrastructure providers, data center managers, National Research and Education Networks (NRENs), carriers, and transit providers.

The sessions started with an introduction by Nishal Goburdhan, a veteran of AfPIF, who traced the history of AfPIF, from its conception to the community event it is. The community took over the program three years ago, determining the speakers and the conference content.

How can you take advantage of AfPIF? Nishal suggested that the participants use peering personals sessions; this is like speed dating for networks – members give details of their AS numbers, where they peer, peering policy, contact information, and explain why other participants should peer with them. At the end of every session, participants get a chance to introduce themselves.

The meeting tool allows participants to book meetings with other people and there are long breaks in the schedule, meant to facilitate the meetings. There are six half-hour breaks and 90-minute lunch sessions to allow continuation of discussions.

For the last nine years, it has been clear that most peering agreements are done through a handshake and social sessions. The sessions are meant to facilitate these kind of discussions.

How to start an IXP and how to grow an existing one are probably the major questions for Africa’s tech community. Solène Souquet, from Asteroid International, made a presentation on “the big case for a small IXP,” noting that one doesn’t need a big budget to set up an IXP.

The most important part is a vibrant local community, a gigabit infrastructure that is scalable, 20 or 30 customer ports, website, route server, central location with good connectivity options, and a content carrier as among the peers.

Netflix is one of the major global content carriers and has recently established POPs in Africa and is planning to grow. During the peering and transit tutorial, Netflix explained the different consideration in traffic routing. When accessing Netflix, traffic is routed to the closest server, which facilitates faster response time.

One of the major issues that ISPs have with Netflix is blocking of IPs that are found to have flouted the rules, especially using VPNs to access the content. Netflix says that content is geographically licensed and they provide it depending on what the region prefers to watch. In cases of blockage, Netflix encourages ISPs to reach out and resolve the matter with their teams.

The last session was on inter-city traffic latencies, and it shows that the latencies are falling, as the region continues to interconnect more-and-more cities. The study showed that the median latencies are at 250ms.

The study was conducted in collaboration with the University of Cape Town and AFRINIC. It used Ookla and speedcheker to measure the latencies, 723 probes in 100 cities, 43 countries, and 271 servers.

Northern has lowest city-to-city median delay compared to other regions. Kigali was noted to have high latencies but the team couldn’t explain, but promised to continue investigating.

Watch the Livestream of AfPIF 2018!

The post AfPIF 2018 Kicks Off appeared first on Internet Society.

SANOG 32 – Another Success Story for MANRS

Internet Society - News Headlines - Mar, 21/08/2018 - 17:00

The SANOG 32 meeting was held on 2-10 August 2018 in Dhaka, Bangladesh, which marked fifteen amazing years of collaboration between network operators in the South Asia region. The Internet Society is proud to support the SANOG fellowship programme that provides opportunities for network engineers from countries in the region to attend, as well as organising the Network Security workshop during the event.

SANOG 32 also saw another MANRS milestone reached when the ISP Association of Bangladesh (ISPAB) signed a Memorandum of Understanding (MoU) with the Internet Society. ISPAB is a membership-based, not-for-profit organization that provides a forum for Bangladeshi ISPs to discuss technology, policy, regulatory and commercial issues and find collective solutions.

In accordance with the MoU, both ISPAB and ISOC will work together to promote and support MANRS, to encourage network operators in Bangladesh to join the initiative. There are currently only two MANRS participants in the country, so being able to increase engagement with the networking community is a welcome development.

Dr Philip Smith (NSRC and Chair of SANOG Programme Committee) also provided a MANRS update during the conference session.

The Network Security workshop attracted 40 participants and was lead by MANRS founding member Matsuzaki Yoshinobu (IIJ) and Champika Wijayatunga (ICANN), with local support provided by Moinur Rehman and Anirban Data. This featured a hands-on lab where participants learned about the four MANRS action – namely Prefix Filtering, Anti-Spoofing, Coordination and Global Validation. APNIC staff also demonstrated how to update Whois information through MyAPNIC, how to create route/route6 objects, as well as how to create Route of Origin Authorisations (ROAs) for the Internet number resources (IP addresses and AS numbers) under their management. These steps are important in achieving two of the MANRS actions – Coordination and Global Validation.

