[Newsclips] IETF SYN-ACK Newspack 2020-11-30

[David Goldstein <david@goldsteinreport.com>]

The IETF SYNACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

Thoughts from IETF 109 by Geoff Huston

For a group that works on network technologies, it was always a bit odd that the IETF met in person three times a year. Didn’t we have enough trust in the efficacy in the technologies that we work on? I don’t think that is the case. I think the bandwidth of in-person meetings is exceptionally high, and we just cannot cram all that into a virtual world.

< <https://blog.apnic.net/2020/11/25/thoughts-from-ietf-109/> https://blog.apnic.net/2020/11/25/thoughts-from-ietf-109/>

 

SMPTE, OSA Reach Major Progress on Industry's First Media Microservices Standards

... SMPTE ST 2126 took a similar path from the OSA through SMPTE. The project focused on the fundamental challenge of implementing multivendor, multicloud, microservice-based solutions, which lacked a standardized, common means of reporting back the success (or failure) of their execution. The OSA used input from the IETF and EBU to design a flexible yet standardized framework for status reporting and logging, and contributed the resulting draft to SMPTE, which created the public CD.

< <https://www.sportsvideo.org/2020/11/23/smpte-osa-reach-major-progress-on-industrys-first-media-microservices-standards/> https://www.sportsvideo.org/2020/11/23/smpte-osa-reach-major-progress-on-industrys-first-media-microservices-standards/>

 

SHAKE them and STIR them: how Canada is fighting scam calls

... Key terms: STIR: Secure Telephony Identity Revisited, the standard developed by the IETF that defines signature-based call authentication.

< <https://www.itworldcanada.com/article/shake-them-and-stir-them-how-canada-is-fighting-scam-calls/438865> https://www.itworldcanada.com/article/shake-them-and-stir-them-how-canada-is-fighting-scam-calls/438865>

 

技術の進歩とビジネスの見通し2020年から2026年までのWebリアルタイム通信市場 [Technological Advances and Business Prospects Web Real-Time Communications Market from 2020 to 2026]

... Web Real Time Communication（Web RTC）は、Wide Wide Web Consortium（W3C）が提供するオープンソースのアプリケーションプログラミングインターフェイス（API）です。Web RTCを使用すると、エンドユーザーは音声通話やビデオチャットを利用でき、外部プラグインをサポートしなくても、ブラウザー間でピアツーピアファイルを共有できます。World Wide Web Consortiumは、World WideWeb標準を開発するための国際標準化団体です。W3Cは、産業サービスプロバイダーが開発したグローバル標準を採用するために、産業サービスプロバイダー間の互換性を設定しようとしています。Web RTCに必要なインターネットプロトコルは、Force Task Engineering Internet（IETF）によって開発、管理、および標準化されました。

< <https://securetpnews.info/2020/11/27/技術の進歩とビジネスの見通し2020年から2026年までのweb/> https://securetpnews.info/2020/11/27/技術の進歩とビジネスの見通し2020年から2026年までのweb/>

 

中国移动携手中兴通讯推进5G网络云建设 [China Mobile and ZTE to promote the construction of 5G network cloud]

... 在推出先进技术方案的同时，中国移动已经联合中兴通讯等厂家推动网络云国际标准的制定。首先是企标，下一步是国标，接下来还要持续在IETF和ETSI进行推广。后续中国移动将继续与合作伙伴在5G网络精细化、网络运维智能化、云网融合等领域，积极推动相关技术发展和产业开放，持续推动5G网络创新，为5G行业应用创新保驾护航。

< <https://finance.sina.com.cn/tech/2020-11-23/doc-iiznctke2791937.shtml> https://finance.sina.com.cn/tech/2020-11-23/doc-iiznctke2791937.shtml>

 

Neden HTTP/3’e Geçmelisiniz? [Why Go to HTTP/3?]

Bu yazımızda HTTP/3’e neden geçilmesi gerektiğini ve getirdiği yenilikleri aktarıyoruz. Ayrıca hem kullanıcılar hem de geliştiriciler için  avantajlarına değineceğiz.

