[Newsclips] IETF SYN-ACK Newspack 2021-03-15

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

Some DNS myths and misconceptions

At IETF 108, for a meeting that was originally meant to take place in my hometown, a few of us developed and presented what the IETF calls a Technology Deep Dive, focused on the DNS.

< <https://blog.apnic.net/2021/03/11/some-dns-myths-and-misconceptions/> https://blog.apnic.net/2021/03/11/some-dns-myths-and-misconceptions/>

 

Notes from the DNS Privacy Workshop at NDSS 2021 by Geoff Huston

... But who should articulate the public interest? And how? The IETF jumped on the Snowden information and decried the practice of such insidious levels of data collection by state actors by claiming in RFC 7258 that "Pervasive monitoring is a technical attack that should be mitigated in the design of IETF protocols, where possible." However, it is difficult to pick apart the sense of emotional outrage and betrayal on the part of a technically privileged cadre from a considered view of what is in the best interests of a robust, balanced and resilient social framework.

< <https://www.potaroo.net/ispcol/2021-03/dnspriv.html> https://www.potaroo.net/ispcol/2021-03/dnspriv.html>

< <https://www.circleid.com/posts/20210309-notes-from-the-dns-privacy-workshop-at-ndss-2021/> https://www.circleid.com/posts/20210309-notes-from-the-dns-privacy-workshop-at-ndss-2021/>

< <https://blog.apnic.net/2021/03/10/notes-from-ndss-dns-privacy-workshop-2021/> https://blog.apnic.net/2021/03/10/notes-from-ndss-dns-privacy-workshop-2021/>

 

What’s up @IETF110

For the fourth time in a row, the IETF is meeting fully virtually this week (8-12 March). This has not stopped the Internet standards body from driving a lot of work in the DNS area. Here is a quick overview of the packed agenda and some highlights for interested participants from the CENTR community and beyond.

< <https://www.centr.org/news/blog/whatsup-ietf110.html> https://www.centr.org/news/blog/whatsup-ietf110.html>

 

Standardizing Security: Surveillance, Human Rights, and TLS 1.3 by Milton Mueller and Colin Kiernan

Abstract: This paper conducts a detailed case study of the development of a new transport layer security (TLS) standard and its implications for the privacy of Internet users and the security and accountability of network operators. TLS version 1.3 was developed by the IETF from 2014 - 2018 in reaction to a major political controversy over surveillance. Analyzing the controversies around its design, adoption and implementation illuminates the role of technical standards in the governance of cybersecurity and the Internet. It also contributes to an ongoing theoretical debate about the degree to which protocols or standards can be considered “political.” The paper develops a conceptual framework that identifies three distinct relationships between standards and political/social effects: 1) the political economy of the standardization process (PES); 2) the societal effects of a standard’s adoption, implementation and use (SES); and 3) protocols have politics (PHP), or politics and rights are embedded in the standard. In analyzing the development of TLS 1.3, we find that the PHP approach had limited explanatory value compared to the first and second approaches. By conveying the idea that political, economic and social effects can be hard coded into protocol designs, the protocols-have-politics view short-circuits careful analysis of the way standards contribute to governance.

< <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3746572> https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3746572>

 

An Experimental Study of IoT Networks Under Internal Routing Attack by Mohammad Alreshoodi

Abstract: Internet of Things (IoT) deployments mostly relies on the establishment of Low-Power and Lossy Networks (LLNs) among a large number of constraint devices. The IETF provides an effective IPv6-based LLN routing protocol, namely the IPv6 Routing Protocol for Low Power and Lossy Network (RPL). RPL provides adequate protection against external security attacks but stays vulnerable to internal routing attacks such as a rank attack. Malicious RPL nodes can carry out a rank attack in different forms and cause serious network performance degradation. An experimental study of the impact of the decreased rank attack on the overall network performance is presented in this paper. In also besides, it is important to understand the main influencing factors in this context. In this study, several some many network scenarios were considered with varying network sizes, attacker properties, and topological setups. The experimental results indicate a noticeable adverse effect of the rank attack on the average PDR, delay, ETX, and beacon interval. However, such impact was varied according to network size, attacker position, attacker neighbor count, number of attack-affected nodes, and overall hops increase. The results give a practical reference to the overall performance of RPL networks under rank attacks.