The South Asian Network Operators Group (SANOG) was started in 2003 to bring together engineers and industry experts from network operators for the purpose of knowledge sharing as well as co-operation among all the relevant stakeholders in the South Asian region which covers Afghanistan, Bangladesh, Bhutan, India, Maldives, Nepal, Pakistan and Sri-Lanka. The SANOG meeting incorporates workshops and tutorials in conjunction with the conference, and people from the community are invited to contribute as workshop instructors or share their experiences through tutorial or conference presentations. Many network operators in the region are in the nascent stage of development, such helps  valuable.

Special thanks to Sumon Ahmed Sabir (SANOG Founding member and Core Com)Gazi Zehadul Kabir (SANOG Chair), Rashed Amin (Vice President ISPAB), Md.Emdadul Hoque (Secretary General ISPAB) and Simon Sohel Baroi (SANOG PC Chair) for the great support.

Its great to see MANRS getting support in the Asia Pacific region. If you are running a network infrastructure then be part of the solution and help protect the core. Join MANRS.

The post SANOG 32 – Another Success Story for MANRS appeared first on Internet Society.

DNS privacy in new Android 9

Internet Society - News Headlines - Mar, 21/08/2018 - 07:00

I recently enrolled in the Android developer preview programme and got hold of the Android P (9 beta) OTA image for my Nokia 7 Plus phone, and while discovering what’s new, I found a new advanced option under network settings called ‘Private DNS’ that got my attention. This led to me finding an article from Erik Kline describing this new feature in Android 9, which to my surprise supports DNS-over-TLS (RFC 7858).

Last year we wrote about the experiments in the Go6lab with DNS-over-TLS where we set up a recursive DNS resolver listening on port 853 and serving DNS answers to queries encrypted with TLS. This setup was useful if your local DNS resolver was Unbound or Stubby, and since then I’ve been using Stubby as my local DNS client on MacOS with the Unbound DNS server at the Go6lab (privacydns.go6lab.si) as a recursive resolver for encrypted DNS queries without any issues.

So armed with the information from Erik, I decided to test out the Android implementation.

First thing was to turn on the setting and test it with the ‘privacydns.go6lab.si’ server which worked fine. Enabling ‘log-queries’ on the Unbound server quickly revealed that DNS queries are reaching the server and being properly resolved. Since ‘privacydns.go6lab.si’ port 853 is openly reachable from the Internet – you can test it as well.

Encouraged with this success, I thought of adding this functionality to the Go6lab recursive resolvers that I use on a daily basis, but this time it needs to listen on the standard DNS port 53 and as well as port 853 for DNS-over-TLS queries. Since we are running recursive resolvers in Go6lab on Unbound software, this was not a difficult task.

I had to install certbot, obtain a Let’s Encrypt certificate for the host, and add 5 new lines of configuration to unbound.conf…

interface: 0.0.0.0@853
interface: ::0@853
interface: 0.0.0.0@53
interface: ::0@53

ssl-service-key: “/etc/letsencrypt/live/recursive1.go6lab.si/privkey.pem”
ssl-service-pem: “/etc/letsencrypt/live/recursive1.go6lab.si/fullchain.pem”
ssl-port: 853

To make sure it’s also listening on port 53, I added the two lines ending with @53 as a precaution.

After rebooting the Unbound server, setting the ‘Private DNS’ setting on my phone to ‘recursive1.go6lab.si and briefly setting the ‘log-queries’ setting to ‘yes’, the first queries started to appear in the query log.

I was not sure whether queries were coming in over port 53 or 853, and therefore whether they were encrypted or not, so I used tcpdump to capture the traffic from the IPv6 address of my phone.

As we can see, traffic is flowing to and from port 853, indicating that our DNS traffic is being encrypted. Examining the tcpdump capture file with Wireshark reveals this is actually TLS 1.2 traffic and that the content of the packets is encrypted.

Most excellent I thought, but the problem is that with a pre-set ‘Private DNS’ server I would have issues when outside of the Go6lab network (or without a VPN connection back into it) as our DNS recursive resolvers are not reachable from outside to prevent DDOS attacks.