< <https://www.technopat.net/2020/11/25/neden-http-3-gecmeli/> https://www.technopat.net/2020/11/25/neden-http-3-gecmeli/>

 

**********************

SECURITY & PRIVACY

**********************

How Ransomware Defense is Evolving With Ransomware Attacks

Ransomware became deadly in 2020. Healthcare facilities were attacked at an alarming rate, including one incident in Germany that lead to a patient death when an attack locked critical systems and a woman needing critical care was turned away. She died after she had to be taken to another city for treatment.

< <https://www.darkreading.com/theedge/how-ransomware-defense-is-evolving-with-ransomware-attacks/b/d-id/1339533> https://www.darkreading.com/theedge/how-ransomware-defense-is-evolving-with-ransomware-attacks/b/d-id/1339533>

 

The Cybersecurity 202: Biden’s DHS pick adds cybersecurity chops to the incoming administration

President-elect Joe Biden’s pick to lead the Department of Homeland Security will bring a boatload of cybersecurity experience to the job.

< <https://www.washingtonpost.com/politics/2020/11/24/cybersecurity-202-bidens-dhs-pick-adds-cybersecurity-chops-incoming-administration/> https://www.washingtonpost.com/politics/2020/11/24/cybersecurity-202-bidens-dhs-pick-adds-cybersecurity-chops-incoming-administration/>

 

Danish news agency rejects ransom demand after hacker attack

Denmark’s biggest news agency will stay offline for at least another day following a hacking attack this week and has rejected a ransom demand by hackers to release locked data, the wire service said Wednesday.

< <https://apnews.com/article/denmark-hacking-copenhagen-b0aa807c942ef6d43f242b350ffd685e> https://apnews.com/article/denmark-hacking-copenhagen-b0aa807c942ef6d43f242b350ffd685e>

 

Strict Transport Security vs. HTTPS Resource Records: the showdown

HTTPS resource records (HTTPS RRs) are a new type of DNS record. The standard is still in progress and covers various intended use cases, mostly around delivering configuration information and parameters for how to access a service.

< <https://blog.apnic.net/2020/11/23/strict-transport-security-vs-https-resource-records-the-showdown/> https://blog.apnic.net/2020/11/23/strict-transport-security-vs-https-resource-records-the-showdown/>

 

Which practices help us maintain a secure cyberspace in the Asia Pacific?

Seventy-five years ago, with the creation of the United Nations (UN), the international community started building a system of ‘built-in safety valves‘ that help contain and prevent threats to international stability. Most of these safety measures are based on commonly agreed standards of responsible behaviour, or in other words: norms.

< <https://blog.apnic.net/2020/11/26/which-practices-help-maintain-secure-cyberspace-asia-pacific/> https://blog.apnic.net/2020/11/26/which-practices-help-maintain-secure-cyberspace-asia-pacific/>

 

The two types of AS0 by George Michaelson

When people talk about ‘AS0’ in Resource Public Key Infrastructure (RPKI), they may be referring to one of two things: the AS0 Trust Anchor Locator (TAL) or an AS0 Route Origin Authorization (ROA). In this post, I will clarify the two to mitigate any confusion.

< <https://blog.apnic.net/2020/11/23/the-two-types-of-as0/> https://blog.apnic.net/2020/11/23/the-two-types-of-as0/>

 

Perceptions of IT Decision-makers on the use of DNSSEC by Pablo Rodríguez, Executive Vice President of PR TLD

DNSSEC’s slow adoption rate is an important social problem because information security issues are among the most current and prevalent concerns of individuals, government agencies, and corporations; issues such as identity theft, information tampering and disclosure. Despite the apparent protective advantages of DNSSEC and the negative repercussions of failure to adopt it, no studies have explored why the TLD IT decision-makers have decided not to use this technology.

