[Newsclips] IETF SYN-ACK Newspack 2020-11-23

David Goldstein <david@goldsteinreport.com> Mon, 23 November 2020 11:12 UTC

Return-Path: <david@goldsteinreport.com>
X-Original-To: newsclips@ietfa.amsl.com
Delivered-To: newsclips@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2AC893A07DF for <newsclips@ietfa.amsl.com>; Mon, 23 Nov 2020 03:12:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.013
X-Spam-Level: *
X-Spam-Status: No, score=1.013 tagged_above=-999 required=5 tests=[HTML_MESSAGE=0.001, LOTS_OF_MONEY=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, UNICODE_OBFU_ASC=1, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id N62gnaOAxyew for <newsclips@ietfa.amsl.com>; Mon, 23 Nov 2020 03:12:43 -0800 (PST)
Received: from karkinos.atomiclayer.com (karkinos.atomiclayer.com [96.125.178.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 899003A07C0 for <newsclips@ietf.org>; Mon, 23 Nov 2020 03:12:43 -0800 (PST)
Received: from DavidDesktop2019 (unknown [144.136.36.190]) by karkinos.atomiclayer.com (Postfix) with ESMTPSA id 2C8AF28078F for <newsclips@ietf.org>; Mon, 23 Nov 2020 06:12:39 -0500 (EST)
Authentication-Results: karkinos.atomiclayer.com; spf=pass (sender IP is 144.136.36.190) smtp.mailfrom=david@goldsteinreport.com smtp.helo=DavidDesktop2019
Received-SPF: pass (karkinos.atomiclayer.com: connection is authenticated)
From: "David Goldstein" <david@goldsteinreport.com>
To: <newsclips@ietf.org>
Date: Mon, 23 Nov 2020 22:12:40 +1100
Organization: Goldstein Report
Message-ID: <00f801d6c189$906e8210$b14b8630$@goldsteinreport.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_00F9_01D6C1E5.C3DEFA10"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AdbBiX6jsXfjtsARQri+xrdedK6wrA==
Content-Language: en-au
X-PPP-Message-ID: <20201123111241.17004.6975@karkinos.atomiclayer.com>
X-PPP-Vhost: goldsteinreport.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/newsclips/GxjvQqlJAXMWPBAoLTsqICWpURs>
Subject: [Newsclips] IETF SYN-ACK Newspack 2020-11-23
X-BeenThere: newsclips@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF News Clips <newsclips.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/newsclips>, <mailto:newsclips-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/newsclips/>
List-Post: <mailto:newsclips@ietf.org>
List-Help: <mailto:newsclips-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/newsclips>, <mailto:newsclips-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Nov 2020 11:12:49 -0000

The IETF SYNACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

Moving RPKI beyond routing security

Resource Public Key Infrastructure (RPKI) is used for improving Border Gateway Protocol (BGP) routing security. Often the terms RPKI, ROA (Route Origin Authorization) and ROV (Route Origin Validation) are used interchangeably. ... Resource Tagged Attestations, or RTAs, are a new type of RPKI object that is being proposed by authors from APNIC and NLnet Labs in the IETF.

< <https://blog.apnic.net/2020/11/20/moving-rpki-beyond-routing-security/> https://blog.apnic.net/2020/11/20/moving-rpki-beyond-routing-security/>

 

Contributing to the Internet Society Governance Reform Working Group

As we announced some time ago, the Board of Trustees of the Internet Society (ISOC) has established the Governance Reform Working Group in order to host open community discussion on the general topic of potential governance changes at the Internet Society. We would like to welcome all members of any Internet Society Chapter, Organization Member, SIG, as well as individual members and IETF participants to contribute to this effort.

