[Newsclips] IETF SYN-ACK Newspack 2021-11-29

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

 

**********************

IETF IN THE NEWS

**********************

More notes from IETF 112 by Geoff Huston

Virtual meetings continue in the IETF, and the latest one was IETF 112 in November. Here are some notes from selected Working Group meetings that caught my attention. These notes cover some of the topics that are not directly associated with the DNS, as I’ve separately commented on the status of IETF work on the DNS. Here I’ll look at routing security, IPv6 and transport topics.

< <https://www.potaroo.net/ispcol/2021-11/ietf112.html> https://www.potaroo.net/ispcol/2021-11/ietf112.html>

< <https://blog.apnic.net/2021/11/23/more-notes-from-ietf-112/> https://blog.apnic.net/2021/11/23/more-notes-from-ietf-112/>

 

Notes from DINR 2021 by Geoff Huston

>From the recent writeup on currently active IETF DNS work, it’s clear that there is a large amount of attention being focused on the DNS. It’s not just an IETF conversation or a DNS OARC conversation, but a conversation that involves a considerable amount of research activity as well.

< <https://www.potaroo.net/ispcol/2021-11/dinr2021.html> https://www.potaroo.net/ispcol/2021-11/dinr2021.html>

< <https://blog.apnic.net/2021/11/22/notes-from-dinr-2021/> https://blog.apnic.net/2021/11/22/notes-from-dinr-2021/>

 

New domain addressing standards presented at IETF 112

The 112th conference of the IETF, an organization that develops basic network standards, took place online on November 8-12. The event included meetings of various thematic working groups, including those involved in the development of DNS standards.

< <https://cctld.ru/en/media/news/industry/31110/> https://cctld.ru/en/media/news/industry/31110/>

 

The impact of Private Relay on network operators and ISPs

Several technologies are currently being developed that are intended to improve the privacy of the Internet by updating or extending some of the core standards that underpin its operation. These changes are being led within various working groups of the IETF, leveraging the expertise of developers drawn from across the industry.

< <https://blog.apnic.net/2021/11/26/impact-of-private-relay-netops-isps/> https://blog.apnic.net/2021/11/26/impact-of-private-relay-netops-isps/>

 

How small firms will benefit from simpler, integrated trade finance systems

... Governance could be provided by a single global industry entity or a consortium that also leverages existing initiatives such as the ICC Digital Standards Initiative, which was launched last year. We think significant progress could be made in a five-year period. There is no perfect analogy but, as we see it, this interoperability layer would create something akin to the global ISO standard for quality for the trade system. It would operate along the lines of the IETF, which develops standards for the internet.

< <https://www.scmp.com/comment/opinion/article/3157042/how-small-firms-will-benefit-simpler-integrated-trade-finance> https://www.scmp.com/comment/opinion/article/3157042/how-small-firms-will-benefit-simpler-integrated-trade-finance>

 

UNCTAD Report: Revisiting Old Issues in Managing Cross-Border Data Flows

... Indeed, ECOSOC is a good example of how international institutions can interact with NGOs. However, it will not do to simply copy its mechanism, and it is so for several reasons. First, final recommendations within ECOSOC are adopted by representatives of member states. This harms its usefulness as a model to be replicated, since there will always be the risk that issues are politicized—this will be the case even if the new institution is designed with the combined approach in mind. Besides, should this body take on the role of the principal coordinator in the digital space, issues will become more politicized and disagreements will be more heated, thus slowing down decision-making. Second, the question remains as to how the new institution will interact with the existing organizations, namely the Internet Architecture Board and the IETF. The ad hoc mechanism to engage NGOs in other areas, which works perfectly fine for ECOSOC, may not be enough when it comes to technical standards that need to be constantly updated. Third, the General Assembly elects ECOSOC members every three years. However, this would not be feasible for the new coordinating body as the digital domain has its own leaders, and leaving them overboard would be incredibly detrimental to its effectiveness. In such a case, there remains the above-mentioned risk of discussions between the U.S./EU and Russia/China becoming politicized.