< <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3690813> https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3690813>

 

Routing Protocol for Low-Power and Lossy Networks (RPL) in IoT applications: A Review by Jubin Dipakkumar Kothari

Abstract: Over the most recent couple of years, the Internet of Things (IoT) has ended up being an intriguing and promising worldview that plans to add to incalculable applications by interfacing more physical "things" to the Internet. Although it rose as a significant empowering influence for some cutting edge applications, it additionally acquainted new difficulties with virtually soaked networks. The IoT is becoming animated, particularly in medical care and shrewd climate applications, including countless low fueled sensors and actuators to improve life and acquaint new administrations with the network. The IETF created RPL as the steering convention for low force and lossy networks (LLNs) and normalized it in RFC6550 in 2012. RPL immediately picked up intrigue, and many exploration papers were acquainted with assessing and improve its presence in various applications. In this paper, we present a conversation of the fundamental parts of RPL and the points of interest and inconveniences of utilizing it in various IoT applications. We likewise survey the accessible examination methodically identified with RPL, given the improvement zone and the administration type.

< <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3729745> https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3729745>

 

How Standard Setting Can Help Taiwan Grow Its Global Role

... In many fields, the real work that is shaping the business environment and determining which technologies will prevail is done by private sector–led and engineer-led groups. For the internet, that means influential groups like the IETF, the Institute of Electrical and Electronics Engineers, and the World Wide Web Consortium. Taiwan should focus on this class of crucial standard-setting bodies where governments do not have the loudest voices.

< <https://carnegieendowment.org/2021/03/09/how-standard-setting-can-help-taiwan-grow-its-global-role-pub-84026> https://carnegieendowment.org/2021/03/09/how-standard-setting-can-help-taiwan-grow-its-global-role-pub-84026>

 

This Week in Programming: GitLab Moves on from Master/Slave Terminology

... For our money, the IETF put it best when it asserted that “Master-slave is an offensive metaphor that will and should never become fully detached from history.”

< <https://thenewstack.io/this-week-in-programming-gitlab-moves-on-from-master-slave-terminology/> https://thenewstack.io/this-week-in-programming-gitlab-moves-on-from-master-slave-terminology/>

 

Souped-Up Gopher: Project Gemini’s Plan to Revolutionize Internet Browsing

... “Suggestions for new features will not be considered, as the protocol is considered feature complete,” explained the FAQ. “[T]he main focus of the project now is on growing the community around the protocol, as well as working on translating the existing specification into a more precise and formal version which might be considered for submission to internet standards bodies such as IETF and IANA.”

< <https://thenewstack.io/souped-up-gopher-project-geminis-plan-to-revolutionize-internet-browsing/> https://thenewstack.io/souped-up-gopher-project-geminis-plan-to-revolutionize-internet-browsing/>

 

DHCP : tout ce qu’il faut savoir sur le protocole de gestion d’adresse IP [DHCP: Everything you need to know about the IP address management protocol]

... L’histoire du DHCP débute en 1984, avec la création d’un nouveau protocole de connexion nommé RARP (Reverse Address Resolution Protocol) par l’IETF, organisme de standardisation de l’Internet. Le RARP rendait les ordinateurs sans stockage, appelés “diskless workstations”, capables de recevoir des adresses IP automatiquement. Ces ordinateurs démarraient alors en téléchargeant un OS à partir d’un simple serveur central.

< <https://www.lebigdata.fr/dhcp-tout-savoir> https://www.lebigdata.fr/dhcp-tout-savoir>

 

Wi-Fi Alliance îmbunătăţeşte calitatea serviciului pentru aplicaţii în timp real [Wi-Fi Alliance improves quality of service for real-time applications]

... Noul standard este bazat pe formatul Wi-Fi Certified WMM pentru a oferi ceea ce în opinia organizaţiei reprezintă o abordare consistentă şi holistică a regimului quality of service (QoS) în reţelele Wi-Fi. El introduce două tehnologii noi menite să permită dispozitivelor Wi-Fi, aplicaţiilor şi administratorilor de reţele să prioritizeze fluxurile de trafic prin stabilirea unei abordări standardizate a proceselor QoS mirroring şi prin alinierea cu recomandările IETF pentru mapare QoS.

