[Newsclips] IETF SYN-ACK Newspack 2021-04-21

David Goldstein <david@goldsteinreport.com> Mon, 12 April 2021 12:31 UTC

Return-Path: <david@goldsteinreport.com>
X-Original-To: newsclips@ietfa.amsl.com
Delivered-To: newsclips@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6DA543A1BDA for <newsclips@ietfa.amsl.com>; Mon, 12 Apr 2021 05:31:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.887
X-Spam-Level:
X-Spam-Status: No, score=-1.887 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_KAM_HTML_FONT_INVALID=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XLbllCfNHIZv for <newsclips@ietfa.amsl.com>; Mon, 12 Apr 2021 05:31:15 -0700 (PDT)
Received: from karkinos.atomiclayer.com (karkinos.atomiclayer.com [96.125.178.142]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B6E83A1BD8 for <newsclips@ietf.org>; Mon, 12 Apr 2021 05:31:15 -0700 (PDT)
Received: from DavidDesktop2019 (unknown [144.136.11.113]) by karkinos.atomiclayer.com (Postfix) with ESMTPSA id 8FD81280A2D for <newsclips@ietf.org>; Mon, 12 Apr 2021 08:31:09 -0400 (EDT)
Authentication-Results: karkinos.atomiclayer.com; spf=pass (sender IP is 144.136.11.113) smtp.mailfrom=david@goldsteinreport.com smtp.helo=DavidDesktop2019
Received-SPF: pass (karkinos.atomiclayer.com: connection is authenticated)
From: "David Goldstein" <david@goldsteinreport.com>
To: <newsclips@ietf.org>
Date: Mon, 12 Apr 2021 22:31:07 +1000
Organization: Goldstein Report
Message-ID: <026301d72f97$b93b5700$2bb20500$@goldsteinreport.com>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_NextPart_000_0264_01D72FEB.8AE76700"
X-Mailer: Microsoft Outlook 16.0
Thread-Index: Adcvl6/fqkX8RwHCSviNaz3OlWjRcQ==
Content-Language: en-au
X-PPP-Message-ID: <20210412123111.1848459.62343@karkinos.atomiclayer.com>
X-PPP-Vhost: goldsteinreport.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/newsclips/k7DnwccyCeYrLoX9K9w3EtpAgJ0>
Subject: [Newsclips] IETF SYN-ACK Newspack 2021-04-21
X-BeenThere: newsclips@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF News Clips <newsclips.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/newsclips>, <mailto:newsclips-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/newsclips/>
List-Post: <mailto:newsclips@ietf.org>
List-Help: <mailto:newsclips-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/newsclips>, <mailto:newsclips-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 12 Apr 2021 12:31:22 -0000

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

**********************

IETF IN THE NEWS

**********************

10 Years after Inception, WebRTC Becomes an Official Web Standard

Web Real-Time Communications (WebRTC) recently became a World Wide Web Consortium (W3C) recommendation and IETF standard. This is a major milestone on a long journey for WebRTC that started in 2011 with Google open-sourcing key communication technologies and Ericsson implementing the ConnectionPeer API.

< <https://www.infoq.com/news/2021/04/webrtc-official-web-standard/> https://www.infoq.com/news/2021/04/webrtc-official-web-standard/>

 

Opportunities for bringing IEEE TSN standards to wireless applications

... Use cases related to control of Power Grid components have also been described in the IETF DetNet group. One unique aspect to be considered in some electrical power grid systems is the required coverage area, which may vary from local (e.g. substation) to wide areas (distribution and transmission). Industrial control systems require the highest level of determinism and reliability, which can be enabled by the IEEE 802.1Qbv time-aware scheduling standard for wired and wireless networks.

< <https://www.ept.ca/features/opportunities-for-bringing-ieee-tsn-standards-to-wireless-applications/> https://www.ept.ca/features/opportunities-for-bringing-ieee-tsn-standards-to-wireless-applications/>

 

Endress+Hauser Meets Highest Cybersecurity Standard

... Endress+Hauser has a long tradition of investing in innovation. Last year, the IETF recommended for standardization the innovative CPace security technology developed by Endress+Hauser, which provides password-protected instrument access. Patent applications are regularly at high levels as well. The Group currently boasts a portfolio of 8,900 patents and patent filings.

