External commentary

” — Не! — възрази Мери. — Никакво „приютяване“. Досега народът само това е правил, а пък на разбойниците така им е най-удобно. Просто ще ни нападнат с обединени сили, ще ни заклещят и ще ни изкарат навън или ще ни подпалят. Не, трябва да сторим нещо друго.
— Какво? — запита Пипин.
— Да вдигнем Графството на бунт! — каза Мери. — Сега! Да събудим всички! Нали виждате, че те ненавиждат тоя ред — ненавиждат го всички освен един-двама негодници и неколцина глупаци, които искат да се правят на важни, но изобщо не разбират какво става всъщност. Ала народът на Графството тъй дълго е живял на спокойствие, че не знае какво да прави. Нужна им е само искра и всички ще пламнат. Хората на Началника трябва да знаят това. Ще се опитат да ни стъпчат, незабавно да ни изгасят. Останало ни е съвсем малко време. Сам, ти бягай до чифлика на Памуксън, ако искаш. По тия места той е най-известен и най-храбър. Аз ще надуя Роханския рог и ще им посвиря малко музика, каквато не са чували до днес.
Върнаха се към селския площад. Тук Сам свърна настрани и препусна надолу по южния път към чифлика на Памуксън. Преди да се отдалечи много, към небето изведнъж се надигна звънлив и ясен зов на рог. Той отекна надалеч из хълмове и поля, тъй властен бе този зов, че Сам едва не полетя обратно. Понито му се изправи на задни крака и изцвили.
— Напред, моето момче! Напред! — викна Сам. — Скоро ще се върнем.
После чу как Мери промени мелодията и бойният сигнал на Фуков край разтресе въздуха:
На крак! На крак! Страх, огън, враг! На крак!
Огън, враг! На крак!“

Разпознахте ли текста от “Властелина на пръстените“?

Звучи ли ви познато? И какво излиза – в приказките може, но ние сме по-заспали от хобитите…

Врагът, с който трябва да се преборим, е скрит в самите нас. Преди няколко дни го казах в моя блог:

“Ще попитате кой е виновен за дереджето на страната и хората, като най-вероятно ще посочите политиците, медиите, кой ли не.
Ние винаги търсим някой друг, който да е виновен.
В този случай виновният е лесно установим – достатъчно е човек да се погледне в огледалото**. Ние позволихме на пяната да изплува, ние сме тези, които избраха собствените си палачи. И не се оправдавайте – няма никакво значение какво ще кажете: виновните сме си ние самите.”

С всеки наш избор ние успявахме да избираме все по-зле и по-зле, но вместо да се замислим защо е така, ние

продължавахме упорито да се правим, че нищо не зависи от нас

и да гласуваме за хора, които уж изглеждаха нормално, уж се държаха като нормални, но в момента, в който влизаха във властта, се променяха.
Неколцината, които останаха верни на себе си, не можеха да се съпротивляват и бяха пометени от общата безлична маса.
Ние сами направихме така, че във властта влязоха хората, които не искат ние да говорим, а ако го правим, ни следят какво казваме и ни наказват, използвайки цялата репресивна машина на държавната власт.

И при това имахме много добри причини да бъдем такива, каквито сме – искахме някой да накаже предишните управляващи и си натресохме това, което ни се случва. Имаше достатъчно наивни причини, които ни накараха да повярваме, че следващият ще ни оправи, стига да сме тихи и кротки добитъци, които се подчиняват и обичат господаря си. Дори тогава, когато той ги води на заколение в скотобойната.

Какво можем да направим, освен да гласуваме?

Да мислим, да обсъждаме, да говорим!

Властта се страхува от нашето говорене, от свободата да гледаме и да виждаме, следователно трябва да правим точно това.
Защото няма по-верен признак за това, че успяваме, от това какво се опитват да ни забранят.
Страхуват ли се от свободния Интернет, значи това е нещо, което ни е необходимо.
Мачкат ли ни от телевизионния екран, значи не трябва да гледаме тази телевизия.
Печатат ли глупости, не бива да ги четем. Излъчват ли пропагандата си по радиото, сменете станцията.
Само така ще ги накараме да бъдат честни с нас.

Може да е малко, но е нещо. Опитайте и вие!. Някой може да ви попита: „Е, само това ли ще направиш?“, на което отговорете с насрещен въпрос: „А ти и това ли не щеш да сториш?“

Има смисъл да се опитваме да променим времето.

И не само защото Левски е усещал, че то е в нас и ние сме в него, че взаимно се обръщаме.

Има смисъл, защото не всички са идиоти, но понеже нормалните отказват да се набъркат в политиката, в нея остават само ненормалните.