< <https://www.internetsociety.org/blog/2020/11/contributing-to-the-internet-society-governance-reform-working-group/> https://www.internetsociety.org/blog/2020/11/contributing-to-the-internet-society-governance-reform-working-group/>

 

HTTP/3: Ready to Land

Hi, my name is Mike Bishop; I’m the editor of the newest version of HTTP, HTTP/3. I’m part of Foundry, a team at Akamai that focuses on new and emerging technologies that will impact the future of the web. I’ve been involved in web standards since the early days of HTTP/2, and most of my work has been on the development of these modern HTTP versions. When the Internet Engineering Task Force (IETF) was forming the QUIC working group in 2016, I was asked to serve as the editor for the HTTP/3 specification. As we bring this development effort to a close, let’s take a look back at how we got here.

< <https://securityboulevard.com/2020/11/http-3-ready-to-land/> https://securityboulevard.com/2020/11/http-3-ready-to-land/>

 

New research paper on the “politics” of protocols

Today, IGP releases a new research paper on the politics of the new Transport Layer Security standard: Standardizing Security: Surveillance, Human Rights, and TLS 1.3. The research was done by Colin J. Kiernan, a graduate of Georgia Tech’s Masters of Science in Cybersecurity Policy program, with theoretical work by Dr. Milton Mueller. TLS version 1.3 was developed by the Internet Engineering Task Force (IETF) after the Snowden revelations in an attempt to improve privacy and security on the internet.

< <https://www.internetgovernance.org/2020/11/19/new-research-paper-on-the-politics-of-protocols/> https://www.internetgovernance.org/2020/11/19/new-research-paper-on-the-politics-of-protocols/>

 

NIST IPv6 Profile: Authors: Douglas C. Montgomery, Mark E. Carson, Timothy Winters, Michayla Newcombe, Timothy Carlin

Abstract: This profile establishes a basic taxonomy of IPv6 capabilities, defined in terms of IETF specifications, resulting in specific capability labels for common network functions and usage scenarios. The profile maps each such labeled capability to one or more specific technical specifications, or parts of specifications. Each labeled capability adopts by reference the normative requirements of the cited specifications.

< <https://www.nist.gov/publications/nist-ipv6-profile> https://www.nist.gov/publications/nist-ipv6-profile>

 

Rough Consensus

The IETF has a document, RFC 7282, also called " On Consensus and Humming in the IETF", in which they describe how the body makes decisions. This is their philosophy:

< <https://www.sqlservercentral.com/editorials/rough-consensus> https://www.sqlservercentral.com/editorials/rough-consensus>

 

SMPTE, OSA Partner on Advancing Media Microservices Standards

... SMPTE ST 2126 followed a similar path from the OSA through SMPTE. It focuses on the challenge of implementing multivendor, multicloud, microservice-based solutions that lack a standardized, common means to report success or failure of execution. The Internet Engineering Task Force (IETF) and European Broadcasting Union (EBU) provided OSA with input.

< <https://www.tvtechnology.com/news/smpte-osa-partner-on-advancing-media-microservices-standards> https://www.tvtechnology.com/news/smpte-osa-partner-on-advancing-media-microservices-standards>

 

SMPTE2020: Finding the ‘Middle Ground’ for Live Content Over OTT

... The answer, Nowak and Hammershøj said, is to find "the middle ground" between unicast and broadcast—in other words, multicast. This, they stated, could be achieved by using the IETF (Internet Engineering Task Force) QUIC general-purpose transport layer network protocol. The standard supports low latency transport, is backwards compatible with HTTP/2 and can be used with QAuth open standard authorization and PKCE (Proof Key for Code Exchange) security.

< <https://www.tvtechnology.com/news/smpte2020-finding-the-middle-ground-for-live-content-over-ott> https://www.tvtechnology.com/news/smpte2020-finding-the-middle-ground-for-live-content-over-ott>

 

Internet-Standards: Huawei bewirbt sich um den IETF-Vorsitz [Internet standards: Huawei applies for IETF chairmanship]

Die Internet Engineering Task Force (IETF) sucht einen neuen Vorsitzenden, der die Arbeit der Normungsorganisation ab 2021 lenkt. Überraschend bewerben sich nun auch zwei Vertreter des chinesischen Forschungsunternehmens Futurewei um den Platz – Futurewei ist eine Tochter des Netzwerkzulieferers Huawei.