< <https://www.clubitc.ro/2021/03/11/wi-fi-alliance-imbunatateste-calitatea-serviciului-pentru-aplicatii-in-timp-real/> https://www.clubitc.ro/2021/03/11/wi-fi-alliance-imbunatateste-calitatea-serviciului-pentru-aplicatii-in-timp-real/>

 

ドメインネームシステムセキュリティ拡張機能市場– 2027年までの成長予測を伴う現在の業界の数値の詳細な分析 [Domain Name System Security Extensions Market – In-level analysis of current industry figures with growth forecasts through 2027]

... ドメインネームシステムセキュリティ拡張機能（DNSSEC）は、インターネットプロトコル（IP）ネットワークで使用されるドメインネームシステム（DNS）によって提供される特定の種類の情報を保護するためのインターネット技術特別調査委員会（IETF）仕様のスイートです。これはDNSの拡張機能のセットであり、DNSクライアント（リゾルバー）にDNSデータの暗号化認証、認証された存在拒否、およびデータの整合性を提供しますが、可用性や機密性は提供しません。

< <http://thehack.jp/2021/03/11/ドメインネームシステムセキュリティ拡張機能市/> http://thehack.jp/2021/03/11/ドメインネームシステムセキュリティ拡張機能市/>

 

华为日志审计系统 HiSec LogAuditor1500通过IPv6 Ready Logo认证 [Huawei's log auditing system, HiSec LogAuditor1500, is IPv6 Ready Ready certified]

近日，华为技术有限公司旗下华为日志审计系统 HiSec LogAuditor1500 在下一代互联网国家工程中心-全球IPv6测试中心正式通过IPv6 Ready核心协议Phase-2测试，并荣获由国际组织IPv6 Forum颁发的IPv6 Ready Logo Phase-2认证证书(Logo ID:02-C-002183)。这标志着上述产品的IPv6核心协议实现已全面符合IETF RFC相关标准，其一致性和互通性得到了权威验证。

< <http://sc.stock.cnfol.com/ggzixun/20210312/28748365.shtml> http://sc.stock.cnfol.com/ggzixun/20210312/28748365.shtml>

 

Comcast, Charter and more reflect on a year of pandemic

... Peter Chave, principal architect, Akamai ... Looking forward, emerging approaches to content delivery like dynamic protocol optimization, HTTP/3 and advanced compression techniques will play a part in further operationalizing and automating many functions that currently need human intervention. We know the internet can scale; now we can make it easier.

< <https://www.fiercevideo.com/video/comcast-charter-and-more-reflect-a-year-pandemic> https://www.fiercevideo.com/video/comcast-charter-and-more-reflect-a-year-pandemic>

 

Co spowalnia stronę WWW? 11 rzeczy, które sprawiają, że klienci uciekają wkurzeni [What slows down a web page? 11 things that make customers run away]

... Wersja HTTP/2 została wprowadzona w 2015 r. i od tamtego czasu zdecydowana większość serwerów dostosowała się do jego zaleceń. Warto mieć jednak na uwadze, że w 2020 wprowadzono nową generację protokołu HTTP/3. Wprawdzie jego pełna implementacja może potrwać od kilku miesięcy do kilku lat, to zdecydowanie warto wybierać hosting obsługujący ten protokół.

< <https://admonkey.pl/co-spowalnia-strone-www-11-rzeczy/> https://admonkey.pl/co-spowalnia-strone-www-11-rzeczy/>

 

Des failles vieilles de 15 ans dans le sous-système iSCSI de Linux [15-year-old flaws in Linux's iSCSI subsystem]

... Les failles de sécurité touchant visant Linux sont peut être moins répandues que dans le monde Windows mais n'en demeurent pas moins dangereuses. Dernièrement, une vulnérabilité dans le chargeur de démarrage Linux GRUB2 avait été identifiée, d'autres en début d'année dans l'outil Dnsmasq de service de mise en cache DNS, transfert DNS et DHCP.