< <https://moderndiplomacy.eu/2021/11/09/unctad-report-revisiting-old-issues-in-managing-cross-border-data-flows/> https://moderndiplomacy.eu/2021/11/09/unctad-report-revisiting-old-issues-in-managing-cross-border-data-flows/>

 

Defamation laws must extend online. We need to deal with malicious ‘keyboard cowards’

... Perversely, the internet is not actually ‘run’ by anybody. By general consensus, various people and organisations around the world co-operate to make the thing work. Even the ultimate standards-setting body – the IETF – has no power to enforce its voluntary codes and standards.

< <https://thenewdaily.com.au/life/tech/2021/11/28/social-media-defamation-laurie-patton/> https://thenewdaily.com.au/life/tech/2021/11/28/social-media-defamation-laurie-patton/>

 

IP-Adressen: Streit um blockierte IPv4-Reserven [IP addresses: Dispute over blocked IPv4 reserves]

Acht bis zehn Prozent des begehrten IPv4-Adressraumes des Internets bleiben aktuell ungenutzt. Zwei ehemaligen Electronic-Frontier-Foundation-Bürgerrechtler haben eine Initiative auf den Weg gebracht, die diese versteckten Schätze angesichts der aktuellen IPv4-Knappheit für die Allgemeinheit heben will. Doch um die ursprünglich überreichlich für bestimmte Nutzungen reservierten Adressen freizuschaufeln, müsste Hard- und Software überall im Netz angefasst werden. Die Vorschläge von Seth Schoen und seinen Kollegen finden daher wenig Zustimmung bei der IETF.

< <https://www.heise.de/news/IP-Adressen-Streit-um-blockierte-IPv4-Reserven-6271935.html> https://www.heise.de/news/IP-Adressen-Streit-um-blockierte-IPv4-Reserven-6271935.html>

 

Están proponiendo reducir las direcciones de loopback de IPv4 para que de 127.1.0.0 a 127.255.255.255 sean IPs públicas [They are proposing to reduce IPv4 loopback addresses so that 127.1.0.0 to 127.255.255.255 are public IPs]

Ante la lenta adopción de IPv6 y en vista de que muchas organizaciones siguen solicitando direcciones IPv4 como si no hubiera un mañana, hay una propuesta haciendo las rondas por la IETF titulada Unicast Use of the Formerly Reserved 127/8, aunque todavía no es nada oficial.

< <https://www.microsiervos.com/archivo/internet/reducir-direcciones-loopback-ipv4-ips-publicas.html> https://www.microsiervos.com/archivo/internet/reducir-direcciones-loopback-ipv4-ips-publicas.html>

 

Cómo activar el servicio SNMP en Windows 10 y Windows 11 con PowerShell [How to turn on the SNMP service in Windows 10 and Windows 11 with PowerShell]

... SNMP es un componente de la suite de protocolo de Internet, según definido por el IETF. Se compone de un conjunto de normas para la gestión de la red, incluyendo una capa de aplicación del protocolo, una base de datos de esquema y un conjunto de objetos de datos.

< <https://blogs.masterhacks.net/geek/tutoriales/como-activar-el-servicio-snmp-en-windows-10-y-windows-11-con-powershell/> https://blogs.masterhacks.net/geek/tutoriales/como-activar-el-servicio-snmp-en-windows-10-y-windows-11-con-powershell/>

 

DNS Resolution Required - Aanvullend wapen in strijd tegen malware en botnetsPlus [DNS Resolution Required - Additional weapon in the fight against malware and botnetsPlus ] [to see IETF mention requires registration]

SIDN Labs heeft een prototype ontwikkeld van DNS Resolution Required en daarmee de eerste tests uitgevoerd. De Arnhemse organisatie heeft die techniek bedacht als aanvulling op dns-firewalls om malware en botnets te bestrijden.