< <https://www.heise.de/news/Internet-Standards-Huawei-bewirbt-sich-um-den-IETF-Vorsitz-4963726.html> https://www.heise.de/news/Internet-Standards-Huawei-bewirbt-sich-um-den-IETF-Vorsitz-4963726.html>

 

Die Internetverwaltung sucht den Weg zwischen Politik Und Technik [The Internet administration is looking for a way between politics and technology]

... Nur so könne es gelingen, Gesetze, Regularien und Verordnungen zu verhindern, welche die technische Funktion des Domain Name Systems und damit einer Kernkomponente des Internets negativ beeinflussen. Problematisch sei, dass sich sämtliche Diskussionen in drei äußerst diversen Typen einteilen lassen: auf Ebene von zwischenstaatlichen Organisationen, in Standardisierungsorganisationen (wie der IETF), und auf nationaler oder regionaler staatlicher Ebene. ICANNs Teilnahme an diesen verschiedenen Diskussionsebenen müsse ausgebaut werden.

< <https://domain-recht.de/domain-registrierung/icann/icann-die-internetverwaltung-sucht-den-weg-zwischen-politik-und-technik-67700.html> https://domain-recht.de/domain-registrierung/icann/icann-die-internetverwaltung-sucht-den-weg-zwischen-politik-und-technik-67700.html>

 

Bedrohungen im World Wide Web [Threats on the World Wide Web]

... Eine weitere Maßnahme, Verschlüsselung sicherer werden zu lassen, stammt von Google selbst und nennt sich Certificate Transparency (CT). Vereinfacht gesagt, sollen damit Zertifikate, die von Certificate Authorities (CAs) ausgestellt wurden, protokolliert, kontrolliert und überwacht werden: Versäumen es Zertifizierungsstellen, Zertifikate gemäß IETF-RFC 6962 auszustellen, zeigt Chrome beim Besuch einer solchen Website eine entsprechende CT-Warnung an.

< <https://www.it-daily.net/it-sicherheit/cybercrime/26175-bedrohungen-im-world-wide-web> https://www.it-daily.net/it-sicherheit/cybercrime/26175-bedrohungen-im-world-wide-web>

 

La maturité de Kubernetes fait naître des standards d’observabilité [The maturity of Kubernetes raises standards of observability]

... À terme, les responsables d’OpenMetrics soumettront leur standard à l’IETF pour publication. Cet appel à commentaires, selon les professionnels de l’IT, pourrait élargir sa portée bien au-delà de la CNCF.

< <https://www.lemagit.fr/actualites/252492376/La-maturite-de-Kubernetes-fait-naitre-des-standards-dobservabilite> https://www.lemagit.fr/actualites/252492376/La-maturite-de-Kubernetes-fait-naitre-des-standards-dobservabilite>

 

Ntic: Bénin DNS Forum 2020 démarre le 24 novembre prochain [Ntic: Benin DNS Forum 2020 kicks off on November 24]

... Les différents programmes du Bénin DNS Forum ont également permis à plusieurs jeunes de s’engager dans l’écosystème de l’ICANN et dans la gouvernance de l’Internet (IETF, IGF, ISOC, Etc). De nombreux talents ont également pu être développés et aujourd’hui le Bénin est l’un des rares pays disposant de plusieurs spécialistes sur les questions de mesures des indicateurs de l’Internet et de gestion des ressources critiques de l’Internet.