< <https://www.lemondeinformatique.fr/actualites/lire-des-failles-vieilles-de-15-ans-dans-le-sous-systeme-iscsi-de-linux-82280.html> https://www.lemondeinformatique.fr/actualites/lire-des-failles-vieilles-de-15-ans-dans-le-sous-systeme-iscsi-de-linux-82280.html>

 

**********************

SECURITY & PRIVACY

**********************

How CISA is Building a Future for Women in Cyber

What is the future of women in cyber?  As the nation’s first cybersecurity agency, one of our top goals from the starting gate has been to increase the representation of women and men of all backgrounds throughout the CISA workforce.

< <https://www.cisa.gov/blog/2021/03/10/how-cisa-building-future-women-cyber> https://www.cisa.gov/blog/2021/03/10/how-cisa-building-future-women-cyber>

 

Threat Trends: DNS Security, Part 1

Part 1: Top threat categories: When it comes to security, deciding where to dedicate resources is vital. To do so, it’s important to know what security issues are most likely to crop up within your organization, and their potential impact. The challenge is that the most active threats change over time, as the prevalence of different attacks ebb and flows.

< <https://blogs.cisco.com/security/threat-trends-dns-security-part-1> https://blogs.cisco.com/security/threat-trends-dns-security-part-1>

 

eu: Building Trust in the Digital Era: ENISA boosts the uptake of the eIDAS regulation

The European Union Agency for Cybersecurity issues technical guidance and recommendations on Electronic Identification and Trust Services helping Member States to implement the eIDAS regulation.

< <https://www.enisa.europa.eu/news/enisa-news/building-trust-in-the-digital-era-enisa-boosts-the-uptake-of-the-eidas-regulation> https://www.enisa.europa.eu/news/enisa-news/building-trust-in-the-digital-era-enisa-boosts-the-uptake-of-the-eidas-regulation>

 

Better together – especially now

Cybersecurity, like vaccines, requires the cooperation of all governments together with the right experts to deliver best practices to the Industry to keep citizens safe, writes Sophie Batas.

< <https://www.euractiv.com/section/cybersecurity/opinion/better-together-especially-now/> https://www.euractiv.com/section/cybersecurity/opinion/better-together-especially-now/>

 

Navigating Cybersecurity Rough Seas: Choosing Objective Observations vs Narrative Fallacies

We have reached unprecedented complexity of our cyber defence systems, and we have very little understanding how all of this works. We add even more complexity to mitigate the vulnerability we discover. We justify that by narratives about how the adversary would fall in our trap, if we only had one. And that is a fallacy because the objective of the adversary is to evade it.

< <https://www.farsightsecurity.com/blog/txt-record/objectiveobservations-20210310/> https://www.farsightsecurity.com/blog/txt-record/objectiveobservations-20210310/>

 

Keeping pace: ITU’s Global Cybersecurity Agenda

The COVID-19 pandemic has put the spotlight on the benefits that information and communication technologies (ICTs) can bring. But the technologies only bring those benefits to people with meaningful access. This means not just reliable Internet connectivity, but a cyberspace that is secure and trusted.

< <https://www.itu.int/en/myitu/News/2021/03/09/14/09/Keeping-pace-ITU-Global-Cybersecurity-Agenda> https://www.itu.int/en/myitu/News/2021/03/09/14/09/Keeping-pace-ITU-Global-Cybersecurity-Agenda>

 

Surge in vaccine-related phishing attacks as rollout picks up momentum

Hackers are taking advantage of the heightened focus on the Covid-19 vaccine and are increasingly using vaccine-related emails in their targeted spear-phishing attacks, according to new data from cloud-enabled security solutions provider Barracuda Networks.

< <https://futurefive.co.nz/story/surge-in-vaccine-related-phishing-attacks-as-rollout-picks-up-momentum> https://futurefive.co.nz/story/surge-in-vaccine-related-phishing-attacks-as-rollout-picks-up-momentum>

 

Threat Spotlight: Vaccine-related phishing

Beware of phishing campaigns that use the COVID-19 vaccination as a hook. In the same way they’ve capitalized on the global pandemic with coronavirus-related phishing attacks, cybercriminals are now trying to leverage the vaccine to steal money and personal information. The FBI issued a warning in December about emerging fraud schemes related to COVID-19 vaccines.