< <https://www.automation.com/en-us/articles/april-2021/endress-hauser-highest-cybersecurity-standard> https://www.automation.com/en-us/articles/april-2021/endress-hauser-highest-cybersecurity-standard>

 

Autonomous Networks is the industry consensus with all stakeholders, including CSPs working towards it

... Global mainstream industry organizations, including TM Forum, ETSI, 3GPP, ITU, IEEE, IETF, NGMN and CCSA, are collaborating to support the telcos in their journey towards Autonomous Networks.

< <https://www.totaltele.com/509287/Autonomous-Networks-is-the-industry-consensus-with-all-stakeholders-including-CSPs-working-towards-it> https://www.totaltele.com/509287/Autonomous-Networks-is-the-industry-consensus-with-all-stakeholders-including-CSPs-working-towards-it>

 

In the midst of COVID-19, we're seeing a pandemic of cyber attacks

... TLS 1.3 will finally start seeing widespread adoption, in part, driven by the adoption of QUIC/HTTP3 given that TLS 1.3 is built into it. Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. Many vendors support TLS 1.3 already and that will help drive the protocol into mainstream use. Changes will also be made to the TLS 1.3 standard as the demand for encrypted SNIs rise.

< <https://www.ameinfo.com/industry/digital-and-media/in-the-midst-of-covid-19-were-seeing-a-pandemic-of-cyber-attacks> https://www.ameinfo.com/industry/digital-and-media/in-the-midst-of-covid-19-were-seeing-a-pandemic-of-cyber-attacks>

 

Windows Server 2022 Is Coming!

... There is one feature coming that I think any IT Pro dealing with on-premises deployments and access will love and that's MsQuic. This implements the QUIC protocol and Microsoft has open sourced their flavor.

< <https://virtualizationreview.com/articles/2021/04/06/windows-server-2022.aspx> https://virtualizationreview.com/articles/2021/04/06/windows-server-2022.aspx>

 

The quantity and power of DDoS attacks in 2021 will increase significantly

... Experts note that recently hackers have begun to act more intelligently, they increasingly launch attacks using bots that can automatically bypass common protection methods. New types of DDoS attacks are expected to emerge, presumably targeting UDP, as protection of UDP applications is often not as effective as for ones using TCP protocol. This is primarily online games, VoIP services and the QUIC protocol, which Google and Facebook use to speed up their web resources.

< <https://wire19.com/ddos-attacks-will-increase-in-2021/> https://wire19.com/ddos-attacks-will-increase-in-2021/>

 

ETSI proposes non-IP packet technology for telecoms

... Most packets are not an isolated event but are part of a flow, for example a TCP, QUIC, etc., session or an audio or video signal. In early networks, routing decisions were made independently for each packet, in order to avoid taking up memory space remembering previous decisions, but as memory became more plentiful "route caching" was used to reduce the load on the control plane.

< <https://www.eenewseurope.com/news/etsi-proposes-non-ip-packet-technology-telecoms> https://www.eenewseurope.com/news/etsi-proposes-non-ip-packet-technology-telecoms>

 

Research report tmr the WebRTC Market : industry analysis by 2026

... With WebRTC approaching its fulfillment, companies particularly the customer confronting entities are likely to utilize this technology in not so distant future over all platforms. WebRTC is a rising industry standard for video and audio communication throughout an internet browser. The IETF chose that program producers should execute VP8 and H.264 video codecs.

< <https://ksusentinel.com/2021/04/12/research-report-tmr-the-webrtc-market-industry-analysis-by-2026/> https://ksusentinel.com/2021/04/12/research-report-tmr-the-webrtc-market-industry-analysis-by-2026/>

 

WebRTC devient un standard officiel [WebRTC becomes an official standard]

WebRTC, pour Web Real-Time Communication, c'est-à-dire communication en temps réel pour le Web, est une interface de programmation (API) JavaScript développée au sein du W3C et de l'IETF. Les groupes de travail W3C/IETF ont débuté en 2011. 10 ans après, WebRTC devient un standard officiel.

< <https://www.programmez.com/actualites/webrtc-devient-un-standard-officiel-31701> https://www.programmez.com/actualites/webrtc-devient-un-standard-officiel-31701>

 

Efemérides de 7 de Abril [April 7th anniversary]

... 1969 Com a publicação do RFC 1 (Request for Coments), documentos técnicos desenvolvidos e mantidos pelo IETF, instituição que especifica os padrões que serão implementados e utilizados em rede, nasceu há 52 anos simbolicamente a Internet.