< <https://matinlibre.com/2020/11/17/ntic-benin-dns-forum-2020-demarre-le-24-novembre-prochain/> https://matinlibre.com/2020/11/17/ntic-benin-dns-forum-2020-demarre-le-24-novembre-prochain/>

 

GNUnet 0.14 llega con aplicación de mensajería y mas [GNUnet 0.14 arrives with messaging app and more]

La nueva version de GNUnet 0.14 ya fue liberada y en esta nueva version se añadió un nuevo componente de mensaje que está en fase experimental, así como también GNS que ya está sincronizado con la especificación propuesta en el IETF y muchas cosas mas.

< <https://blog.desdelinux.net/gnunet-0-14-llega-con-aplicacion-de-mensajeria-y-mas/> https://blog.desdelinux.net/gnunet-0-14-llega-con-aplicacion-de-mensajeria-y-mas/>

 

IBM, Red Hat, VMWare lancent une initiative de suppression des termes comme blacklist, whitelist, master et slave de l'univers IT [IBM, Red Hat, VMWare launch initiative to remove terms like blacklist, whitelist, master and slave from the IT universe]

... « Comme le dit l'IETF, "maître-esclave est une métaphore oppressante qui ne sera et ne devrait jamais se détacher complètement de l'histoire". Les origines et l'utilisation historique du mot révèlent un usage au mieux chauvin et raciste et dans presque tous les cas connotatif de la propriété. Bien qu'il y ait une petite ambiguïté sur le terme "maître", le terme "esclave" concerne sans ambiguïté la propriété et la soumission d'une autre personne, et ce depuis sa création.

< <https://www.developpez.com/actu/310621/IBM-Red-Hat-VMWare-lancent-une-initiative-de-suppression-des-termes-comme-blacklist-whitelist-master-et-slave-de-l-univers-IT-pour-les-remplacer-par-d-autres-juges-plus-inclusifs-et-explicites/> https://www.developpez.com/actu/310621/IBM-Red-Hat-VMWare-lancent-une-initiative-de-suppression-des-termes-comme-blacklist-whitelist-master-et-slave-de-l-univers-IT-pour-les-remplacer-par-d-autres-juges-plus-inclusifs-et-explicites/>

 

El mercado de WI-SOL Tecnología está en auge en todo el mundo, factores de crecimiento, tamaño de la empresa y análisis de participación, pronóstico del panorama competitivo hasta 2025 [The WI-SOL Technology market is booming worldwide, growth factors, company size and participation analysis, competitive outlook forecasting until 2025]

... El mercado mundial de la tecnología Wi-SOL se tiene en cuenta para presenciar una rápida expansión de la tasa compuesta anual de 29,1% durante el período proyectado. El WI-SOL es una abreviatura de Smart Wireless ubicua red (Wi-SOL). Se trata de un subiendo los avances tecnológicos en la comunicación inalámbrica, en base a los diferentes IEEE, IETF, y el estándar ANSI TIA / pretende beneficiar a los servicios públicos, las ciudades inteligentes y aplicaciones de la IO.

< <https://motoresfera.com/2020/11/22/el-mercado-de-wi-sol-tecnologia-esta-en-auge-en-todo-el-mundo-factores-de-crecimiento-tamano-de-la-empresa-y-analisis-de-participacion-pronostico-del-panorama-competitivo-hasta-2025/> https://motoresfera.com/2020/11/22/el-mercado-de-wi-sol-tecnologia-esta-en-auge-en-todo-el-mundo-factores-de-crecimiento-tamano-de-la-empresa-y-analisis-de-participacion-pronostico-del-panorama-competitivo-hasta-2025/>

 

Europa tendrá redes abiertas e integradas 5G a partir de 2022 [Europe will have open and integrated 5G networks from 2022]

... Aún queda mucho trabajo por hacer, dijo el directivo de Telefónica. Para ello, se ha creado un nuevo grupo de trabajo dentro de TIP, que es MUST, acrónimo de Mandatory Use case requeriments for SDN for Transport, del que son miembros fundadores Telekom, Orange, MTN, Telia, Vodafone y Telefónica. La tarea de este grupo es definir las especificaciones técnicas para distintos interfaces y lograr una estandarización conjunta con otros consorcios, como Openconfig, ONF e IETF, con aportaciones de MUST.