< <https://lactld.org/en/perceptions-of-it-decision-makers-on-the-use-of-dnssec/> https://lactld.org/en/perceptions-of-it-decision-makers-on-the-use-of-dnssec/>

 

ENISA Report Highlights Resilience of Telecom Sector in Facing the Pandemic

ENISA is releasing its ‘Telecom Security During a Pandemic’ report at the 32nd meeting of EU telecom security authorities. Underlining the current strength of the sector in the face of the pandemic, the report also calls for increased cooperation, as telecommunications become more and more essential for Europe’s society and economy.

< <https://www.enisa.europa.eu/news/enisa-news/telecom-security-and-resilience-during-covid19> https://www.enisa.europa.eu/news/enisa-news/telecom-security-and-resilience-during-covid19>

 

European SMEs facing increased cyber threats in changing digital landscape

In the lead up to the EU Agency for Cybersecurity’s forthcoming Cybersecurity for SMEs report, the Agency gathered European businesses, agencies and associations to share their views on the major challenges faced by SMEs in a time of heightened threats.

< <https://www.enisa.europa.eu/news/enisa-news/european-smes-facing-increased-cyber-threats-in-a-changing-digital-landscape> https://www.enisa.europa.eu/news/enisa-news/european-smes-facing-increased-cyber-threats-in-a-changing-digital-landscape>

 

Here’s how we can strengthen cybersecurity for ‘the New Normal’ by Malcolm Johnson, ITU Deputy Secretary-General

The pace at which the world is changing can be unsettling and casts uncertainty about the future. Cybersecurity concerns are reaching unprecedented levels, and no country and no industry is untouched. According to one estimate, cybercrime could cost the world more than 10 trillion USD a year by 2025, which would represent the greatest transfer of economic wealth in history.

< <https://news.itu.int/strengthen-cybersecurity-new-normal/> https://news.itu.int/strengthen-cybersecurity-new-normal/>

 

CIS: Celebrating 20 Years of Cybersecurity

This year, the Center for Internet Security (CIS) is celebrating 20 years of making the connected world a safer place for people, businesses, and governments worldwide. Back in August of 2000, a small group of business and government leaders met at the legendary Cosmos Club in Washington, D.C. to discuss a concerning rash of cyber-attacks. >From that meeting and others, a vision emerged for an independent, mission-driven, nonprofit organization dedicated to preventing and mitigating new cyber threats.

< <https://www.cisecurity.org/blog/cis-celebrating-20-years-of-cybersecurity/> https://www.cisecurity.org/blog/cis-celebrating-20-years-of-cybersecurity/>

 

Foundational Cloud Security with CIS Benchmarks

Cloud service providers (CSPs) have changed the way organizations of all sizes architect and deploy their IT environments. CSPs now make it possible for organizations to rapidly implement new technologies with greater levels of ease and scalability.

< <https://www.cisecurity.org/blog/foundational-cloud-security-with-cis-benchmarks/> https://www.cisecurity.org/blog/foundational-cloud-security-with-cis-benchmarks/>

 

Patients of a Vermont Hospital Are Left ‘in the Dark’ After a Cyberattack

A wave of damaging attacks on hospitals upended the lives of patients with cancer and other ailments. “I have no idea what to do,” one said.

< <https://www.nytimes.com/2020/11/26/us/hospital-cyber-attack.html> https://www.nytimes.com/2020/11/26/us/hospital-cyber-attack.html>

 

University of Queensland is hacking through perceptions that cybersecurity is a 'man's game'

Australia's cybersecurity experts are aiming to tackle an issue plaguing the industry worldwide — the perception that what they do is a "boy thing".

< <https://www.abc.net.au/news/2020-11-26/challenging-perception-cybersecurity-a-boy-thing/12924332> https://www.abc.net.au/news/2020-11-26/challenging-perception-cybersecurity-a-boy-thing/12924332>

 

au: Cyber resilience starts at school

With the help of Services Australia’s Cyber Security Division, a group of year 12 Lake Tuggeranong College students have written a cyber-attack training package that will be part of the school’s curriculum from 2021.

