[Newsclips] IETF SYN-ACK Newspack 2022-06-20

[David Goldstein <david@goldsteinreport.com>]

The IETF SYN-ACK Newspack collects IETF-related items from a variety of news outlets and other online publications. They do not represent the views of the IETF and are not checked for factual accuracy.

 

And just a reminder, if any IETF participants have any news or articles to share and would like included, please feel free to send through the link and I’ll include it in the next edition under the “News From IETF Participants” section. The news or article doesn’t have to mention the IETF, just be relevant to the IETF’s work.

 

Happy reading,

David

 

**********************

IETF IN THE NEWS

**********************

Cloudflare and the IETF

The Internet, far from being just a series of tubes, is a huge, incredibly complex, decentralized system. Every action and interaction in the system is enabled by a complicated mass of protocols woven together to accomplish their task, each handing off to the next like trapeze artists high above a virtual circus ring. Stop to think about details, and it is a marvel.

< <https://blog.cloudflare.com/cloudflare-and-the-ietf/> https://blog.cloudflare.com/cloudflare-and-the-ietf/>

 

Cloudflare and the IETF [video]

Join our research team as they discuss Cloudflare and the IETF.

< <https://cloudflare.tv/event/17GYDWOiR9Lf2tUXFE1i1U> https://cloudflare.tv/event/17GYDWOiR9Lf2tUXFE1i1U>

 

Oblivious DNS-over-HTTPS offers privacy enhancements to secure lookup protocol

Security engineers are proposing an experimental protocol that promises greater privacy in how DNS, the internet’s equivalent of a telephone directory, operates. ... The experimental protocol has been developed outside the IETF but with the involvement of engineers at Apple, Cloudflare, and Fastly.

< <https://portswigger.net/daily-swig/oblivious-dns-over-https-offers-privacy-enhancements-to-secure-lookup-protocol> https://portswigger.net/daily-swig/oblivious-dns-over-https-offers-privacy-enhancements-to-secure-lookup-protocol>

 

Stalloris: RPKI downgrade attack

The Internet consists of networks called Autonomous Systems (ASes), which are connected via the Border Gateway Protocol (BGP). Routers in each AS send BGP announcements to exchange information about their reachability. Based on this information, BGP calculates the best routes to Internet destinations, over which data packets are delivered. ... To protect inter-domain routing against prefix hijacks, the IETF-standardized Resource Public Key Infrastructure (RPKI): The ASes can sign the prefixes assigned to them, creating Route Origin Authorizations (ROAs) and store them in repositories at RPKI publication points. These ROAs indicate which ASes are authorized to originate a given prefix in BGP.

< <https://blog.apnic.net/2022/06/15/stalloris-rpki-downgrade-attack/> https://blog.apnic.net/2022/06/15/stalloris-rpki-downgrade-attack/>

 

Neues Gesetz: Interoperabilität von Messenger-Diensten in der EU ab 2023? [New law: Interoperability of messenger services in the EU from 2023?]

Mit dem Gesetz über digitale Märkte will die EU große Messenger-Dienste zur Interoperabilität mit kleineren Anbietern verpflichten. Das bedeutet: WhatsApp, Telegram, Signal & Co. könnten schon ab 2023 miteinander kompatibel sein. ... Eine neu eingerichtete Arbeitsgruppe der IETF arbeitet bereits an Protokollen, die Interoperabilität erleichtern sollen, so heise. Sollte die Expertise der IETF nicht genügen, habe die EU das Recht, weitere Organisationen aus der EU zum Schreiben entsprechender Protokolle zu verpflichten.

< <https://www.finanzen.net/nachricht/geld-karriere-lifestyle/imessage-whatsapp-co-neues-gesetz-interoperabilitaet-von-messenger-diensten-in-der-eu-ab-2023-11447227> https://www.finanzen.net/nachricht/geld-karriere-lifestyle/imessage-whatsapp-co-neues-gesetz-interoperabilitaet-von-messenger-diensten-in-der-eu-ab-2023-11447227>

 

#Security: IPv6 – ein unbeliebtes IT-Thema feiert Jubiläum [#Security: IPv6 – an unpopular IT topic celebrates anniversary]

... Vor fünf Jahren – im Juli 2017 – hat die internationale IETF das "neue" Internetprotokoll IPv6 im RFC 8200 als Internetstandard erklärt. Die Geschichte reicht allerdings deutlich weiter zurück: Der Draft Standard von IPv6 (RFC 2460) datiert bereits aus dem Jahr 1998. Die Hauptmotivation war es bereits damals, das Problem des beschränkten Internetadressraums des Vorgängers IPv4 zu lösen.