< <https://www.revistacloudcomputing.com/2020/11/europa-tendra-redes-abiertas-e-integradas-5g-a-partir-de-2022/> https://www.revistacloudcomputing.com/2020/11/europa-tendra-redes-abiertas-e-integradas-5g-a-partir-de-2022/>

 

Onno W. Purbo Raih Penghargaan Jonathan B. Postel Service Award [Onno W. Purbo Receives Jonathan B. Postel Service Award]

... Andrew Sullivan, President dan CEO Internet Society, akan menyerahkan penghargaan ini, yang meliputi honorarium sebesar USD20.000 dan replika bola dunia berukir, pada upacara virtual sebagai bagian dari 109th Internet Engineering Task Force (IETF) Meeting yang digelar pada 16-20 November 2020.

< <https://www.medcom.id/teknologi/news-teknologi/GNGWMQlN-onno-w-purbo-raih-penghargaan-jonathan-b-postel-service-award> https://www.medcom.id/teknologi/news-teknologi/GNGWMQlN-onno-w-purbo-raih-penghargaan-jonathan-b-postel-service-award>

< <https://tekno.tempo.co/read/1406545/onno-w-purbo-raih-penghargaan-bergengsi-jonathan-b-postel-service-award/> https://tekno.tempo.co/read/1406545/onno-w-purbo-raih-penghargaan-bergengsi-jonathan-b-postel-service-award/>

 

Wat is WebRTC? Alles over de online standaard voor videobellen [What is WebRTC? All about the online video calling standard]

... Opensource videobeldiensten zoals Jitsi en Nextcloud Talk gebruiken WebRTC en ook Microsoft Teams heeft een webclient die op WebRTC is gebaseerd. WebRTC is een standaard van het World Wide Web Consortium (W3C) en de Internet Engineering Task Force (IETF). Het wordt ondersteund door Google, Mozilla, Apple, Microsoft en Opera, zowel op de desktop als in mobiele browsers.

< <https://pcmweb.nl/artikelen/internet/wat-iswebrtc-alles-over-de-online-standaard-voor-videobellen/> https://pcmweb.nl/artikelen/internet/wat-iswebrtc-alles-over-de-online-standaard-voor-videobellen/>

 

Излезе Chrome 87: нововъведения и промени [Chrome 87 released: innovations and changes]

... Πpoдължaвa пocтeпeннoтo вĸлючвaнe нa НТТР/3 и вepcиятa нa пpoтoĸoлa QUІС нa бaзaтa нa ІЕТF cпeцифиĸaциитe (пpeди пo пoдpaзбиpaнe ce изпoлзвaшe Gооglе вapиaнтa нa QUІС).

< <https://www.kaldata.com/it-новини/излезе-chrome-87-нововъведения-и-промени-349277.html> https://www.kaldata.com/it-новини/излезе-chrome-87-нововъведения-и-промени-349277.html>

 

自研CPE-OTN设备管控系统 中国联通发掘专线市场 [Self-developed CPE-OTN equipment management and control system China Unicom explores the dedicated line market]

... 此外,在中国联通OTN网络一体化建设中,中国联通自研CPE管控系统作为其中承上启下的重要一环,除了在南向支持CPE管控接口外,也在北向上支持中国联通CPE管控北向接口标准,推动实现OTN网络的SDN化。CPE管控北向业务开通接口标准基于IETF标准中的ACTN架构制定,自研CPE管控系统可通过该接口与上层协同器对接,实现从上至下快速端到端OTN专线业务发放;同时,自研CPE管控系统支持通过标准的MTOSI接口接入上层资源管理系统,可提升资源配置与智能运维能力。

< <https://finance.sina.com.cn/tech/2020-11-16/doc-iiznctke1623602.shtml> https://finance.sina.com.cn/tech/2020-11-16/doc-iiznctke1623602.shtml>