От нас зависи – от всеки един от нас – какво бъдеще чака страната. Иска ми се това бъдеще да е наистина постижимо и светло, а настоящето да стане по-чисто. Иска ми се вие да го искате също. Ако достатъчно хора го поискаме, все ще успеем да го направим – заедно, в действие, а не поотделно и в очакване някой да дойде и да ни оправи.

Случващото се днес в България се харесва само на ограничен кръг от хора.
Те построиха една нова България – не онази, демократичната, която ние искахме преди 1989 г. и към която се стремяхме след 1990-а, а друга – напълно сбъркана, в която всичко изглежда грозно и грешно:

- Родителите ни, работили по 30-40 години получават мизерни пенсии.
- Здравеопазването е под всякаква критика и само всеотдайността на лекарите спасява хората, но и на това му се вижда краят.
- Дори нещата, за които би трябвало да не мислим много-много са оплескани – туризмът, например, е устроен така, сякаш България е единствената страна, която цялото човечество е избрало за дестинация и няма друг избор, освен да дойде на почивка на Черно море или в Банско.
- Дори улиците са целите в кръпки – така, както в кръпки са и душите ни.

И така нататък, списъкът може и да има край, но аз все още не съм стигнал до него.

Можем ли да направим така, че България да се възроди?
Можем ли да започнем истинското Възраждане, 150 години след онова, което ни докара до Априлското въстание?
Можем ли да се освободим от гнета и игото? От игото на собствения страх и нежелание да се вдигнем на крак и да отхвърлим тиранията на удобния живот, в който не се грижим за нищо, освен за собственото си благополучие? Благополучие, постигнато с цената на синила от бича, следи от теглото и от хомота на послушния добитък?

Няма кой да дойде и да ни оправи, а и нещо по-важно: спомнете си думите пак на Левски, че който ни освободи, той ще ни пороби!
Не бива да искаме други да ни освобождават от собствените ни страхове, недъзи и проблеми. Сами, сами – на крак, сега, днес, веднага!

Само ако се освободим сами, ще бъдем истински свободни!

ICANN today launched a database to enable trademark holders register their brands for protection against the upcoming new gTLDs. The Trademark Clearinghouse, according to ICANN, is the only officially authorised solution offering brands a one-stop-foundation for the safeguarding of their trademarks in domain names across the multiple new gTLDs that will go live from summer 2013. The cost of registering a trademark ranges between $95 and $150 a year.

Follow CircleID on Twitter

More under: ICANN, Top-Level Domains

Това е мое интервю за “Гласове”, смених само заглавието. “Гласове” бяха сложили по-пикантното: “МВР Пикчърс” представя: Разрухата на малка и бедна България.

Трябва да се отървем от уникално простите политици, за да успеем в XXI век: казва Вени Марковски, председател на „Интернет общество – България“. По думите му най-опасната част от едноличното управление на Борисов беше безусловната подкрепа, която той даваше на лицето министър, станало по-известно с прякорите си Цвинкио и Цецерон. Не трябва да забравяме, че избрахме Симеон, в чиято официална биография липсваха над 30 г., а след него Борисов, в чиято биография имаше бизнес с хора, разстреляни показно по софийските улици.

- Г-н Марковски, как се стигна дотук? Кои хора поискаха оставката на Борисов, кои се възползваха от протестите и защо толкова лесно ГЕРБ се оттегли от властта?

- На последния въпрос отговора знае най-добре само и единствено Бойко Борисов. Ние можем само да предполагаме и да гадаем, но едва ли ще разберем как точно е лъкатушела неговата мисъл в онези дни.

Оставката му я искахме отдавна – и най-различни хора, не само тези, които излязоха на протестите. Лично за мен най-опасната част от едноличното управление на г-н Борисов бе безусловната подкрепа, която той даваше на лицето министър, станало по-известно с прякорите си Цвинокио и Цецерон. Не забравяйте, че разрухата на държавността може и да не е започнала с тези двама души, но със сигурност получи своите най-ярки прояви във филмите на „МВР Пикчърс“, в които полицаи сваляха на земята бивши министри и бивши съдружници на г-н Борисов, за да се окаже, че няма никакви годни доказателства срещу тях. Разбира се,

най-ужасяващото проявление на тази еднолична и напълно надменна и нагла власт стана речта на г-н Цветанов пред Народното събрание,

по време на която той обяви едни лекари за убийци. Направи го спокойно, с ясното съзнание, че отправя обвинения, които са не просто нелепи, а убийствени – спрямо лекарите.

- А защо „с ясното съзнание“? Може би го е направил неволно?

- Да, това е удобно извинение, но все пак той беше министър, вицепремиер. Вярно, че е завършил физкултура, но в биографията му се мъдри и следдипломна квалификация по право в УНСС. Има два варианта: или е съзнавал, или не е съзнавал, т.е. невменяем е. Нали не искате да си мислим, че бившият вътрешен министър е лице, което е неспособно да осъзнава постъпките си?

