Subscribe: CircleID: News Briefs
http://www.circleid.com/rss/rss_news/
Added By: Feedage Forager Feedage Grade B rated
Language: English
Tags:
circleid twittermore  circleid  follow circleid  follow  internet  ipv  mdash  new  regulation  rules  security  twittermore 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: CircleID: News Briefs

CircleID: News Briefs



Latest news postings on CircleID



Updated: 2017-03-23T22:40:00-08:00

 



U.S. Senate Voted to Eliminate Broadband Privacy Rules

2017-03-23T15:40:00-08:00

"The US Senate today voted to eliminate broadband privacy rules that would have required ISPs to get consumers' explicit consent before selling or sharing Web browsing data and other private information with advertisers and other companies," Jon Brodkin reporting in Ars Technica. "The rules were approved in October 2016 by the Federal Communications Commission's then-Democratic leadership, but are opposed by the FCC's new Republican majority and Republicans in Congress. ... Democrats and consumer advocates are furious. The acronym 'ISP' now stands for 'information sold for profit,' and 'invading subscriber privacy,' rather than 'Internet service providers.'"

Kate Tummarello, reporting in EFF: "ISPs have been lobbying for weeks to get lawmakers to repeal the FCC's rules that stand between them and using even creepier ways to track and profit off of your every move online. Republicans in the Senate just voted 50-48 (with two absent votes) to approve a Congressional Review Action resolution from Sen. Jeff Flake which — if it makes it through the House — would not only roll back the FCC's rules but also prevent the FCC from writing similar rules in the future. ... Speak up now to keep the House from doing the same thing."

"But critics of the rules say they are expensive to ISPs and subject them to tough privacy regulations not imposed on web-based companies like Google and Facebook. ... The FCC rules are confusing and costly and 'make the internet an uneven playing field,' said Senator Mitch McConnell, a Kentucky Republican and Senate majority leader." –Grant Gross, Senior Editor reporting from IDG News Service

Follow CircleID on Twitter

More under: Broadband, Policy & Regulation, Privacy




ISPs May Be Required to Remove Content, Shutdown Websites Under New EU-Wide Rules

2017-03-23T07:43:00-08:00

Under a draft legislation approved by the Internal Market and Consumer Protection Committee on Tuesday, national enforcement authorities would be required to have a set of powers to detect and halt online breaches of consumers' rights across the European Union.

— "The draft rules aim to close legal loopholes created by the fact that enforcement powers differ from one EU country to the next. Today, some enforcement authorities in the EU cannot prosecute traders for past infringements, such as misleading advertisements that were live for only a few hours or days. Nor are they able to track financial flows to identity those behind such breaches. Also, some authorities cannot take measures to take down websites containing scams pending the end of the investigation."

— "The draft rules would require EU member states' authorities to have a number of investigation and enforcement powers, e.g. to request information from domain registrars and banks to help them detect rogue traders, purchase, inspect and 'reverse engineer' goods or services as test purchases, including under a cover identity, and to order a hosting service provider to remove content, suspend or close down websites that host scams."

Follow CircleID on Twitter

More under: Cybercrime, Registry Services, Internet Governance, Law, Policy & Regulation




2017 North American IPv6 Summit to Be Held at LinkedIn Headquarters

2017-03-22T10:45:01-08:00

​​The collective North American IPv6 Task Forces announced the 2017 North American IPv6 Summit will be held at LinkedIn headquarters in Sunnyvale, CA. The two-day event (April 25-26), designed to educate network professionals on the current state of IPv6 adoption, will feature a variety of speakers from leading organizations, including LinkedIn, ARIN, Google Fiber, Microsoft, Cisco, Comcast, and others. The IPv6 North American Summit, first held in 2007, will cover such topics as exemplary IPv6 adoption, best practices in IPv6 deployment, methods for driving increased usage of IPv6, current IPv6 adoption trends, and future IPv6 growth projections. Awards will be presented to the top 10 North American service providers who achieved connecting over 20% of their subscribers with IPv6.