Well there’s a setting in ‘Private DNS’ that says ‘Automatic’ which is pretty opportunistic, and after switching this on, the phone tries to send the DNS query to port 853 and falls back to port 53 if there’s no answer. Observing this through tcpdump confirmed the automatic setting does exactly what is expected – it figures out whether DNS-over-TLS is working on our recursive resolvers and starts using it. This option doesn’t validate server names or hashes, but it makes sure it can negotiate TLS 1.2 (and probably also validates the certificate chain that’s provided). However, in ‘Strict Mode’, the system does additionally validate the hostname where this is entered.

The great aspect of automatic mode is that it does not lock you into one pre-set DNS resolving server, but uses whatever is provided when connecting to a different network. And it’s been confirmed by the user of a Pixel phone that this option is also present in the release version of Android 9 Pie, so this functionality will probably stick around in future versions of Android.

Implementation of this new privacy and security feature by the good people at Android is a big boost for making encryption the norm on the Internet, and opens the opportunity for network operators, DNS operators, VPN providers and everyone else running recursive DNS resolvers to quite easily add this functionality. Whoever connects to your network with Android 9 will automatically start using encrypted DNS service and will make sniffing of the queries at the transport layer a little bit more difficult for eavesdroppers.

With Unbound this is pretty simple – and in my next blog post we’ll be looking into how to enable DNS-over-TLS in Bind and some other DNS servers.

There are already few public recursive DNS resolvers currently supporting DNS-over-TLS on port 853 – Cloudflare on 1.1.1.1, Quad9 on 9.9.9.9, and also CleanBrowsing. But we’re also appealing to network operators and anyone who operates a recursive resolver to please add this functionality to your server. It won’t hurt as regular DNS clients will not even notice it, but for those whose operating systems can take advantage of port 853, it will benefit them a lot.

For more information about why DNS-over-TLS is important, the DNS Privacy Project has a good problem statement on its website, along with an explanation of the technical solutions.

Further Information

The post DNS privacy in new Android 9 appeared first on Internet Society.

The Week in Internet News: Malaysia Repeals Recently Passed Fake News Law

Internet Society - News Headlines - Lun, 20/08/2018 - 15:00

That was quick: The new Malaysian government has repealed a fake news law passed earlier this year, The Hill reports. The past government had used the law to charge several opposition leaders. The maximum penalty for violating the law was six years in prison and a fine of about US$128,000.

They love us: A community-run ISP in Chattanooga, Tennessee, is the highest-rated broadband provider in the United States in a Consumer Reports survey, notes Motherboard. The community-run service gets high ranks for speed, reliability, and value, the story says.

Legislating backdoors: The Australian government is targeting companies like Facebook, Google, and WhatsApp in a proposal that would require tech companies to decrypt customer communications on demand, CNet reports. The details of the draft proposal are unclear, but the government would require tech companies to provide more assistance to law enforcement agencies, The Register says.

AI doesn’t want your job: Workers don’t need to worry about Artificial Intelligence taking their jobs, Forbes says. AI will replace boring tasks, but generally not replace whole positions, according to one group of AI experts.

97 and counting: The Kashmir region of India has seen 97 Internet shutdowns in six years after and 11-hour suspension on Aug. 15, Medianama reports. Across the entire country, there have been 96 shutdowns just this year. Indian law allows shutdown if officials determine there’s a public safety or emergency situation.

Billions and billions exposed: About 2.6 billion user records were exposed in more than 2,300 publicly reported data breaches in the first half of 2018, Risk Based Security says. The good news is the number of records exposed is down from a super high 6 billion in the first half of 2017, Silicon Republic reports.

AI for the eyes: A new AI system can diagnose 50 eye diseases with “superb” accuracy, reports Fast Company. The AI, created by Google DeepMind subsidiary UCL and researchers at Moorfields Eye Hospital, can also tell eye doctors why it made the diagnosis.

The Internet Society is standing up for encryption in Australia. You can too.

The post The Week in Internet News: Malaysia Repeals Recently Passed Fake News Law appeared first on Internet Society.

Welcome to AfPIF and iWeek 2018!