 

中国移动携手中兴通讯推进5G网络云建设 [China Mobile and ZTE to promote the construction of 5G network cloud]

... 在推出先进技术方案的同时,中国移动已经联合中兴通讯等厂家推动网络云国际标准的制定。首先是企标,下一步是国标,接下来还要持续在IETF和ETSI进行推广。后续中国移动将继续与合作伙伴在5G网络精细化、网络运维智能化、云网融合等领域,积极推动相关技术发展和产业开放,持续推动5G网络创新,为5G行业应用创新保驾护航。

< <https://tech.sina.com.cn/roll/2020-11-23/doc-iiznctke2791937.shtml> https://tech.sina.com.cn/roll/2020-11-23/doc-iiznctke2791937.shtml>

 

한국통신학회, 차기 회장에 김영한 숭실대 교수...학회지 SCIE 등재 성과도 - 전자신문 [Soongsil University professor Kim Young-han as the next chairman of the Korean Institute of Communication Sciences...]

... 김 교수는 통신네트워크를 비롯한 정보통신기술(ICT) 분야 대표 학자로, 서울대를 거쳐 한국과학기술원(KAIST)에서 박사를 취득했다. 30여년간 ICT 분야 연구자로 국가정보화전략위원회 전문위원을 비롯해 한국컴퓨터통신연구회장, IT융합연구센터장, 유비쿼터스네트워크 센터장 등을 역임했다. 현재는 IETF 코리아 포럼 의장, 대학연구센터협의회장 등을 역임하고 있다.

< <https://www.etnews.com/20201116000062> https://www.etnews.com/20201116000062>

 

**********************

SECURITY & PRIVACY

**********************

Authenticated Resolution and Adaptive Resolution: Security and Navigational Enhancements to the DNS

The DNS has become the fundamental building block for navigating from names to resources on the internet. DNS has been employed continuously ever since its introduction in 1983, by essentially every internet-connected application and device that wants to interact online.

< <https://blog.verisign.com/security/authenticated-resolution-and-adaptive-resolution-security-and-navigational-enhancements-to-the-domain-name-system/> https://blog.verisign.com/security/authenticated-resolution-and-adaptive-resolution-security-and-navigational-enhancements-to-the-domain-name-system/>

 

Network-layer DDoS attack trends for Q3 2020

DDoS attacks are surging — both in frequency and sophistication. After doubling from Q1 to Q2, the total number of network layer attacks observed in Q3 doubled again — resulting in a 4x increase in number compared to the pre-COVID levels in the first quarter.

< <https://blog.cloudflare.com/network-layer-ddos-attack-trends-for-q3-2020/> https://blog.cloudflare.com/network-layer-ddos-attack-trends-for-q3-2020/>

 

New Proposed DNS Security Features Released

Verisign's R&D team has developed new ways to authenticate and optimize DNS traffic on the client side of the domain-name resolution process.

< <https://www.darkreading.com/risk/new-proposed-dns-security-features-released/d/d-id/1339469> https://www.darkreading.com/risk/new-proposed-dns-security-features-released/d/d-id/1339469>

 

Tackling the Cyber Threat as a Global Community: speech by Christopher Wray, Director, FBI to World Economic Forum, Annual Meeting on Cybersecurity 2020: Enabling the Great Reset

It’s an honor to be here to talk about how the FBI is fighting the ever-evolving cyber threat. I do wish we could be together in person, but COVID has of course made us all have to find new ways of getting together. And new ways of doing business.

< <https://www.fbi.gov/news/speeches/wray-remarks-wef-tackling-the-cyber-threat-as-a-global-community-111620> https://www.fbi.gov/news/speeches/wray-remarks-wef-tackling-the-cyber-threat-as-a-global-community-111620>

 

The Dark Triad and Insider Threats in Cyber Security

... Insider cyber sabotage such as that mentioned by Mr. Musk is one of the reasons cyber security remains a top managerial concern. Insider threats, such as the Tesla sabotage, are among the greatest of these security concerns. A major reason for this is that insider security breaches are seen as more costly than those from outsiders.