< <https://www.inside-it.ch/security-ipv6-–-ein-unbeliebtes-it-thema-feiert-jubilaeum-20220617> https://www.inside-it.ch/security-ipv6-–-ein-unbeliebtes-it-thema-feiert-jubilaeum-20220617>

 

**********************

SECURITY & PRIVACY

**********************

How tailored national cybersecurity strategies enable safe, inclusive and sustainable digital development

Countries worldwide—and developing countries in particular—recognize the need for digital transformation to foster economic growth, improve efficiency, enable skills development, and advance human and social development.

< <https://www.itu.int/hub/2022/06/tailored-national-cybersecurity-strategies-safe-inclusive-sustainable-digital-development/> https://www.itu.int/hub/2022/06/tailored-national-cybersecurity-strategies-safe-inclusive-sustainable-digital-development/>

 

us: A polycentric approach to Internet governance and cybersecurity

The Program on Cybersecurity and Internet Governance, created in January 2017, brings together scholars from across Indiana University and beyond to build scholarly networks, as well as seek out partnerships with managers and policymakers in the United States and abroad in order to translate research findings into effective policy.

< <https://ostromworkshop.indiana.edu/research/cybersecurity-internet/index.html> https://ostromworkshop.indiana.edu/research/cybersecurity-internet/index.html>

 

EU and U.S. Join Forces to Help Developing World Cybersecurity

Earlier this week, the Wall Street Journal published the following story: U.S., EU Plan Joint Foreign Aid for Cybersecurity to Counter China. Here’s an excerpt: “The U.S. and the European Union plan to introduce joint funding of secure digital infrastructure in developing countries, according to officials involved in the talks.

< <https://www.govtech.com/blogs/lohrmann-on-cybersecurity/eu-and-u-s-join-forces-to-help-developing-world-cybersecurity> https://www.govtech.com/blogs/lohrmann-on-cybersecurity/eu-and-u-s-join-forces-to-help-developing-world-cybersecurity>

 

U.S., EU Plan Joint Foreign Aid for Cybersecurity to Counter China [subscription]

The U.S. and the European Union plan to introduce joint funding of secure digital infrastructure in developing countries, according to officials involved in the talks. The effort marks the first time the EU and U.S. will work together to fund and help protect other countries’ critical infrastructure against cyberattacks. By working together on cybersecurity, the EU and U.S. aim to help countries that otherwise might be eager to accept funding from China, an EU official said. Initial projects, likely in Africa or Latin America, could be under way by the end of the year, officials said. Russia’s invasion of Ukraine has underscored the importance of supporting telecommunications networks and other hardware in countries vulnerable to nation-state cyberattacks, they said.

< <https://www.wsj.com/articles/u-s-eu-plan-joint-foreign-aid-for-cybersecurity-to-counter-china-11655285401> https://www.wsj.com/articles/u-s-eu-plan-joint-foreign-aid-for-cybersecurity-to-counter-china-11655285401>

 

A tiny botnet launched the largest DDoS attack on record

Web-performance firm Cloudflare says it mitigated a record-breaking DDoS attack last week that peaked at 26 million request per second (rps). It was caused by a small but powerful botnet of just 5,067 devices.

< <https://www.zdnet.com/article/a-tiny-botnet-launched-the-largest-ddos-attack-on-record/> https://www.zdnet.com/article/a-tiny-botnet-launched-the-largest-ddos-attack-on-record/>

 

Cloudflare mitigates 26 million request per second DDoS attack

Last week, Cloudflare automatically detected and mitigated a 26 million request per second DDoS attack — the largest HTTPS DDoS attack on record.

< <https://blog.cloudflare.com/26m-rps-ddos/> https://blog.cloudflare.com/26m-rps-ddos/>

 

Chicago expands and activates quantum network, taking steps toward a secure quantum internet

Scientists with the Chicago Quantum Exchange (CQE) at the University of Chicago’s Pritzker School of Molecular Engineering announced today that for the first time they’ve connected the city of Chicago and suburban labs with a quantum network—nearly doubling the length of what was already one of the longest in the country. The Chicago network, which will soon be opened to academia and industry, will become one of the nation’s first publicly-available testbeds for quantum security technology.

< <https://news.uchicago.edu/story/chicago-quantum-network-argonne-pritzker-molecular-engineering-toshiba> https://news.uchicago.edu/story/chicago-quantum-network-argonne-pritzker-molecular-engineering-toshiba>

 

DNS abuse trends

DNS abuse is one of the most important ongoing discussions in the community. Many of the existing industry white papers and general discussions around abuse incidents are based on data from reputation feeds, also called Reputation Blocklists (RBLs). The results of such reports often indicate that domain name abuse is growing. However, these papers typically have used studies focused on a short time span such as half a year or less.