< <https://tweakers.net/nieuws/187102/dns-resolution-required-aanvullend-wapen-in-strijd-tegen-malware-en-botnets.html> https://tweakers.net/nieuws/187102/dns-resolution-required-aanvullend-wapen-in-strijd-tegen-malware-en-botnets.html>

 

助力我国信创产业发展！凌锐蓝信正式成为信创工作委员会会员单位 [Contribute to the development of my country's Xinchuang industry! Lingrui Lanxin officially became a member unit of Xinchuang Working Committee]

... 凌锐蓝信始终深耕于数字网络，作为国内数字网络的领航者，凌锐蓝信一直处于创新前沿，率先实现数字网络与5G、工业互联网、物联网的融合，并自主研发《动态数据回源访问加速》技术，荣获专利证书。目前已实现基于IETF RFC 8926标准的Geneve协议自有化，集成高性能高安全功能，全面满足各行业用户多种业务场景。

< <https://www.sohu.com/a/503616350_121094642> https://www.sohu.com/a/503616350_121094642>

 

多部门联合推进技术创新和应用落地 解决IPv4地址空间不足 [Multi-sector joint promotion of technological innovation and application of landing to solve the IPv4 address space shortage]

... 在全球范围内，早在1990年，IETF(互联网工程任务小组，成立于1985年底，是全球互联网最具权威的技术标准化组织)就开始规划IPv4的下一代协议，建立了IPng(下一代IP)，以推进相关工作。

< <http://ja.smartjx.com/xw/2021/1123/25302107.html> http://ja.smartjx.com/xw/2021/1123/25302107.html>

 

**********************

SECURITY & PRIVACY

**********************

The Internet is Held Together With Spit & Baling Wire

Imagine being able to disconnect or redirect Internet traffic destined for some of the world’s biggest companies — just by spoofing an email. This is the nature of a threat vector recently removed by a Fortune 500 firm that operates one of the largest Internet backbones.

< <https://krebsonsecurity.com/2021/11/the-internet-is-held-together-with-spit-baling-wire/> https://krebsonsecurity.com/2021/11/the-internet-is-held-together-with-spit-baling-wire/>

 

ETSI releases first comprehensive global standard for securing smart phones

Today our smartphones and tablets are fundamental for citizens and hold a wide range of user data and apps. At the same time, security attacks have increased with malicious applications and network eavesdropping. To define security and assurance requirements for smart phones and tablets, mitigate potential risks and protect users, ETSI has released a world class standard called Consumer Mobile Device Protection Profile, ETSI TS 103 732. The specification identifies key security and privacy risks for user data and provides appropriate protection.

< <https://www.etsi.org/newsroom/press-releases/1998-2021-11-etsi-releases-comprehensive-global-standard-for-securing-smart-phones> https://www.etsi.org/newsroom/press-releases/1998-2021-11-etsi-releases-comprehensive-global-standard-for-securing-smart-phones>

 

Cybersecurity gaps still a major problem for cities

City governments are still struggling to make security changes required to safely deploy new technologies, experts from the World Economic Forum and Deloitte warned at Smart City Expo World Congress in Barcelona last week.

< <https://www.itu.int/en/myitu/News/2021/11/23/12/41/Cybersecurity-gaps-Cities-Today> https://www.itu.int/en/myitu/News/2021/11/23/12/41/Cybersecurity-gaps-Cities-Today>

 

Adoption of DNS security mechanisms related to ease-of-use, cost

As a fundamental Internet infrastructure, the DNS is continually under attack. While various DNS security mechanisms have been proposed, standardized, and implemented, little is known about how prevalent they are in the current DNS ecosystem.

< <https://blog.apnic.net/2021/11/26/adoption-of-dns-security-mechanisms-related-to-ease-of-use-cost/> https://blog.apnic.net/2021/11/26/adoption-of-dns-security-mechanisms-related-to-ease-of-use-cost/>

 

US, EU Join Paris Call for Cybersecurity

The United States and the European Union announced plans to join the Paris Call, an international effort to combat cyberthreats endangering citizens and infrastructure.