< <https://blog.barracuda.com/2021/03/04/threat-spotlight-vaccine-related-phishing/> https://blog.barracuda.com/2021/03/04/threat-spotlight-vaccine-related-phishing/>

 

**********************

INTERNET OF THINGS

**********************

Internet of Things for Smart Cities: Challenges, Security and Privacy Issues by Selvakumar Manickam and Afiqah Kooy

Abstract: Technology has vastly advanced over the years and brought on the birth of new innovations. With the advancement of the Internet of Things (IoT), developing countries all over the world have started to adopt smart technologies and promoting interconnectivity, with the vision to create smart cities. Smart cities are formed in order to improve quality of life, optimize resources and provide better facilities to the citizens. However, alongside the benefits, there are also many challenges and risks that come along with the implementation, especially regarding privacy and safety. This paper highlights and discusses the challenges, security and privacy issues in the implementation of the Internet of Things (IoT) for Smart Cities.

< <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3713677> https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3713677>

 

4 key areas where AI and IoT are being combined

AIoT: When AI meets the Internet of Things: The Internet of Things (IoT) is a technology helping us to reimagine daily life, but artificial intelligence (AI) is the real driving force behind the IoT’s full potential.

< <https://www.weforum.org/agenda/2021/03/ai-is-fusing-with-the-internet-of-things-to-create-new-technology-innovations/> https://www.weforum.org/agenda/2021/03/ai-is-fusing-with-the-internet-of-things-to-create-new-technology-innovations/>

 

The future outlook of IoT technologies and applications

For over a decade we have witnessed a proliferation of internet-connected devices. Nowadays, the number of internet-connected devices is estimated to be around 25 billion. Most of these are mainstream consumer devices that enable human communications and facilitate human-machine interactions. There is also a growing number of devices that are deployed in industrial environments to enable the collection of digital data about operational performance such as efficiency and quality.

< <https://bdtechtalks.com/2021/03/08/internet-of-things-outlook/> https://bdtechtalks.com/2021/03/08/internet-of-things-outlook/>

 

us: New Internet of Things (IoT) Cybersecurity Law’s Far Reaching Impacts

Enacted on December 4, 2020, the Internet of Things Cybersecurity Improvement Act of 2020 (the “IoT Act”) is expected to dramatically improve the cybersecurity of the ubiquitous IoT devices.[1] With IoT devices on track to exceed 21.5 billion by 2025, the IoT Act mandates cybersecurity standards and guidelines for the acquisition and use by the federal government of IoT devices capable of connecting to the Internet. The IoT Act, and the accompanying standards and guidance being developed by the National Institute of Standards and Technology (NIST) will directly affect government contractors who manufacture IoT devices for federal government use, or who provide services, software or information systems using IoT devices to the federal government.

< <https://www.natlawreview.com/article/new-internet-things-iot-cybersecurity-law-s-far-reaching-impacts> https://www.natlawreview.com/article/new-internet-things-iot-cybersecurity-law-s-far-reaching-impacts>

 

**********************

OTHERWISE NOTEWORTHY

**********************

Config2Spec: Mining network specifications from network configurations

For several years now, the community has been dreaming of Intent-Based Networking (IBN): the idea of telling the network what to do instead of how to do it.

< <https://blog.apnic.net/2021/03/08/config2spec-mining-network-specifications-from-network-configurations/> https://blog.apnic.net/2021/03/08/config2spec-mining-network-specifications-from-network-configurations/>

 

It’s Time to Nominate the Next Leaders of IEEE: Volunteers are needed to serve as corporate officers, committee chairs, and other positions

IEEE is governed by volunteer members and depends on them for many things including editing its publications, organizing conferences, coordinating regional and local activities, writing standards, leading educational activities, and identifying individuals for IEEE recognitions and awards.

