-
The other day, I planned to take my 15-year-old son to the movie theatre to see “Hateful Eight” in 70mm film format. The theatre would not allow him in. Under article 240a of the Dutch penal code, it is a felony to show a movie to a minor when that movie is rated 16 or above. Even though I think I am responsible for what my son gets to see, I understand that the rating agency put a 16-year stamp on this politically-incorrect-gun-slinging-gore-and-curse-intense-comedy feature. All this is to say that in the (liberal and democratic) Dutch society, blocking and filtering communication is a fact...
Date published 04 March 2016
-
The Internet Society’s Andrei Robachevsky recently discussed with IDG News Service Collaborative Security, MANRS, and how we can work together to make the Internet’s routing system a safer and more stable place. In “Fixing the Internet's routing security is urgent and requires collaboration,” Andrei and others discuss anti-spoofing, DDoS attacks, and more.
Regarding MANRS, specifically, here’s a snippet of the article:
“Implementing the MANRS recommendations, which are based on existing industry best practices, can have some short-term costs for ISPs, but according to ISOC, that's probably...
Date published 01 March 2016
-
This morning at the 2016 Network and Distributed System Security Symposium (NDSS), four papers were given “Distinguished Paper Awards.” They are listed here, with links to the full papers:
Transcript Collision Attacks: Breaking Authentication in TLS, IKE, and SSH Karthikeyan Bhargavan and Gaetan Leurent (INRIA)
ProTracer: Towards Practical Provenance Tracing by Alternating Between Logging and TaintingShiqing Ma, Xiangyu Zhang and Dongyan Xu (Purdue University)
Forwarding-Loop Attacks in Content Delivery NetworksJianjun Chen, Xiaofeng Zheng, Haixin Duan and Jinjin Liang (Tsinghua...
Date published 23 February 2016
-
NDSS 2016 is well underway. Yesterday, there were three wonderful workshops covering TLS, Online Privacy, and Useable Security. The rest of the conference begins today, covering those topics plus other aspects of security, malware, mobile privacy, user authentication, and more.
The web team is working hard to get all the papers published. You can find them at:
TLS 1.3 Ready or Not (TRON) Workshop: https://www.internetsociety.org/events/ndss-symposium-2016/tls-13-ready-or-not-tron-workshop-programme
Understanding and Enhancing Online Privacy (UEOP) Workshop: https://www.internetsociety.org/...
Date published 22 February 2016
-
How do you get a community effort off the ground and make it a success? How do we even define success? Is it the number of participants, general awareness beyond its participants, or new parallel activities that the effort stimulates? Last week during NANOG 66, several MANRS participants met to discuss the challenges we want to address in 2016 and beyond that are critical to the success of this effort.
Someone recently commented that MANRS will start paying off when it begins to motivate network operators to implement the outlined Actions in order to join the initiative. That is, indeed, our...
Date published 18 February 2016
-
The Internet Society has just signed the online petition at https://www.securetheinternet.org.
In late 2014, the Internet Society Board of Trustees strongly supported the Internet Architecture Board's (IAB) statement that encryption should be the norm for Internet traffic. We further believe that this is an important additional step in ongoing efforts by the technical community to address the critical issue of pervasive monitoring.
That norm is only meaningful if encryption is unlimited, as discussed in the petition.
The Internet Society continues to recognize that increased use of encryption...
Date published 15 February 2016
-
Of all the many protocols that run over the Internet some are more fundamental than others. Border Gateway Protocol (BGP) is one of the more fundamental ones given that it provides the means for networks to announce their connectivity to each other. The Internet is a network of networks and BGP provides the glue that stitches the (approximately) fifty thousand networks that collectively deliver what we think of as the Internet together.
As we mentioned late last year, the Center for Applied Internet Data Analysis (CAIDA) hosted the inaugural BGP Hackathon at their premises in the University...
Date published 10 February 2016
-
We all know security matters. And great things are achieved by chipping at the details. The Network and Distributed System Security Symposium (NDSS) symposium provides a few good examples of how academic work is one way in which the broad technical community takes responsibility and impacts the landscape. NDSS 2016 takes place 21-24 February 2016 in San Diego, California, and registration is open now.
At its core, the Internet Society’s collaborative security framework is approaching security as a distributed process. It is a process whereby various actors accept their responsibilities...
Date published 29 January 2016
-
The Internet’s root servers sustained a Distributed Denial of Service (DDoS) attack last week that is gathering quite a bit of media attention. We once again call on all network operators to consider implementing the actions outlined in the Mutually Agreed Norms for Routing Security (MANRS) document and signing on as supporters of the MANRS initiative.
Specifically, in this case we encourage Action #2: Prevent traffic with spoofed source IP addresses.
"Network operator implements a system that enables source address validation for at least single-homed stub customer networks, their own end-...
Date published 10 December 2015
-
The Internet Society believes that encryption should be the norm for all Internet traffic. There are several efforts underway to enhance trust in the confidentiality of communication, including Let’s Encrypt, which attempts to bring down the price of configuring secure and authenticated web servers to increase overall deployment. Today, 3 December 2015, Let’s Encrypt enters Public Beta.
That means that you no longer need an invitation to get free certificates from Let’s Encrypt. From their announcement today:
“It’s time for the Web to take a big step forward in terms of security and privacy....
Date published 03 December 2015
Internet Society