< <https://securityboulevard.com/2021/11/us-eu-join-paris-call-for-cybersecurity/> https://securityboulevard.com/2021/11/us-eu-join-paris-call-for-cybersecurity/>

 

Step Towards Foresight on Emerging Cybersecurity Challenges

The European Union Agency for Cybersecurity releases its first report on foresight in order to improve cybersecurity resilience and support the planning of its work.

< <https://www.enisa.europa.eu/news/enisa-news/step-towards-foresight-on-emerging-cybersecurity-challenges> https://www.enisa.europa.eu/news/enisa-news/step-towards-foresight-on-emerging-cybersecurity-challenges>

 

Decentralising end-to-end encryption with a new security protocol

Researchers at Carnegie Mellon University have devised a new security protocol to decentralise E2E, enabling users to store their messages in a more flexible network.

< <https://www.thehindu.com/sci-tech/technology/internet/decentralising-end-to-end-encryption-with-a-new-security-protocol/article37698194.ece> https://www.thehindu.com/sci-tech/technology/internet/decentralising-end-to-end-encryption-with-a-new-security-protocol/article37698194.ece>

 

Storage systems are weakest link in IT infrastructure security

Storage systems have a significantly weaker security posture than the other two layers of IT infrastructure — compute and network equipment — according to a report from cyber security company Continuity Software.

< <https://www.arnnet.com.au/article/693351/storage-systems-weakest-link-it-infrastructure-security/> https://www.arnnet.com.au/article/693351/storage-systems-weakest-link-it-infrastructure-security/>

 

Infosec bods: After more than a year, Sky gets round to squashing hijacking bug in 6m home broadband routers

Sky has fixed a flaw in six million of its home broadband routers, and it only took the British broadcaster'n'telecoms giant a year to do so, infosec researchers have said. ... It's said that 38 per cent of public-facing open resolvers are vulnerable to this latest attack. Whether or not a DNS cache is vulnerable depends on the version of the Linux kernel it is running on, and the software involved, be it BIND, Unbound, or dnsmasq. See table 1 in this academic paper [PDF] on the attack to work out whether your service is at risk of poisoning.

< <https://www.theregister.com/2021/11/23/in_brief_security/> https://www.theregister.com/2021/11/23/in_brief_security/>

 

**********************

INTERNET OF THINGS

**********************

Huge fines and a ban on default passwords in new UK law

The government has introduced new legislation to protect smart devices in people's homes from being hacked.

< <https://www.bbc.com/news/technology-59400762> https://www.bbc.com/news/technology-59400762>

 

nl: Operationalising DNS Resolution Required for the Internet of Things

In an earlier article, we introduced the concept of DNS Resolution Required (DRR), a new security function to mitigate damage from malware that modifies or circumvents the use of configured DNS resolvers in an edge network. DRR is particularly useful in networks with Internet of Things (IoT) devices.

< <https://www.sidnlabs.nl/en/news-and-blogs/operationalising-dns-resolution-required-for-the-internet-of-things> https://www.sidnlabs.nl/en/news-and-blogs/operationalising-dns-resolution-required-for-the-internet-of-things>

 

nl: Thesis: using IoT honeypots for automatic detection of attacks on IoT devices

Honeypots are widely used to study attacks on Internet of Things (IoT) devices. For my MSc thesis, I developed and evaluated an extension to the conventional honeypot, which enables automated tracing of execution paths leading to previously undetected vulnerabilities in IoT firmware. The honeypot then emulates the IoT firmware and monitors the vulnerable execution paths to see whether attackers are in fact utilising them. My research has shown that it's possible to run 'execution path-aware' IoT honeypots on an automated basis, generating information to assist security researchers. However, the components on which such honeypots are based remain at an early stage of development, meaning that the honeypots are not yet mature enough for use in a production environment.