< <https://blog.apnic.net/2022/06/14/dns-abuse-trends/> https://blog.apnic.net/2022/06/14/dns-abuse-trends/>

 

**********************

INTERNET OF THINGS

**********************

Cybersecurity And Risk Management In The Internet Of Things

A broad and vast network of devices connected to the internet is the vision of the Internet of Things (IoT). In this vision, the IoT connects nearly every aspect of life—whether that’s cardiac rhythm monitoring in the home for greater health support, traffic management to alleviate congestion and air quality monitoring and decrease air pollution, sensors that track movement along the supply chain for efficiency, condition monitoring in agriculture for sustainability and optimization, predictive maintenance and enhanced productivity to make manufacturing sleeker and scalable or much more.

< <https://www.forbes.com/sites/forbestechcouncil/2022/06/16/cybersecurity-and-risk-management-in-the-internet-of-things/> https://www.forbes.com/sites/forbestechcouncil/2022/06/16/cybersecurity-and-risk-management-in-the-internet-of-things/>

 

Energy harvesting to power the Internet of Things

The wireless interconnection of everyday objects known as the Internet of Things depends on wireless sensor networks that need a low but constant supply of electrical energy. This can be provided by electromagnetic energy harvesters that generate electricity directly from the environment. Lise-Marie Lacroix from the Université de Toulouse, France, with colleagues from Toulouse, Grenoble and Atlanta, Georgia, USA, has used a mathematical technique, finite element simulation, to optimise the design of one such energy harvester so that it generates electricity as efficiently as possible. This work has now been published in the journal EPJ Special Topics.

< <https://www.sciencedaily.com/releases/2022/06/220613111942.htm> https://www.sciencedaily.com/releases/2022/06/220613111942.htm>

 

**********************

NEW TRANSPORT PROTOCOLS

**********************

New Zealand government agencies lag Australia's in DMARC enforcement

Deployment of DMARC email domain protection is growing fast in New Zealand, but the bulk of certifications are only in reporting mode.

< <https://www.reseller.co.nz/article/699074/new-zealand-organisations-lag-australia-dmarc-enforcement/> https://www.reseller.co.nz/article/699074/new-zealand-organisations-lag-australia-dmarc-enforcement/>

 

Oblivious DNS-over-HTTPS offers privacy enhancements to secure lookup protocol

Security engineers are proposing an experimental protocol that promises greater privacy in how DNS, the internet’s equivalent of a telephone directory, operates. ... The experimental protocol has been developed outside the IETF but with the involvement of engineers at Apple, Cloudflare, and Fastly.

< <https://portswigger.net/daily-swig/oblivious-dns-over-https-offers-privacy-enhancements-to-secure-lookup-protocol> https://portswigger.net/daily-swig/oblivious-dns-over-https-offers-privacy-enhancements-to-secure-lookup-protocol>

 

Solana’s New Gas Fees Won’t Make the Network 'Expensive,' Says Co-Founder

... Another key piece of the puzzle is QUIC, a Google-developed protocol that will replace Solana’s existing, “raw UDP” (user datagram protocol), said Yakovenko. QUIC includes flow control capabilities, “where you can force bots and senders to back off and slow down,” he added.

< <https://decrypt.co/103106/solana-new-gas-fees> https://decrypt.co/103106/solana-new-gas-fees>

 

HTTP/3: che impatto avrà il nuovo protocollo sulla cyber security ... Addio TCP, benvenuto QUIC [HTTP/3: what impact will the new protocol have on cyber security ... Goodbye TCP, welcome QUIC]

A livello progettuale, HTTP/3 è un salto quantico rispetto alla precedente versione, il che ovviamente non ci deve stupire: nasce per questa ragione. HTTP/3 migliora il protocollo su più fronti: prestazioni scalabilità e sicurezza.