< <https://spectrum.ieee.org/the-institute/ieee-news/its-time-to-nominate-the-next-leaders-of-ieee> https://spectrum.ieee.org/the-institute/ieee-news/its-time-to-nominate-the-next-leaders-of-ieee>

 

Interview: Tim Berners-Lee: ‘We need social networks where bad things happen less’

Zoom being Zoom, Tim Berners-Lee’s name appears in my browser window about 20 seconds before his audio and video feed kick in – and for a brief moment, the prospect of talking online to the inventor of the world wide web seems so full of symbolism and significance that it threatens to take my breath away.

< <https://www.theguardian.com/lifeandstyle/2021/mar/15/tim-berners-lee-we-need-social-networks-where-bad-things-happen-less> https://www.theguardian.com/lifeandstyle/2021/mar/15/tim-berners-lee-we-need-social-networks-where-bad-things-happen-less>

 

Web inventor Sir Tim Berners-Lee warns of widening digital divide

The creator of the web says coronavirus has highlighted the importance of internet connectivity as a basic right. Sir Tim Berners-Lee says too many young people do not have internet access and the digital divide has widened during the pandemic.

< <https://www.bbc.com/news/technology-56367719> https://www.bbc.com/news/technology-56367719>

 

Tim Berners-Lee says too many young people are excluded from web

Too many young people around the world are excluded from accessing the internet, and getting them online should be a priority for the post-Covid era, Tim Berners-Lee has said.

< <https://www.theguardian.com/technology/2021/mar/12/tim-berners-lee-says-too-many-young-people-are-excluded-from-web> https://www.theguardian.com/technology/2021/mar/12/tim-berners-lee-says-too-many-young-people-are-excluded-from-web>

 

Web inventor Berners-Lee says 'fad' of internet giants will pass

Tim Berners-Lee, the inventor of the World Wide Web, has said the dominance of internet giants is a “fad” that does not have to endure, adding that urgent change was needed to improve a digital divide in young people’s online access.

< <https://www.reuters.com/article/us-tech-bernerslee/web-inventor-berners-lee-says-fad-of-internet-giants-will-pass-idUSKBN2B4002> https://www.reuters.com/article/us-tech-bernerslee/web-inventor-berners-lee-says-fad-of-internet-giants-will-pass-idUSKBN2B4002>

 

Europe's Digital Decade: Commission sets the course towards a digitally empowered Europe by 2030

Today the Commission presents a vision, targets and avenues for a successful digital transformation of Europe by 2030. This is also critical to achieve the transition towards a climate neutral, circular and resilient economy. The EU's ambition is to be digitally sovereign in an open and interconnected world, and to pursue digital policies that empower people and businesses to seize a human centred, sustainable and more prosperous digital future. This includes addressing vulnerabilities and dependencies as well as accelerating investment.

< <https://ec.europa.eu/commission/presscorner/detail/en/ip_21_983> https://ec.europa.eu/commission/presscorner/detail/en/ip_21_983>

 

Europe's Digital Decade – Questions and Answers

What is the Commission's Digital Compass? The Commission has presented a Communication “2030 Digital Compass: the European Way for the Digital Decade”. It sets out:

< <https://ec.europa.eu/commission/presscorner/detail/en/qanda_21_984> https://ec.europa.eu/commission/presscorner/detail/en/qanda_21_984>

 

Speech by Executive Vice-President Vestager at the press conference on Europe's Digital Decade: 2030 Digital Targets

Today we are presenting a vision and clear avenues to make this a successful Digital Decade for all Europeans. One year after the adoption of our digital strategy, today's communication provides us with the compass that we need for this common journey. It proposes tangible goals and ambitious targets to help us navigate in the European digital transition. And to make sure that this transition serves the people.

< <https://ec.europa.eu/commission/presscorner/detail/en/speech_21_1092> https://ec.europa.eu/commission/presscorner/detail/en/speech_21_1092>

 

EU-wide survey shows Europeans support the launch of the Conference on the Future of Europe

The European Parliament and the European Commission are today releasing the first-ever Eurobarometer survey conducted jointly for the two institutions. The Special Eurobarometer survey on the Future of Europe was carried out between 22 October and 20 November 2020 in the 27 EU Member States.

< <https://ec.europa.eu/commission/presscorner/detail/en/ip_21_1025> https://ec.europa.eu/commission/presscorner/detail/en/ip_21_1025>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home