< <https://www.sidnlabs.nl/en/news-and-blogs/thesis-using-iot-honeypots-for-automatic-detection-of-attacks-on-iot-devices> https://www.sidnlabs.nl/en/news-and-blogs/thesis-using-iot-honeypots-for-automatic-detection-of-attacks-on-iot-devices>

 

Top 10 Emerging Technologies to Watch in 2021

... Space internet of things: At least 10 billion active devices make up the internet of things (IoT), a number that is expected to more than double in the next 10 years. Maximizing IoT benefits in communication and automation requires devices to be spread worldwide, but cellular networks span less than half the globe, leaving enormous gaps in connectivity. A space-based IoT system could patch those gaps, using a network of low-cost, low-weight nanosatellites that orbit a few hundred kilometres from Earth.

< <https://www.weforum.org/press/2021/11/top-10-emerging-technologies-to-watch-in-2021> https://www.weforum.org/press/2021/11/top-10-emerging-technologies-to-watch-in-2021>

 

au: Mallee councils trial Internet of Things to become Smart Cities

Four Mallee councils have joined forces to trial Internet of Things (IoT) technology to inform decision-making and improve operational efficiencies.

< <https://www.mildura.vic.gov.au/Latest-News/Mallee-councils-trial-Internet-of-Things-to-become-Smart-Cities> https://www.mildura.vic.gov.au/Latest-News/Mallee-councils-trial-Internet-of-Things-to-become-Smart-Cities>

 

**********************

OTHERWISE NOTEWORTHY

**********************

People are talking about Web3. Is it the Internet of the future or just a buzzword?

Web3, short for web 3.0, is a vision of the future of the Internet in which people operate on decentralized, quasi-anonymous platforms, rather than depend on tech giants like Google, Facebook and Twitter.

< <https://internetgovernancehub.blog/2021/11/21/people-are-talking-about-web3-is-it-the-internet-of-the-future-or-just-a-buzzword/> https://internetgovernancehub.blog/2021/11/21/people-are-talking-about-web3-is-it-the-internet-of-the-future-or-just-a-buzzword/>

 

Web 3.0: The New Internet Is About to Arrive

The emergence of blockchain-based technologies such as cryptocurrency, NFTs, metaverse, blockchain, and distributed ledger technology, etc is being seen as the herald of a new era of the internet — a more transparent and open version of the web that would be collectively controlled by users, instead of tech giants like Google and Facebook.

< <https://interestingengineering.com/web-3-the-new-internet-is-about-to-arrive> https://interestingengineering.com/web-3-the-new-internet-is-about-to-arrive>

 

Beijing to discuss efforts to clean, control the internet at ‘cyberspace civilisation’ conference

Chinese authorities will discuss efforts to clean and control what people see, hear, read or buy in the world’s biggest internet market at the government-sponsored “China Cyberspace Civilisation” conference in Beijing on Friday.

< <https://www.scmp.com/tech/policy/article/3156387/beijing-discuss-efforts-clean-control-internet-cyberspace-civilisation> https://www.scmp.com/tech/policy/article/3156387/beijing-discuss-efforts-clean-control-internet-cyberspace-civilisation>

 

Beijing promotes ideal of clean, civilised internet as it seeks increased international cooperation in cyberspace

Chinese authorities are looking to “deepen international cooperation” in cyberspace, while pushing for a “purified internet ecology”, as Beijing continues efforts to develop its ideal of a clean and civilised online environment.

< <https://www.scmp.com/tech/big-tech/article/3156749/beijing-promotes-ideal-clean-civilised-internet-it-seeks-increased> https://www.scmp.com/tech/big-tech/article/3156749/beijing-promotes-ideal-clean-civilised-internet-it-seeks-increased>

 

China’s cyber vision: How the Cyberspace Administration of China is building a new consensus on global internet governance

This report provides a primer on the roots of the Cyberspace Administration of China within China’s policy system, and sheds light on the Chinese Communist Party’s intentions to use cyberspace as a tool for shaping discourse domestically and internationally.

< <https://www.aspi.org.au/report/chinas-cyber-vision-how-cyberspace-administration-china-building-new-consensus-global> https://www.aspi.org.au/report/chinas-cyber-vision-how-cyberspace-administration-china-building-new-consensus-global>

 

Jonathan B. Postel Service Award Nomination Committee Statement on 2021 Selection

After careful review and consideration of the 2021 Jonathan B. Postel Service award candidates, the Nomination Committee has been unable to reach consensus on an awardee. In this context, it has decided not to make an award in 2021.