Internet Society - News Headlines - Lun, 20/08/2018 - 10:21

A comprehensive view of Africa’s Internet peering and interconnection ecosystem from the region’s top networks and experts, opportunities to strengthen and build new peering relationships with over 300 attendees using an open to all “bilateral meeting” scheduling tool, insightful presentations, studies and reports delivered by a strong lineup of speakers, and a technical village are some of the interesting activities that participants to iWeek/AfPIF 2018 can expect.

The sessions have been spiced up to include a technical village, with vendors offering masterclasses, a super teachers award honoring Africa’s tech teachers, and a beers for peers session, to allow participants to network more.

“This year’s agenda reflects the growing interests from our rapidly evolving regional industry with an increased focus on regional networks, carrier-neutral data centers, cloud services, and regulation in addition to our traditional line-up of quality technical content,” said Kyle Spencer, Co-Coordinator of the African IXP Association.

This year, the Africa Peering and Interconnection Forum (AfPIF) joined hands with the South Africa ISP Association to hold sessions during iWeek. This provides extensive training sessions and opportunities for participants.

“Participants will have opportunities to meet with industry leaders to discuss one on one or in groups the various issues around both networking and content in Africa. Bilaterals are always great to discuss one on one about peering,” said Malcom Siegel, Chairperson, ISP Association in South Africa.

In the last eight years, AfPIF has established itself as the place to be for techies, regulators, and businesses engaging in the rapidly-developing Internet ecosystem. For new entrants into Africa, AfPIF has been a good place to meet major players and engage in bilateral negotiations, which have resulted in increased interconnectivity within the region.

“We have a particularly strong line-up of speakers this year including representatives from Africa and beyond, including Liquid Telecom, Teraco, Amazon, Facebook, Cloudflare, Netflix, TeleGeography, Hurricane Electric, Internet Solutions, and Asteroid, among others,” added Spencer, who is also the Executive Director of the Uganda Internet Exchange Point.

Teaching has been a major component and this year it will not be any different; participants can expect to gain more knowledge and take advantage of the wealth of experience among other participants.

“We have a technical village with vendors who will be giving masterclasses; we also have a training program designed with Africa in mind and will give delegates short 45-50 minute sessions on topics relevant to peering and content delivery,” said Siegel.

Regional interconnection is still a major issue; the continent is striving to interconnect more, and Spencer sees an opportunity to discuss the explosive growth seen in South Africa and how it is impacting growth in the rest of the continent.

After the conference, the organizers encourage participants to experience life in Cape Town and South Africa, if possible.

“Cape Town, South Africa is easily one of the world’s most beautiful, entertaining, and affordable tourist destinations; it has a stunning mountainous coastline; an unusually high density of excellent bars and restaurants; and is immediately adjacent to one of the world’s finest wine-growing regions. Our AfPIF social events and gala dinner will reflect this, of course, but I strongly encourage everyone to stay the following weekend in order to experience all that the area has to offer,” concluded Spencer.

Have a great week ahead!!

Watch the Livestream of AfPIF 2018!

The post Welcome to AfPIF and iWeek 2018! appeared first on Internet Society.

Safe Online, Safe On Land: Promoting Safe Internet Use to Children in Kenya

Internet Society - News Headlines - Ven, 17/08/2018 - 16:16

On February 16th this year, MediaNet Works and the Internet Society Kenya Chapter launched “Safe Online, Safe On Land” a 12-month project that seeks to promote safe Internet usage and practices among children in Kenya. With funding from the Internet Society’s Beyond the Net Grants Program the project anticipates to reach 700 children, targeting Koinonia Community, four children’s homes, one secondary school, and three other schools in Ngong, Kajiado County.

In addition, 12 teachers, 15 child protection and social workers, 10 journalists from both the community and mainstream media, including the Bloggers Association of Kenya (BAKE), will benefit from this project.

Justification of the Project

The launch of this project coincided with media coverage of Internet and social media safety issues in the country. Cases of online child abuse and human trafficking have recently featured in local media. Consequently, the National Assembly on 26 April, 2018, passed the Computer Misuse and Cybercrimes Bill which is set to be presented to the president for assent. The Bill’s offenses relevant to this project include publication of fake news, pornography, cyberterrorism, cybersquatting, and child pornography.