< <https://sol.sapo.pt/artigo/730475/efemerides-de-7-de-abril> https://sol.sapo.pt/artigo/730475/efemerides-de-7-de-abril>

 

Mengapa Anda Harus Tahu Apa itu IPv6? Ini Dia Alasannya [Why Should You Know What IPv6 is? Here's Why]

... IPv6 merupakan pengganti dari IPv4. Protokol yang dikembangkan oleh IETF atau Engineering Task Force ini dibuat sebagai pengganti Ipv4 yang dianggap terlalu dibatasi.

< <https://beritakota.co.id/2021/04/08/mengapa-anda-harus-tahu-apa-itu-ipv6-ini-dia-alasannya/> https://beritakota.co.id/2021/04/08/mengapa-anda-harus-tahu-apa-itu-ipv6-ini-dia-alasannya/>

 

专家谈互联网的成功之道 [Experts talk about the success of the Internet]

... 国际互联网技术和标准组织IETF现主席艾丽莎-库博(Alissa Cooper)[2]认为,互联网的成功源于TCP/IP灵活的模块化体系结构。

< <https://www.edu.cn/info/focus/li_lun_yj/202104/t20210408_2094218.shtml> https://www.edu.cn/info/focus/li_lun_yj/202104/t20210408_2094218.shtml>

 

中国IPv6地址数跃居全球第一 [The number of IPv6 addresses in China has leapt to the top of the world]

... 当前,随着IPv4地址的消耗殆尽,互联网向IPv6过渡已是大势所趋。2016年11月,国际互联网标准组织IETF最高领导层IAB发表关于支持IPv6发展的重要声明指出,未来的新协议要全部在IPv6基础上进行优化。这是互联网发展过程中一个非常重要的里程碑,表明IPv6成为互联网技术无可争议的发展趋势和方向。

< <http://www.edu.cn/xxh/ip6/202104/t20210410_2094723.shtml> http://www.edu.cn/xxh/ip6/202104/t20210410_2094723.shtml>

 

JPドメイン名は160万件を突破、1年で4.4万件の増加~JPRS年次報告書、 [JP domain names exceeded 1.6 million, an increase of 44,000 in one year - JPRS Annual Report,]

... そのほかに国内では、JANOG、フィッシング対策協議会、テレコムサービス協会、海外ではICANN、IETF、W3Cなど、インターネットにおける標準化や運営に関わる団体でも積極的に活動をしているという。

< <https://news.yahoo.co.jp/articles/fa98354e70da1e4fb9d664be5ff77414ce21d242> https://news.yahoo.co.jp/articles/fa98354e70da1e4fb9d664be5ff77414ce21d242>

 

엔드레스하우저, 산업 보안 국제 표준 IEC 62443-4-1 인증 획득 [Endresshauser certed IEC 62443-4-1 international standard for industrial security]

... 한편, 엔드레스하우저의 보안 강화를 위한 공격적인 투자와 개발을 지속해, 지난 2020년에는 국제인터넷표준화 기구인 ‘IETF‘ 측에서 엔드레스하우저가 개발한 CPace 프로토콜을 인터넷 표준에서 권장 사용 방법으로 선정한 바 있다. CPace 프로토콜은 계기에 대한 암호화된 액세스를 제공하는 프로토콜이다.

< <https://www.cctvnews.co.kr/news/articleView.html?idxno=223540> https://www.cctvnews.co.kr/news/articleView.html?idxno=223540>

 

**********************

SECURITY & PRIVACY

**********************

Using DASH to identify economies by suspicious traffic

One of APNIC’s many information tools is the Dashboard for Autonomous System Health (DASH). DASH lets you rapidly track suspicious traffic seen coming from your network. It uses a system of ‘honeypots‘, which keep tabs on suspicious traffic. When stitched together, honeypots are called a honeynet.