Follow CircleID on Twitter

More under: IPv6




Owner of .Feedback in Breach of Registry Agreement, Rules ICANN

2017-03-22T09:24:00-08:00

The Internet Corporation for Assigned Names and Numbers (ICANN) has ruled that .feedback owner Top Level Spectrum (TLS) is in breach of its registry agreement. Barney Dixon reporting in IPPro The Internet: "In an unprecedented review by a standing panel of the public interest commitments dispute resolution policy, ICANN found that TLS engaged in conduct that 'violated its commitments to operate .feedback in a clear and transparent manner'… They argued that the registry had perpetrated 'deceptive practices in the .feedback top level domain in violation of its public interest commitments'. The brands accused TLS of self allocating numerous domain names corresponding to brands, many of which were withheld during the TLD's sunrise period."

Follow CircleID on Twitter

More under: Domain Names, Law, Policy & Regulation, Top-Level Domains




Cisco Warning Software Used in Hundreds of Its Products Vulnerable to Critical Security Flaw

2017-03-21T08:50:00-08:00

"Hundreds of Cisco switches vulnerable to flaw found in WikiLeaks files" Zack Whittaker reporting in ZDNet: "Cisco is warning that the software used in hundreds of its products are vulnerable to a 'critical'-rated security flaw, which can be easily and remotely exploited with a simple command. The vulnerability can allow an attacker to remotely gain access and take over an affected device. ... The security flaw was discovered by the company's own security researchers in WikiLeaks' most recent disclosure of classified information, released last week."

Follow CircleID on Twitter

More under: Security




San Francisco Supervisor Working on Plan for Citywide High-Speed Internet

2017-03-15T04:11:00-08:00

"San Francisco Supervisor Mark Farrell has assembled a group of business, privacy and academic experts to discuss crucial, early-stage questions surrounding Farrell’s plan to wire the city with high-speed Internet service." Dominic Fracassa reporting in San Francisco Chronicle: "If it becomes reality, San Francisco would be the largest city in the country to implement citywide high-speed Internet. City officials are currently targeting speeds of 1 gigabit per second. The average Internet speed in the U.S. is 31 megabits per second according to the most recent data published by the Federal Communications Commission, so this could be about 30 times faster."

Follow CircleID on Twitter

More under: Access Providers, Broadband




Verizon to Stop Issuing New Public IPv4 Addresses

2017-03-10T15:23:01-08:00

Verizon has announced that starting June 30, 2017, it will stop issuing new Public Static IPv4 addresses due to a shortage of available addresses. While customers that currently have active Public Static IPv4 addresses will be able to retain their addresses, reserving new IP addresses will require companies to convert to the Persistent Prefix IPv6 requirements and implementation of new Verizon-certified IPv6 devices.

To encourage the move to Persistent Prefix IPv6, Verizon says:

— "Unlike IPv4, which is limited to a 32-bit prefix, Persistent Prefix IPv6 has 128-bit addressing scheme, which aligns to current international agreements and standards."

— "Persistent Prefix IPv6 will provide the device with an IP address unique to that device that will remain with that device until the address is relinquished by the user (i.e., when the user moves the device off the Verizon Wireless network)."

— "IPv4-only devices are not compatible with Persistent Prefix IPv6 addresses."

Follow CircleID on Twitter

More under: IP Addressing, IPv6




Dark Web Reported to Have Shrunk by 85% Since Freedom Hosting II Downfall

2017-03-08T13:06:00-08:00

In early February, free hosting provider Freedom Hosting II, known as one of the largest hosting providers for anonymous websites, was compromised along with all the websites it hosted. The takedown was estimated to have impacted 15-20% of all websites on the Dark Web, however, the actual impact is now reported to have been much larger.