< <https://www.cybersecurity360.it/outlook/http-3-che-impatto-avra-il-nuovo-protocollo-sulla-cyber-security/> https://www.cybersecurity360.it/outlook/http-3-che-impatto-avra-il-nuovo-protocollo-sulla-cyber-security/>

 

TCP/IPの後継技術になるか、常識を破る「QUIC」と「ICN」の衝撃 [Will it become a successor technology to TCP/IP, or will the impact of "QUIC" and "ICN" break common sense]

... QUICは、米グーグルが自社のWebサービスで大量のアクセスを高速に処理するために開発した独自プロトコルをベースにしている。同社はこのプロトコルを2015年にIETFへ提出。その後、TLS（Transport Layer Security）の機能を取り込み、HTTP以外にも使えるようにするなどの変更を加えて標準化へと至った。

< <https://xtech.nikkei.com/atcl/nxt/column/18/02085/052500006/> https://xtech.nikkei.com/atcl/nxt/column/18/02085/052500006/>

 

HTTP/2: что это и зачем он вам [HTTP/2: what it is and why do you need it]

... И не забывайте: веб-технологии не стоят на месте, и уже скоро стандартом станет новый протокол, известный сейчас как QUIC – его чаще всего и называют HTTP/3. Поддержка QUIC в современных браузерах уже есть, но я ни разу не слышал, чтобы виртуальный хостинг в РФ уже предлагал клиентам этот протокол. Кроме того, при нынешней моде на блокировки всего подряд HTTP/3 также попадает под раздачу – но это тема для совершенно других материалов.

< <https://vc.ru/seo/442112-http-2-chto-eto-i-zachem-on-vam> https://vc.ru/seo/442112-http-2-chto-eto-i-zachem-on-vam>

 

Что делать, если YouTube и сервисы Google стали работать медленно. Практическая инструкция по ускорению работы [What to do if YouTube and Google services are slow. Practical instructions for speeding up work]

Так или иначе нынешняя ситуация затронула каждого из нас. Например, Роскомнадзор начал блокировку протокола HTTP/3 (QUIC), который активно используется компанией Google (и не только) для повышения скорости отдачи контента.

< <https://www.ixbt.com/live/sw/uskoryaem-rabotu-servisov-google-i-youtube-ili-kak-minutnye-nastroyki-mogut-sekonomit-vashe-vremya.html> https://www.ixbt.com/live/sw/uskoryaem-rabotu-servisov-google-i-youtube-ili-kak-minutnye-nastroyki-mogut-sekonomit-vashe-vremya.html>

 

**********************

OTHERWISE NOTEWORTHY

**********************

Saudi plans for enhancing the Kingdom's cybersecurity. China introduces rebrand of Internet protocol.

... For years Beijing has attempted to use the International Telecommunication Union (ITU), the United Nations agency responsible for the standardization of information and communication technologies, as a forum for engaging other nations interested in asserting increased government control over internet architecture. 

< <https://thecyberwire.com/newsletters/policy-briefing/4/113> https://thecyberwire.com/newsletters/policy-briefing/4/113>

 

Russia is taking over Ukraine’s Internet

Web pages in the city of Kherson in south Ukraine stopped loading on people’s devices at 2:43 pm on May 30. For the next 59 minutes, anyone connecting to the Internet with KhersonTelecom, known locally as SkyNet, couldn’t call loved ones, find out the latest news, or upload images to Instagram. They were stuck in a communications blackout. When web pages started stuttering back to life at 3:42 pm, everything appeared to be normal. But behind the scenes everything had changed: Now all Internet traffic was passing through a Russian provider and Vladimir Putin’s powerful online censorship machine.

< <https://arstechnica.com/tech-policy/2022/06/russia-is-taking-over-ukraines-internet/> https://arstechnica.com/tech-policy/2022/06/russia-is-taking-over-ukraines-internet/>

 

Building tomorrow’s telecommunications network today

The current 5G evolution in network connectivity is expected to drive unprecedented demands for bandwidth, reliability, and security. However, a network of this magnitude and robustness doesn’t pop up overnight and enterprises and consumers are just beginning to realize the myriad use cases a 5G network can support.

< <https://www.technologyreview.com/2022/06/15/1053689/building-tomorrows-telecommunications-network-today/> https://www.technologyreview.com/2022/06/15/1053689/building-tomorrows-telecommunications-network-today/>

 

Building the Next Generation Internet as an Internet of Humans [Sponsored by NGI]

Re-imagining and re-engineering the Internet to be fit for the future we want, while we continue using it to help run our societies and economies will require an immense collaborative effort.

< <https://sciencebusiness.net/building-next-generation-internet-internet-humans> https://sciencebusiness.net/building-next-generation-internet-internet-humans>

------

David Goldstein

email:  <mailto:david@goldsteinreport.com> david@goldsteinreport.com

web:  <http://goldsteinreport.com/> http://goldsteinreport.com/

Twitter:  <https://twitter.com/goldsteinreport> https://twitter.com/goldsteinreport

phone: +61 418 228 605 - mobile; +61 2 9663 3430 - office/home