- Да се върнем на протестите. Любима тема на повечето анализатори е „сценарият или липсата на такъв”. Имаше ли според вас предварително изготвен план и ако да, от кого? Или всичко се случва в хаоса на невежеството и недалновидността? Защото, съгласете се, искането да се отменят декемврийските сметки за ток звучат абсурдно. По всички останали точки протестиращите не постигнаха споразумение и се прибраха – кои по домовете, кои в палатки „на по бира” до парламента…

- Абсурдното не е искането да се отменят сметките, а това, че хората тръгнаха да протестират по улиците едва тогава, когато им се бръкна в джоба. И то само защото бъркането беше направено просташки, нагло. Дето се казва, фирмите можеха да продължат да скубят кокошката, без тя да кряка, но направиха голяма грешка.

Щеше да е много по-добре за България, ако протестите бяха за злоупотребата с власт, а не за злоупотребата със сметките. Но нейсе – такъв е материалът, както казваше в Чикаго един наш политик. Енергията се загуби и заради типичното нашенско недоверие, че „и тия са като ония“. Веднага се извадиха компромати срещу всеки един от протестиращите, който се осмеляваше да прояви някакви лидерски качества. Т.е. народът протестира, но някак си иска новите лидери, новите политици да не са от нашенско.

- Какъв е профилът на сегашния служебен кабинет? Защо буди повече недоверие, отколкото сигурност?

- Нямам представа защо има хора, които са недоверчиви към този кабинет – при положение че бяха толкова доверчиви към кабинета „Борисов“, за членовете на който не се знаеше нищо или почти нищо. Вероятно може да се обясни с чувства. Хората са били влюбени в Бойко Борисов и са приемали неговите министри като някакво продължение на самия премиер. Сега не са влюбени в Марин Райков и му нямат доверие.

Имам една новина за такива хора: не всичко е любов.

- Познавате ли някого лично вътре? Има ли назначение, което искрено ви учуди? Или зарадва? Какво мислите за електронното правителство в този кабинет?

- Познавам много от хората в кабинета „Райков“ – министрите на икономиката, на отбраната, на външните работи, мнозина от заместниците. Има хора, които се върнаха от Щатите, от Англия, за да помогнат на родината си. Намирам учудващи не назначенията, а недоверието на хората към тези нови лица. Обнадежден съм от това, че има министър на електронното правителство. Дано в следващия кабинет се появи най-накрая и Министерство на информационното общество, а във всяко министерство да се назначи т.нар. директор по информационното общество. Не шеф на ИТ отдел, каквито и сега има, а именно хора, които да координират действията по създаване, пускане и работа на електронното правителство.

Много се говори, че имало корупция у нас. Гарантирам ви, че няма как да корумпирате компютъра. Нека кабинетът продължи развитието на електронното правителство, нека даже се дадат още пари – това е най-малкият проблем. Големият е, че ако няма дори и малко електронно управление, то има много корупция. Но има хора, които непрекъснато протестират и се оплакват, че струвало скъпо.

- Появиха се и предположения, че Борисов се е възползвал от уличните протести и страхливо се е скрил до изборите, за да не трупа повече „народна любов”. Споделяте ли такова мнение и какъв ще е резултатът от изборите – за Борисов, за десницата, за БСП? Виждате ли ясен победител?

- Че е страхлив – това вече го знаят всички, но че вдига кръвното толкова лесно, това не го знаехме. Интересно е, че той е първият политик, хоспитализиран заради вдигане на кръвното. Да се чуди човек как са се справяли Костов и Станишев при протестите по време на техните кабинети, без да вдигнат кръвното. Не е случайно, че в интернет веднага се появиха аналогии със здравословното състояние на бившите бизнес партньори на г-н Борисов, които се разболяват в момента, в който се окаже, че са подсъдими. Зевзеците твърдяха, че г-н

Борисов тренира за следващия си живот, извън политиката.

Какъвто и да е резултатът от изборите, не споделям тревогите на г-н Плевнелиев, че още едни избори щели да са много лоши и по-добре да има какъвто и да е кабинет, но не и избори. Не разбирам как може човек да се съгласи с този вариант, ако премиерът ще е Борисов, министърът на вътрешните работи – Цветанов, а финасовият – Дянков. Ще ми се г-н Плевнелиев да се е шегувал, но за съжаление мисля, че говореше сериозно.

Хората не бива да се плашат от извънредни избори, но трябва да мислят, ПРЕДИ да са гласували. След като си пуснал гласа си, колкото и да мислиш – все тая.

- Как ще се разпределят останалите сили? Партията на Меглена Кунева, на Волен Сидеров? Виждате ли други сигурни „печеливши”?