< <https://blog.apnic.net/2021/04/09/using-dash-to-rank-economies-by-malicious-traffic/> https://blog.apnic.net/2021/04/09/using-dash-to-rank-economies-by-malicious-traffic/>

 

Common pitfalls in RPKI deployment and how to avoid them

Despite its critical role in Internet connectivity, the Border Gateway Protocol (BGP) is still highly vulnerable to different types of attacks. While widespread adoption of Resource Public Key Infrastructure (RPKI) — one of the standard ways to improve BGP security — can help, not enough network operators know about it. In this post, I explore three common knowledge gaps and give my recommendations.

< <https://blog.apnic.net/2021/04/08/common-pitfalls-in-rpki-deployment-and-how-to-avoid-them/> https://blog.apnic.net/2021/04/08/common-pitfalls-in-rpki-deployment-and-how-to-avoid-them/>

 

Web co-location and its impact on the privacy benefits of domain name encryption

The use of network traffic encryption technologies, such as HTTPS/TLS, is on the rise since obtaining a TLS certificate has become easier and free of charge. However, even when encryption is enabled, users’ online activities are still leaked through domain names, which are exposed via DNS queries/responses and the Server Name Indication (SNI) extension of TLS.

< <https://blog.apnic.net/2021/04/05/web-co-location-and-its-impact-on-the-privacy-benefits-of-domain-name-encryption/> https://blog.apnic.net/2021/04/05/web-co-location-and-its-impact-on-the-privacy-benefits-of-domain-name-encryption/>

 

Breaking Down Barriers: Students Launch Women in Cybersecurity Chapter at UVA

Connie Zhang and Diana Damenova, second-year computer science students, became friends during their first year at the University of Virginia. They have a lot in common. Both discovered a passion for cybersecurity in high school, were studying computer science in the School of Engineering, and had successfully completed summer internships. Damenova interned with the U.S. Trade and Development Agency as a security analyst. Zhang joined The MITRE Corporation as a cyber security intern.

< <https://news.virginia.edu/content/breaking-down-barriers-students-launch-women-cybersecurity-chapter-uva> https://news.virginia.edu/content/breaking-down-barriers-students-launch-women-cybersecurity-chapter-uva>

 

DDoS Clearing House designated high potential innovation by European Commission

The DDoS Clearing House has been designated a 'key innovation' by the European Commission and selected for the Commission's Innovation Radar. The DDoS Clearing House is a system that enables organisations targeted by DDoS attacks to measure attack characteristics and share the information with other member organisations.

< <https://www.sidn.nl/en/news-and-blogs/ddos-clearing-house-designated-high-potential-innovation-by-european-commission> https://www.sidn.nl/en/news-and-blogs/ddos-clearing-house-designated-high-potential-innovation-by-european-commission>

 

DNS over HTTPS: Spanish Version of eco Discussion Paper on DoH available

Throughout the history of the Internet, traditional DNS traffic – for example, when a user types a website name into a browser – has largely been unencrypted. The DNS over HTTPS (DoH) protocol, which first emerged in 2018, makes use of the well-known secure HTTPS web protocol to change that.

< <https://international.eco.de/presse/dns-over-https-spanish-version-of-eco-discussion-paper-on-doh-available/> https://international.eco.de/presse/dns-over-https-spanish-version-of-eco-discussion-paper-on-doh-available/>

 

DNS-over-HTTPS Is The Wrong Partial Solution

Openness has been one of the defining characteristics of the Internet for as long as it has existed, with much of the traffic today still passed without any form of encryption. Most requests for HTML pages and associated content are in plain text, and the responses are returned in the same way, even though HTTPS has been around since 1994.

< <https://hackaday.com/2019/10/21/dns-over-https-is-the-wrong-partial-solution/> https://hackaday.com/2019/10/21/dns-over-https-is-the-wrong-partial-solution/>

 

Highlights from the Unit 42 Cloud Threat Report, 1H 2021

Key Findings: COVID-19 Critical Industries Suffer Spike in Security Incidents: Among the industries with the highest increases in security incidents were retail, manufacturing and government, which saw incidents rise 402%, 230% and 205%, respectively. Security incidents are defined as events that caused violations in security policies and put sensitive data at risk. These same industries were among those facing the greatest pressures to adapt and scale in the face of the pandemic – retailers for basic necessities, and manufacturing and government for COVID-19 supplies and aid.