To set the ball rolling consultative meetings between representatives of MediaNet Works and Koinonia Community were held to build consensus and deliberate on the way forward.

Setting Achievable Goals

To achieve the main goals of this project, a media and stakeholders workshop dubbed “Safe Online, Safe On Land,” was convened with the primary objective of sensitizing media players in Kenya on the silent Internet safety issues and their impact on children.

The one-day event held on Friday 27 April 2018, brought together 20 participants: 9 journalists in both print and electronic media from various mainstream media houses in Kenya that included Royal Media Services, Kenya Broadcasting Corporation (KBC), and Standard Media (KTN); 2 community radio stations (Radio Domus FM and Mtaani Radio FM); Bloggers Association of Kenya (BAKE); and Kenya Correspondents Association (KCA) representing freelance journalists in Kenya.

Also represented were three civil society organizations, Terre des Hommes Netherlands (TDH), which deals with child exploitation, Medical Missionary Sisters, which is involved in human trafficking, and Koinonia Community, our key partner. Three officials from the Internet Society Kenya Chapter and four staff from MediaNet Works facilitated the event.

It is expected that as a result of this media engagement, journalists will develop their stories to publish them through the media outlets. The journalists were visibly excited at the prospect of contributing to this cutting edge program.

Information Is Power, Share It

To lay down the foundation for this project, MediaNet commissioned baseline research at the inception of this project to establish how children use the Internet and recommend ways in which they can be supported to be more safe while on line. The research targeted 4 children’s homes with a population of 300 children and young people including a secondary school run by Koinonia Community. The sample population was 93 children.

The research findings were launched and shared at the media stakeholder event.

To enhance our communication and publicity, a new website www.medianetworks.or.ke website and a WhatsApp group have been launched.

Read “A Better Internet for Kenyan Kids” to learn more about the origins of the “Safe Online, Safe on Land” project.

The post Safe Online, Safe On Land: Promoting Safe Internet Use to Children in Kenya appeared first on Internet Society.

We Must Continue to Advocate Passionately and Fearlessly: An Interview with Our CEO, Kathy Brown

Internet Society - News Headlines - Mer, 15/08/2018 - 20:06

Late November, Kathy Brown announced that she would be stepping down as CEO of the Internet Society. While preparing for her next chapter, she reflected on her time at the Internet Society and shared her thoughts on how the Internet itself has evolved during her tenure.

The Internet Society: What are the biggest changes you’ve seen in the Internet since you joined the Internet Society?

Kathy Brown: When I joined the Internet Society nearly five years ago, there were about 3 billion people online. Since then, that number has grown by almost a billion, but, still, not everyone is connected. The Internet Society has helped bring Internet access to the hardest-to-reach places on earth, including remote regions in the Caucasus and indigenous communities in South America, but there remain twice as many people online in the developed world than in the developing world, and the digital gender gap is widening.

There’s also been a trend toward consolidation, with fewer companies controlling more and more, and the Internet getting increasingly centralized. We’ve seen governments using the Internet in good, but also bad ways, such as shutdowns, and we’ve seen criminals finding ways to exploit it.

“Kathy undertook the leadership of the Internet Society after Lynn St. Amour’s enormously successful reign. Building on the base that Lynn established, Kathy expanded the international footprint of the organization and increased ISOC’s services to its members and participants. Of particular note during Kathy’s term of service was the “IANA transition” and a tumultuous WCIT. ISOC became a source of reliable international reporting and analysis for many, including me. The activity level of the chapters increased notably and positioned ISOC as a global player in the world of Internet Governance debate. I thank her for her diligent leadership and wish her well in the next phase of her busy life.”

– Vint Cerf, Founding President of the Internet Society; Vice President and Chief Internet Evangelist, Google

These forces aren’t trivial. We know that when people are able to access the Internet, they can do incredible things. They can access educational opportunities and healthcare. They can create business and participate in markets that were inaccessible to them before. They can preserve their local languages and culture. And they can build communities. We sense that we are at a crossroads where we must double down on a commitment to preserve these opportunities and combat the forces that would thwart it.