< <https://www.internetsociety.org/news/statements/2021/jonathan-b-postel-service-award-nomination-committee-statement-on-2021-selection/> https://www.internetsociety.org/news/statements/2021/jonathan-b-postel-service-award-nomination-committee-statement-on-2021-selection/>

 

ETSI releases first comprehensive global standard for securing smart phones

Today our smartphones and tablets are fundamental for citizens and hold a wide range of user data and apps. At the same time, security attacks have increased with malicious applications and network eavesdropping. To define security and assurance requirements for smart phones and tablets, mitigate potential risks and protect users, ETSI has released a world class standard called Consumer Mobile Device Protection Profile, ETSI TS 103 732. The specification identifies key security and privacy risks for user data and provides appropriate protection.

< <https://www.etsi.org/newsroom/press-releases/1998-2021-11-etsi-releases-comprehensive-global-standard-for-securing-smart-phones> https://www.etsi.org/newsroom/press-releases/1998-2021-11-etsi-releases-comprehensive-global-standard-for-securing-smart-phones>

 

Will 5G mean airplanes falling from the sky?

When digital mobile phone technology was first introduced in the US, electric wheelchairs began behaving erratically. The pulsing signal interfered with their controls. The solution: simple shielding to stop the interference.

< <https://www.brookings.edu/blog/techtank/2021/11/22/will-5g-mean-airplanes-falling-from-the-sky/> https://www.brookings.edu/blog/techtank/2021/11/22/will-5g-mean-airplanes-falling-from-the-sky/>

 

AWS claims 'monumental step forward' with optional IPv6-only networks

AWS customers can now create IPv6-only virtual private cloud (VPC) networks, with the company claiming it is a "monumental step forward" towards the enablement of IPv6 on its cloud.

< <https://www.theregister.com/2021/11/24/aws_claims_monumental_step_forward/> https://www.theregister.com/2021/11/24/aws_claims_monumental_step_forward/>

 

NASA seeks GPU server for Delay-Tolerant Networking machine learning research

NASA is seeking bids for a high-powered server to help with "applied machine learning research towards experimental protocols." The system will be used as part of its High Rate Delay-Tolerant Network (HDTN) Project.

< <https://www.datacenterdynamics.com/en/news/nasa-seeks-gpu-server-for-delay-tolerant-networking-machine-learning-research/> https://www.datacenterdynamics.com/en/news/nasa-seeks-gpu-server-for-delay-tolerant-networking-machine-learning-research/>

 

Overcoming the Limitations of VPN, NAC, and Firewalls with Zero Trust Access

During 2020 and 2021, we’ve seen ransomware-as-a-service wreak havoc in the IT supply chain and critical infrastructure. Below we explore how technologies and approaches to help protect organizations from these types of attacks.

< <https://www.cyberdefensemagazine.com/overcoming/> https://www.cyberdefensemagazine.com/overcoming/>

 

Routing for Communities: An online film festival about community networks and people decentralising the internet for change

The Local Networks (LocNet) initiative, led by APC in partnership with Rhizomatica, invites you to take part in the premiere screening of these creative and inspiring short videos produced by communities in Africa, Asia and Latin America.

< <https://www.apc.org/en/news/routing-communities-online-film-festival-about-community-networks-and-people-decentralising> https://www.apc.org/en/news/routing-communities-online-film-festival-about-community-networks-and-people-decentralising>

 

2021 Gaia-X Summit: Europe Makes the Difference

Democratising national data marketplaces that make everyone winners, not just individuals – one of the focal points at the Gaia-X Summit 2021 was the difference Gaia-X is making with its foundation of European values and standards. Andreas Weiss (eco) presented the results of his work under the congress motto “Here to deliver”.

< <https://international.eco.de/news/2021-gaia-x-summit-europe-makes-the-difference/> https://international.eco.de/news/2021-gaia-x-summit-europe-makes-the-difference/>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home