< <https://unit42.paloaltonetworks.com/highlights-cloud-threat-report-1h-2021/> https://unit42.paloaltonetworks.com/highlights-cloud-threat-report-1h-2021/>

 

2020 Phishing Trends With PDF Files

Executive Summary: From 2019-20, we noticed a dramatic 1,160% increase in malicious PDF files – from 411,800 malicious files to 5,224,056. PDF files are an enticing phishing vector as they are cross-platform and allow attackers to engage with users, making their schemes more believable as opposed to a text-based email with just a plain link. To lure users into clicking on embedded links and buttons in phishing PDF files, we have identified the top five schemes used by attackers in 2020 to carry out phishing attacks, which we have grouped as Fake Captcha, Coupon, Play Button, File Sharing and E-commerce.

< <https://unit42.paloaltonetworks.com/phishing-trends-with-pdf-files/> https://unit42.paloaltonetworks.com/phishing-trends-with-pdf-files/>

 

EU Cybersecurity Market: New Ad Hoc Working Group open for applications!

The European Union Agency for Cybersecurity launches a call for expression of interest concerning an Ad Hoc Working Group on the EU Cybersecurity Market.

< <https://www.enisa.europa.eu/news/enisa-news/eu-cybersecurity-market-new-ad-hoc-working-group-open-for-applications> https://www.enisa.europa.eu/news/enisa-news/eu-cybersecurity-market-new-ad-hoc-working-group-open-for-applications>

 

CISA Launches New Threat Detection Dashboard

The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) is launching another security tool to help organizations mitigate threats like those posed by the recent SolarWinds supply chain attack discovered in December.

< <https://www.darkreading.com/analytics/cisa-launches-new-threat-detection-dashboard/d/d-id/1340638> https://www.darkreading.com/analytics/cisa-launches-new-threat-detection-dashboard/d/d-id/1340638>

 

**********************

INTERNET OF THINGS

**********************

How To Make Autonomous Cars Trustworthy and Free from Cybersecurity Threats

Autonomous vehicles are becoming smarter because they are being powered by computerization and artificial intelligence. They eventually will be able to communicate with each other and the infrastructure, maneuver flexibly while sensing their surroundings, and allow drivers to go from being operators to passengers.

< <https://spectrum.ieee.org/the-institute/ieee-products-services/how-to-make-autonomous-cars-trustworthy-and-free-from-cybersecurity-threats> https://spectrum.ieee.org/the-institute/ieee-products-services/how-to-make-autonomous-cars-trustworthy-and-free-from-cybersecurity-threats>

 

OECD STI Policy Note: Encouraging vulnerability treatment: How policy makers can help address digital security vulnerabilities

Digital security risk undermines trust in digital transformation and generates significant economic and social costs. Estimates suggest that the cost of digital security incidents ranges between USD 100 billion and USD 6 trillion per year. Digital security risk also poses an increasingly serious threat to individuals’ safety, as more consumers and businesses adopt vulnerable Internet of Things (IoT) devices.

< <https://www.oecd.org/digital/encouraging-vulnerability-treatment.pdf> https://www.oecd.org/digital/encouraging-vulnerability-treatment.pdf>

 

**********************

OTHERWISE NOTEWORTHY

**********************

Futures Report Outlines Top Trends Impacting Global Economy, Society and Technology

The new technologies of the Fourth Industrial Revolution, such as artificial intelligence (AI), the cloud and robotics, are changing the way we live, learn and do business at a rate unprecedented in human history. This seismic shift is playing out in a world characterized by unreliable political landscapes and increasing environmental instability.

< <https://www.weforum.org/press/2021/04/futures-report-outlines-top-trends-impacting-global-economy-society-and-technology-bdfe790c3a> https://www.weforum.org/press/2021/04/futures-report-outlines-top-trends-impacting-global-economy-society-and-technology-bdfe790c3a>

 

Building an open source anycast CDN

Last year, the summer after my sophomore year of high school, I was in quarantine with some time on my hands and wanted to learn something new. I had been interested in networking for a while and was curious about how content delivery worked at scale; especially this concept of anycast, which seems to be a topic of debate. So, in August of 2020, I decided to build my own anycast Content Delivery Network (CDN) from scratch.

< <https://blog.apnic.net/2021/04/07/building-an-open-source-anycast-cdn/> https://blog.apnic.net/2021/04/07/building-an-open-source-anycast-cdn/>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home