How has the Internet Society adapted to an increasingly-complex Internet technology and policy landscape?

The Internet was founded with the values of openness, collaboration, and inclusion. In that spirit, we’ve created partnerships and strengthened our regional presence, increasing our ability to collaborate across the world on different projects.

“Kathy’s dedication and contribution to shaping the Internet Society to what it is today has been exemplary. Characterised by strategic thinking, innovative ideas and, most valuable, her tireless efforts to increase the credibility and visibility of ISOC globally and specifically in the Africa region. Her brilliance and guidance inspired us to do our best!”

– Alice Munyua, Board member of Global Digital Partners and former Internet Society Trustee, Kenya 

We understand that people are legitimately concerned about safety and security, and we’ve adopted the collaborative security approach to address those complex and challenging issues. Solutions will take work; we need those with a stake in the outcome to have a voice on matters of personal safety, privacy, and autonomy. This collaborative approach has illuminated the MANRS initiative —a growing number of providers, government, and technologists working to improve global routing security.

Meanwhile, the Internet of Things is growing exponentially, and while innovative networked approaches to modern living holds great promise, they also come with great risk. Many IoT devices are “insecure by design,” without basic security and privacy built in, and many consumers aren’t aware of the risks – to themselves and to the Internet itself. So, we have partnered with Consumers International to educate consumers and the Internet Society’s Online Trust Alliance has developed the IoT Trust Framework to specifically address the problem of device security.  Our goal is to help consumers choose wisely when connecting any particular device to the Internet.

“Kathy’s strong leadership shaped the future of the Internet Society and the broader Internet. She advocated tirelessly that we must put people at the center of the Internet – and that we must be champions for the positive future we want to see. The changes she has brought about have been both deep and wide-ranging. Kathy leaves the Internet Society with a solid structure and a sound future plan. It has been a pleasure to work with her and I am grateful for all she has done.”

– Gonzalo Camarillo, Chair, Internet Society Board of Trustees

What is the most important role the Internet Society can play in the future of the Internet? What can others do to make a difference? 

First and foremost, we must stand up for an Internet that puts people at the center – values core to the Internet Society. Last year we launched a “futures” report that explores the cross winds that could change the Internet as we know it.  We heard from our community that the challenges to an open and trusted Internet have never been greater, and we also heard that, as a global organization, we have a unique role to speak on tech development and policy. We must continue to advocate passionately and fearlessly to ensure that everyone has access to an Internet that benefits each one of us. We cannot make meaningful change if we lose sight of that focus: people are the heart of the Internet.

“As Internet Society CEO, Kathy has been an unfailing supporter of the Internet Engineering Task Force and the broader Internet technical community. Her leadership and strategic vision were particularly critical to the success of the IANA stewardship transition and to the evolution of the IETF’s administrative structure.”

– Alissa Cooper, IETF Chair

I’m delighted to pass the baton next month to our new CEO, Andrew Sullivan. Andrew is a deep thinker on technology and society: he was an indispensable partner in our policy advocacy during the IANA transition —a known and trusted leader who is ready for the challenges that face us.

Looking back at your work at the Internet Society, what are you most proud of?

In the past five years, the Internet Society has strengthened its community globally, turned its focus to core issues, and mobilized people around the world to take action to protect the Internet. We’ve built strong relationships with our members and partners, strengthened our financial base, and supported the IETF as it’s accomplished its own vision. Our Chapters have been able to do more through training and the Beyond the Net Program, which funds local projects around the world. And we’ve gotten better at telling our story through our new website, our social media presence, and in our engagement on the ground with people who make the Internet work.

“Kathy Brown brought a fresh, strong, personal style to ISOC. She rolled up her sleeves and took up the work with gusto and contagious energy. She listened to many diverse points of view to define her mission and executed strongly and merrily. She has helped ISOC stay strong and present in the fields where it has to be seen and heard, and in many ways, such as through timely, cogent, and relevant briefings, able to exert influence worldwide. I enjoyed every interaction with her!”