Sarah Jamie Lewis, the main researcher behind the OnionScan, a Dark Web investigation tool, reports: "After the downfall of Freedom Hosting II we undertook the largest OnionScan crawl to date and examined over 30,000 onion services extracted from both the freedom hosting database and our existing master list. Of the 30,000 queried just over 4,400 were online when we scanned ... These 4,400 hidden services are far fewer than previous scans. We believe that the Freedom Hosting II takedown not only removed many thousands of active sites but also may have affected other hosting providers who were hosting some infrastructure on top of Freedom Hosting II. The sudden disappearance of Sigaint, an encrypted email provider, may also be associated with the decline of some hidden services."

Follow CircleID on Twitter

More under: Cybercrime, Web




Big Price Increases Needed to Keep New gTLDs Alive, Says Uniregistry CEO

2017-03-08T11:16:00-08:00

"Uniregistry is to massively increase the price of some of its under-performing new gTLDs in an effort to keep them afloat." Kevin Murphy reporting in Domain Incite: "Sixteen TLDs from the company’s portfolio of 27 will see price increases of up to 3,000% starting September 8, CEO Frank Schilling confirmed to DI today. 'We need more revenue from these strings, especially the low volume ones, without question, [Schilling] said. ... demand among worldwide consumers has been slower than expected."

Follow CircleID on Twitter

More under: Top-Level Domains




Verisign Given Approval to Restrict .COM and .NET Domains In Various Countries

2017-03-07T07:54:00-08:00

"Verisign has been given approval to start restricting who can and cannot register .com and .net domain names in various countries." Kevin Murphy reporting in Domain Incite: "Customers of Chinese registrars are the first to be affected by the change to the registry's back-end system, which was made last year. ICANN last week gave Verisign a 'free to deploy' notice for a new 'Verification Code Extension' system that enables the company to stop domains registered via selected registrars from resolving unless the registrant's identity has been verified and the name is not on China's banned list."

Follow CircleID on Twitter

More under: Domain Names, Internet Governance, Policy & Regulation, Top-Level Domains




Over a Billion Email Addresses of Major Spam Operation Exposed via Unprotected Backups

2017-03-06T12:30:00-08:00

(image) SPAMMERGATE: THE FALL OF AN EMPIRE / MacKeeper, 6 March 2017

A spamming group called River City Media (RCM) has had its database of 1.4 billion records leaked — this was revealed today by MacKeeper Security Researcher, Chris Vickery in cooperation with CSO Online and Spamhaus. Vickery writes: "Today we release details on the innerworkings of a massive, illegal spam operation. The situation presents a tangible threat to online privacy and security as it involves a database of 1.4 billion email accounts combined with real names, user IP addresses, and often physical address. Chances are that you, or at least someone you know, is affected. ... Imagine the privacy and legal implications here. Law enforcement agents normally have to go through a subpoena process before a service provider will hand over the name behind an IP address or account. This list maps out 1.4 billion. ... As of this morning, Spamhaus will be blacklisting RCM’s entire infrastructure."

Follow CircleID on Twitter

More under: Security, Spam




China Releases Strategy on Cyberspace Cooperation

2017-03-03T14:01:00-08:00

Ministry of Foreign Affairs and the Cyberspace Administration of China has jointly released a document titled "International Strategy of Cooperation on Cyberspace," aimed to provide a "comprehensive explanation of China's policy and position on cyber-related international affairs as well as the basic principles, strategic goals and plan of action in its external relations on that front."

From the report:

— "Countries should respect each other’s right to choose their own path of cyber development, model of cyber regulation and Internet public policies, and participate in international cyberspace governance on an equal footing. No country should pursue cyber hegemony, interfere in other countries’ internal affairs, or engage in, condone or support cyber activities that undermine other countries’ national security."

— "The tendency of militarization and deterrence buildup in cyberspace is not conducive to international security and strategic mutual trust. China encourages all parties to commit to peaceful settlement of disputes, non-use or threat of force and other basic norms in international relations and put in place consultation and mediation mechanisms to forestall and avoid conflict, so that cyberspace will not become a new battlefield."