< <https://cacm.acm.org/magazines/2020/12/248799-the-dark-triad-and-insider-threats-in-cyber-security/fulltext> https://cacm.acm.org/magazines/2020/12/248799-the-dark-triad-and-insider-threats-in-cyber-security/fulltext>

 

Healthcare’s Cybersecurity Incident Response Spotlighted at European Security Event

The EU Agency for Cybersecurity and the Danish Health Data Authority are joining forces again this month, introducing the final session of the 2020 eHealth Security Conference to examine incident response procedures across Europe’s health system.

< <https://www.enisa.europa.eu/news/enisa-news/healthcare2019s-cybersecurity-incident-response-spotlighted-at-european-security-event> https://www.enisa.europa.eu/news/enisa-news/healthcare2019s-cybersecurity-incident-response-spotlighted-at-european-security-event>

 

Deep Dive into the Connected and Automated Mobility (CAM) Ecosystem: New Report

The European Union Agency for Cybersecurity issues a comprehensive report of the CAM cybersecurity ecosystem. It aims at supporting the efforts of the European Commission and Member States competent authorities in deciding how to transpose the relevant United Nations regulations into the EU policy context.

< <https://www.enisa.europa.eu/news/enisa-news/deep-dive-into-the-connected-and-automated-mobility-cam-ecosystem-new-report-released-today> https://www.enisa.europa.eu/news/enisa-news/deep-dive-into-the-connected-and-automated-mobility-cam-ecosystem-new-report-released-today>

 

ENISA’s 48h Hackfest puts Europe’s cybersecurity talent to the test

This week, top cybersecurity minds from EU and EFTA countries gathered to tackle mock cyber challenges in the EU Agency for Cybersecurity’s first-ever Hackfest. This two-day marathon prepared and assessed young cybersecurity talent in a lead up to next year’s European Cyber Security Challenge.

< <https://www.enisa.europa.eu/news/enisa-news/enisa2019s-48h-hackfest-puts-europe2019s-cybersecurity-talent-to-the-test> https://www.enisa.europa.eu/news/enisa-news/enisa2019s-48h-hackfest-puts-europe2019s-cybersecurity-talent-to-the-test>

 

Next Generation Tech Creates Watershed Moment for Cybersecurity Industry

COVID-19 has led to an acceleration of cyber-attacks targeting those working from home, hospital systems and financial institutions. However, the next wave of cybersecurity risks will not be a continuation of these challenges, and incremental progress will not be enough to stop them.

< <https://www.weforum.org/press/2020/11/next-generation-tech-creates-watershed-moment-for-cybersecurity-industry> https://www.weforum.org/press/2020/11/next-generation-tech-creates-watershed-moment-for-cybersecurity-industry>

 

How Cyberattacks Work

Cyberattacks are run like military attacks, in four main phases: reconnaissance, attack, exfiltration, and maintaining position. Understanding this makes fighting back easier.

< <https://www.darkreading.com/how-cyberattacks-work-/a/d-id/1339300> https://www.darkreading.com/how-cyberattacks-work-/a/d-id/1339300>

 

TLS False Start Definition & Meaning

A TLS false start is a feature of Transport Layer Security that reduces some of the latency required by the protocol's encryption and authentication processes. Transport Layer Security (TLS) superseded SSL (Secure Socket Layer) protocols, and both are intended to encrypt Internet sessions between two parties, a client and a server.