– Alejandro Pisanty, Professor, UNAM (National University of Mexico) and former Internet Society Trustee

During our 25th anniversary, we were able to celebrate not just where we are, but how we got here – and we kept coming back to our community, which includes our members, global Chapters, Organization Members, and staff. They are strong. They are passionate, capable, and knowledgeable – and they’re committed to the idea that the Internet belongs to everyone. They’ve demonstrated it through their work and dedication.

I’m honored to have been part of this Society.  The Internet will continue to shape the future, and I am proud that the Internet Society will use its formidable talents to ensure that it remains a force for good in the world.

Images ©Stonehouse Photographic and Tsutsumida Pictures

The post We Must Continue to Advocate Passionately and Fearlessly: An Interview with Our CEO, Kathy Brown appeared first on Internet Society.

Learning About Blockchain, Internet Governance, and Cryptocurrency

Internet Society - News Headlines - Mer, 15/08/2018 - 16:14

My first task as the Internet Society’s Regional Community Manager for the Middle East was to organize three events in a span of a week in three different cities around the Middle East about Blockchain with Dr. Walid Al Saqaf, Internet Society Board of Trustees, as the keynote speaker.

Amman, Beirut, and Dubai

July 8th was D-Day for Amman at the Grand Hyatt Hotel in partnership with Int@j Jordan and Tank by Omnia. July 19th was Beirut, Lebanon, at the Movenpick Beirut, co-organized with the Internet Society Lebanon Chapter. July 12th was Dubai, UAE, at DTEC Silicon Oasis Authority, co-organized with the ISOC UAE Chapter. All three cities differed in the type of attendees, but the subjects were the same: Blockchain, Internet Governance, and Cryptocurrency.

Dr. Walid Al Saqaf, along with Waheed Al Barghouti, a cryptocurrency expert, conducted a four-hour morning workshop with a live mining demo, “create your blockchain” exercise, and smart contract creation, rules, and regulations. Moreover, there was an open forum in the afternoon that included high-level government representatives as well as private and public sector attendees.

Blockchain had been ambiguous to me, yet after the first workshop I found myself knowing more and more about this decentralized world that is creating endless opportunities in implementations in different domains around the world. We all learned how blockchain started, how bitcoin incepted, and how different cryptocurrencies such as Ethereum work.

The history of blockchain sparked discussions such as: what are the implementations of the blockchain, what is proof of work, what is the method of verifying an entry in the blockchain ledger, and using multiple viewers. We were also informed that we couldn’t exchange cryptocurrency without an exchange fee and that these fees are determined by an algorithm. However, we saw some examples of mining without fees, timestamps on transactions for the network, hashing, headers, and the transactions memory pool. Other things discussed were Giga hash (mining plants), Pool mining, orphan blocks, private keys, public keys, smart contracts, decentralized Heroku, and supply chain workflows. The languages used in the workshop were Remix, Truffle, EVM, Embark and JavaScript.

Waheed Al Barghouthi explained that smart contracts were open source, and anyone can create one. He showed us an example of a smart contract used for a ticketing system, how the ticket is issued, then refunded. These contracts can become the future for dealing with any purchase in the world. Walid Al Saqaf jumped in to mention that Georgia is the first country to use smart contracts and blockchain in all of its real estate transactions.

One of the funniest things to hear during the day was “gas.” What is gas you say? It’s not pumped out of the earth when it comes to cryptocurrencies; it is the fee used by Ethereum. For example, if you’re sending Ethereum to anyone and want your transaction to happen immediately, your gas fee is higher than if you wait 48 hours. It was also my first time hearing about something called Bitcoin ATMs where you can exchange bitcoin from your wallets into cash. These ATM’s exist around the world and can be used for withdrawals. At all times, Mr. Waheed confirmed that Dr. Walid was doing a great job, as a humorous side of the workshop.

Dr. Walid confirmed that the Internet cannot be destroyed; it’s built in a way to sustain a nuclear attack! That was reassuring to know. What we know is, just like the Internet first started, blockchain is taking a similar route. As much as the Internet is here to stay, blockchain is also here to stay. It’s a new world and we need to learn more about and welcome its adoption.

Learn more about blockchain and read Do Blockchains Have Anything to Offer Identity?

The post Learning About Blockchain, Internet Governance, and Cryptocurrency appeared first on Internet Society.