See the official news release on China's press agency website, Xinhua.

Follow CircleID on Twitter

More under: Internet Governance, Policy & Regulation




FCC Blocks Stricter Broadband Privacy Rules

2017-03-02T18:31:00-08:00

"FCC blocks stricter broadband privacy rules from taking effect" – David Shepardson reporting in Reuters: "U.S. regulators on Wednesday blocked some Obama administration rules on the eve of implementation, regulations that would have subjected broadband providers to stricter scrutiny than web sites face to protect customers' private data. ... The rules aimed to protect personal consumer data. They would have subjected broadband internet service providers to more stringent data security requirements… The decision will 'provide time' for the FCC and the Federal Trade Commission to devise 'a comprehensive and consistent framework' to protect online privacy, the agency said in a statement [FCC Press Release]."

Follow CircleID on Twitter

More under: Access Providers, Broadband, Policy & Regulation, Privacy




New Cybersecurity Regulations in New York Go Into Effect

2017-02-28T21:59:00-08:00

Major financial firms operating in New York will face stiff cybersecurity obligations starting Wednesday under a new regulation introduced in the city. Out-Law.com reports: "The new regulation (14-page / 342KB PDF) has been set by the New York State Department of Financial Services (DFS) and will apply to firms holding a banking, insurance or financial services licence to operate in New York. ... The rules are effective from 1 March, but firms will have 180 days to make any changes necessary to comply before enforcement action would be threatened ... Under the new rules, financial services companies will be required to 'maintain a cybersecurity program' that can 'protect the confidentiality, integrity and availability' of their information systems. The program must incorporate detect, defence and response mechanisms, including regulatory reporting obligations, as well as penetration testing."

Follow CircleID on Twitter

More under: Cybercrime, Law, Policy & Regulation, Security




ICANN Drifting Toward Online Content Regulation, Says Law Professor

2017-02-28T19:41:00-08:00

In a paper for the Washington & Lee Law Review, University of Idaho College of Law Professor Annemarie Bridy, depicts ICANN's ambivalent drift into online content regulation through its contractual facilitation of a "trusted notifier" copyright enforcement program between the Motion Picture Association of America (MPAA) and two registry operators for new gTLDs, Seattle-based Donuts and Abu Dhabi-based Radix. She wrote: "It is the first of its kind, however, to rely on stewards of the Internet's core technical functions. And that makes it different from the others in a way that implicates Internet infrastructure and governance."

— "[T]his article reckons both descriptively and normatively with the fact that registry operators are now acting — without precedent but with ICANN's blessing — as private copyright enforcers. No matter how vehemently ICANN officials insist that they are minding the limits of their mission, the truth of the matter is that ICANN knowingly created a contractual architecture for the new gTLDs that supports a program of private, DNS-based content regulation on behalf of copyright holders and, potentially, other 'trusted' parties."

— "[I]n creating that architecture, ICANN did nothing to secure any procedural protections or uniform substantive standards for domain name registrants who find themselves subject to this new form of DNS regulation. That omission should be a red flag for those who worry that ICANN’s newly minted independence from the U.S. government will make its internal governance more susceptible to capture by powerful commercial and governmental interests."

Follow CircleID on Twitter

More under: Domain Names, ICANN, Law




FCC Chairman Ajit Pai: Net Neutrality "A Mistake", Planning on Much Lighter Style Regulation

2017-02-28T12:15:00-08:00

(image)

During a speech at Mobile World Congress today, Ajit Pai said that net neutrality was "a mistake" and that the commission is now "on track" to return to a much lighter style of regulation. "Our new approach injected tremendous uncertainty into the broadband market, and uncertainty is the enemy of growth. ... Today, the torch at the FCC has been passed to a new generation, dedicated to renewal as well as change. ... We are confident in the decades-long, cross-party consensus on light-touch internet regulation ... and we are on track to returning to that successful approach.” Jacob Kastrenakes reporting in The Verge: "Pai’s argument is that internet providers were doing just fine under the old rules and that the new ones have hurt investment."