< <https://www.webopedia.com/TERM/T/tls-false-start.html> https://www.webopedia.com/TERM/T/tls-false-start.html>

 

Chrome 87 schneller denn je: Google-Browser bekommt Surf-Turbo

Google verteilt http/3 für Chrome: Wie Google in einem Blog-Beitrag mitteilt, hat man mit der Verteilung von http/3 für Chrome begonnen. Das Hypertext Transfer Protocol ist wohl jedem Internet-Nutzer schon mal über den Weg gelaufen, auch wenn es kein Mensch mehr explizit in die Adresszeile des Browsers eintippt. http/3 ist die neueste Ausgabe des Übertragungsprotokolls, die wiederum auf das Protokoll QUIC (Quick UDP Internet Connections) aufsetzt. Das Konzept: HTTP wird schneller, wenn es nicht auf TCP (Transmission Control Protocol), sondern auf UDP (User Datagram Protocol) setzt.

< <https://www.chip.de/news/Chrome-87-Google-Browser-ploetzlich-schneller-denn-je_182701344.html> https://www.chip.de/news/Chrome-87-Google-Browser-ploetzlich-schneller-denn-je_182701344.html>

 

The 6 Best New Features of Safari 14

5. Under the Hood: Alongside the changes we can all see and appreciate, browser updates tend to include many more that most of us won’t ever appreciate. Still, they’re there, and they improve your overall web experience one piece at a time. Safari 13 became the first web browser to support HTTP/3 — I bet you didn’t even realize you were using HTTP/2 all this time! This new version of the HTTP protocol, which underpins web browsing, offers many detailed changes which can all be summed up as “make things faster”. Although the websites we visit will take some time to move across to the new protocol, some are doing so already, and it’s nice to see Apple taking a lead in speeding up the internet. 

< <https://www.makeuseof.com/best-new-features-safari/> https://www.makeuseof.com/best-new-features-safari/>

 

**********************

INTERNET OF THINGS

**********************

German EU presidency pushes for cybersecurity ‘by design’ in connected devices

Laptops, smart phones and other connected devices in Europe should be subject to new cybersecurity standards throughout the “entire life cycle” of products, according to draft EU Council conclusions on the subject, obtained by EURACTIV.

< <https://www.euractiv.com/section/cybersecurity/news/german-eu-presidency-pushes-for-cybersecurity-by-design-in-connected-devices/> https://www.euractiv.com/section/cybersecurity/news/german-eu-presidency-pushes-for-cybersecurity-by-design-in-connected-devices/>

 

**********************

OTHERWISE NOTEWORTHY

**********************

us: IPv6 is now the standard for federal agencies’ internet traffic

Agencies are being pushed to move to more secure Internet Protocol version 6 (IPv6) systems and services under a finalized memo the Office of Management and Budget released Thursday.

< <https://www.fedscoop.com/omb-finalizes-ipv6-memo/> https://www.fedscoop.com/omb-finalizes-ipv6-memo/>

 

What to expect in the new OECD Digital Economy Outlook

When the COVID-19 pandemic broke out earlier this year, much of the world moved online. Teleworking and distance learning became the norm for those with at-home Internet access, many firms adopted digital business models to maintain revenue, and mobile apps were rapidly developed to help “track and trace” the spread of the virus.

< <https://oecd-innovation-blog.com/2020/11/18/digital-economy-outlook-2020-launch-event-agenda-registration/> https://oecd-innovation-blog.com/2020/11/18/digital-economy-outlook-2020-launch-event-agenda-registration/>

 

Measuring Internet Speed: Current Challenges and Future Recommendations

Various governmental organizations have begun to rely on so-called Internet speed tests to measure broadband Internet speed. Examples of these programs include the Federal Communications Commission's "Measuring Broadband America" program, California's CALSPEED program, the U.K.'s Home Broadband Performance Program, and various other initiatives in states including Minnesota, New York, and Pennsylvania. These programs have various goals, ranging from assessing whether ISPs are delivering on advertised speeds to assessing potentially underserved rural areas that could benefit from broadband infrastructure investments.

< <https://cacm.acm.org/magazines/2020/12/248801-measuring-internet-speed/fulltext> https://cacm.acm.org/magazines/2020/12/248801-measuring-internet-speed/fulltext>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home