< <https://mediahub.servicesaustralia.gov.au/news/cyber-resilience-starts-at-school/> https://mediahub.servicesaustralia.gov.au/news/cyber-resilience-starts-at-school/>

 

**********************

INTERNET OF THINGS

**********************

Internet of Things help cities clean up their act

For the last decade, cities around the world have been rolling out “smart water” technologies for both environmental monitoring and resource management. Internet-connected devices making use of increasingly flexible and decentralised networks monitor the flow, consumption and chemical composition of water resources in real time.

< <https://www.ft.com/content/4d8509e2-8c69-4cc5-b20d-3fb07a094467> https://www.ft.com/content/4d8509e2-8c69-4cc5-b20d-3fb07a094467>

 

Next Step in Government Data Tracking Is the Internet of Things: U.S. Air Force experiments with monitoring peripherals—from autos to fitness trackers [subscription]

U. S. government agencies from the military to law enforcement have been buying up mobile-phone data from the private sector to use in gathering intelligence, monitoring adversaries and apprehending criminals. Now, the U.S. Air Force is experimenting with the next step. The Air Force Research Laboratory is testing a commercial software platform that taps mobile phones as a window onto usage of hundreds of millions of computers, routers, fitness trackers, modern automobiles and other networked devices, known collectively as the “Internet of Things.” SignalFrame, a Washington, D.C.-based wireless technology company, has developed the capability to tap software embedded on as many as five million cellphones to determine the real-world location and identity of more than half a billion peripheral devices. The company has been telling the military its product could contribute to digital intelligence efforts that weave classified and unclassified data using machine learning and artificial intelligence. The Air Force’s research arm bought the pitch, and has awarded a $50,000 grant to SignalFrame as part of a research and development program to explore whether the data has potential military applications, according to documents reviewed by The Wall Street Journal. Under the program, the Air Force could provide additional funds should the technology prove useful. ... SignalFrame’s data has many applications in the civilian world, including providing insights into what technologies are being adopted and where. It helped Verizon Communications Inc., for example, measure adoption of next-generation home Wi-Fi routers, according to a case study that it posted on SignalFrame’s website.

< <https://www.wsj.com/articles/next-step-in-government-data-tracking-is-the-internet-of-things-11606478401> https://www.wsj.com/articles/next-step-in-government-data-tracking-is-the-internet-of-things-11606478401>

 

**********************

OTHERWISE NOTEWORTHY

**********************

EPIC: Exploring challenges and opportunities in next-generation Internet architectures

The Internet is a truly amazing system. Originally developed as a research network in the 1960s and 1970s, it is still operational today, connecting billions of users and tens of billions of devices.

< <https://blog.apnic.net/2020/11/25/epic-exploring-challenges-and-opportunities-in-next-generation-internet-architectures/> https://blog.apnic.net/2020/11/25/epic-exploring-challenges-and-opportunities-in-next-generation-internet-architectures/>

 

How centralized is DNS traffic becoming?

There have been growing concerns over the last few years about the excessive concentration of control over the Internet’s markets and infrastructure — what is commonly referred to as Internet centralization.

< <https://blog.apnic.net/2020/11/24/how-centralized-is-dns-traffic-becoming/> https://blog.apnic.net/2020/11/24/how-centralized-is-dns-traffic-becoming/>

 

How centralized is DNS traffic becoming?

There have been growing concerns over the last few years about the excessive concentration of control over the Internet’s markets and infrastructure — what is commonly referred to as Internet centralization.

< <https://blog.apnic.net/2020/11/24/how-centralized-is-dns-traffic-becoming/> https://blog.apnic.net/2020/11/24/how-centralized-is-dns-traffic-becoming/>

 

EPIC: Exploring challenges and opportunities in next-generation Internet architectures

The Internet is a truly amazing system. Originally developed as a research network in the 1960s and 1970s, it is still operational today, connecting billions of users and tens of billions of devices.

< <https://blog.apnic.net/2020/11/25/epic-exploring-challenges-and-opportunities-in-next-generation-internet-architectures/> https://blog.apnic.net/2020/11/25/epic-exploring-challenges-and-opportunities-in-next-generation-internet-architectures/>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home