Follow CircleID on Twitter

More under: Access Providers, Net Neutrality, Policy & Regulation




FCC Gives Approval to LTE-U Devices

2017-02-23T18:22:00-08:00

Ericsson, Nokia get go-ahead for LTE-U base stations despite early fears they might interfere with Wi-Fi – Jon Gold reporting in Network World: "The Federal Communications Commission today approved two cellular base stations — one each from Ericsson and Nokia — to use LTE-U, marking the first official government thumbs-up for the controversial technology. ... T-Mobile has already announced that it will be deploying LTE-U technology… Other major tech sector players, including Google, Comcast, and Microsoft, have expressed serious concerns that LTE-U doesn't play as nicely with Wi-Fi as advertised."

Follow CircleID on Twitter

More under: Mobile, Policy & Regulation, Wireless




Security Researchers Announce First SHA-1 Collision, Confirming Fears About Its Vulnerabilities

2017-02-23T17:50:00-08:00

(image)

In a joint announcement today, Dutch research institute CWI and Google revealed that they have broken the SHA-1 internet security standard "in practice". Industry cryptographic hash functions such as SHA1 are used for digital signatures and file integrity verification, and protects a wide spectrum of digital assets, including credit card transactions, electronic documents, open-source software repositories and software updates.

"Today, 10 years after of SHA-1 was first introduced, we are announcing the first practical technique for generating a collision," said the Google Team in a blog post today. "This represents the culmination of two years of research that sprung from a collaboration between the CWI Institute in Amsterdam and Google. ... For the tech community, our findings emphasize the necessity of sunsetting SHA-1 usage. Google has advocated the deprecation of SHA-1 for many years, particularly when it comes to signing TLS certificates. ... We hope our practical attack on SHA-1 will cement that the protocol should no longer be considered secure."

What types of systems are affected? "Any application that relies on SHA-1 for digital signatures, file integrity, or file identification is potentially vulnerable. These include digital certificate signatures, email PGP/GPG signatures, software vendor signatures, software updates, ISO checksums, backup systems, deduplication systems, and GIT." https://shattered.io/

"This is not a surprise. We've all expected this for over a decade, watching computing power increase. This is why NIST standardized SHA-3 in 2012." Bruce Schneier / Feb 23

Follow CircleID on Twitter

More under: Cyberattack, Security




FCC Rolls Back Net Neutrality Transparency Rules for Smaller ISPs

2017-02-23T14:54:00-08:00

The Republican-controlled FCC on Thursday suspended the net neutrality transparency requirements for broadband providers with fewer than 250,000 subscribers. Grant Gross from IDG News Service reports: "The transparency rule [official FCC release], waived for five years in a 2-1 party-line vote Thursday, requires broadband providers to explain to customers their pricing models and fees as well as their network management practices and the impact on broadband service. The commission had previously exempted ISPs with fewer than 100,000 subscribers, but Thursday's decision expands the number of ISPs not required to inform customers. Only about 20 U.S. ISPs have more than 250,000 subscribers. The five-year waiver may be moot, however."

Follow CircleID on Twitter

More under: Access Providers, Net Neutrality, Policy & Regulation




NTIA Extends Comment Period for Its Paper "Fostering the Advancement of the Internet of Things"

2017-02-23T11:52:00-08:00

Robert Cannon writes: Over the past year, the National Telecommunications and Information Administration in the Department of Commerce has convened a series of meetings and sought feedback on the policy implications of the Internet of Things. In January, prior to the administration transition, NTIA released a draft working paper Fostering the Advancement of the Internet of Things (also reported here on CircleID). It is unclear how agency work released in January might survive the transition. However, indicating that NTIA's IoT paper is still viable, NTIA under the new administration released a notice extending the comment period on the draft. Comments will now be accepted until March 13, 2017.

Follow CircleID on Twitter

More under: Internet of Things, Policy & Regulation