- Волен ще си вземе неговите проценти, включително и благодарение на г-н Борисов и медиите. Във времена на безпорядък, когато капитанът първи напуска кораба, винаги има някой, който се възползва. Г-жа Кунева е съвсем друг тип политик – десен, европеец. Такива политици трудно могат да имат успех, но тя е като алтернатива на г-н Костов и мнозина от десните гласоподаватели вероятно ще я подкрепят. Искам единственият сигурен печеливш да е народът и държавността, но не съм убеден, че са много политиците, които искат същото.

- Какво трябва да направят победителите, за да възстановят спокойствието и да почистят Авгиевите обори на корпоративна България?

- Нищо. Не може да се очаква от политиците да свършат работата на хората. Може да се очаква да осигурят условия, в които хората да почистят оборите си. Но народът масово не иска да поема инициативата, не иска да работи, да оправи собственото си положение, а иска някой друг да го свърши. Няма как да се случи. Начинът за промяна започва с разбирането, че промяната е дело на всеки от нас, а не само на политиците. Ако политиците са като избирателите, то как да искаме те да чистят, щом избирателите хвърлят боклука си през балкона? Ами и политиците това правят!

- Следейки от разстояние, но и през лупа ставащото у нас, какво ви обнадеждава най-много?

- Това, че все пак има хора, които са готови да се жертват, да зарежат комфортния си живот в чужбина и да се върнат в България. Това, че има хора като Иван Костов, Сергей Станишев, Меглена Кунева, които жертват своя личен живот, за да се опитат да влеят малко ум и разум в един безумен политически свят.

- А кое ви натъжава?

- Това, че сме малка и бедна страна, в която за някой лев човек е готов да се превърне в звяр. Това, че не познаваме историята си и сме жертва на измислени историци националшовинисти. Болно е да гледаш как държава, която е на последно място по свобода на медиите, се опитва да се изкара с хилядолетни традиции.

Кои са хилядолетните традиции – тричането на кучета ли?

Или това, че като видим някой, че е умен и работите му идват отръки, казваме „Този трябва да служи на Господ“, след което го разпъваме на кръста, за да иде по-бързо на небето?

Ние сме страна със страхотни природни дадености, но и страхотно комплексиран народ. Все някой друг ни е виновен, все съседните страни са ни криви. Да, вярно е, че има история, която е болезнена, но е и вярно, че ако не можем да преодолеем историята си, не можем да вървим напред, защото непрекъснато сме обърнати назад в миналото. Ако за десетина години си наложим мораториум да не казваме нищо за времето преди 1989 г., мисля, че ще успеем доста бързо да преодолеем комплексите си като нация.

- Какви са вашите мисли за зачестилите самоубийства тук?

- Самоубийствата като брой не са се увеличили, но се забелязва нещо, което никога не го е имало в България – голям брой самоубийства чрез самозапалване. Дали това е в знак на протест срещу управляващите или срещу управляваните – няма как да разберем.

- Коя политическа тема ви отегчава? Ето сега например чета изказване на служебния министър-председател Марин Райков, който ни призовава да се обърнем към една европейска, забележете, ценност – солидарността. И призовава българските индустриалци да изразят своята солидарност към бедните. Не са ли това кухи фрази, пълни с неизпълними пожелания? И кой има нужда от това празно, неискрено според мен говорене?

- Г-н Райков вероятно си вярва и се опитва да говори така, както го казва Барак Обама, когато обяснява, че единият процент много богати американци трябва да плащат своята част от трудностите, за да има някаква справедливост. Просто нашият премиер е използвал друга дума. Аз също мисля, че по-богатите в България трябва да плащат повече. Не е редно човек с 300 лв. заплата да плаща изобщо данък върху доходите. Какви доходи са 300 лева месечно? Това е по-малко от необходимото, за да се оцелее!

- Как мислите, че може да се промени тази бедност?

- Само с развитие на бизнеса – индустриален, туристически, енергетика, информационни технологии. Нека си го кажем направо: България НЕ Е УНИКАЛНА ДЪРЖАВА.

Преди да ме обвините в липса на патриотизъм, нека уточня. Като България има десетки държави: малки, бедни, с население, което е комплексирано. То и големи държави с комплексирано население има, но все пак размерът има значение. България се съревновава с всички тези страни, за да намери своето място сред тях и най-много с една цел – да подобри живота на гражданите си. Но държавата не може да свърши работата на хората. Всички говорят, че сме били уникални с планините и морето си.

Но моля ви, хора – опомнете се!

Щяхме да сме уникални, ако можеше човек да отиде едновременно на ски, а на следващия ден да се пече на плажа при високи температури. Планините у нас не са най-доброто място в света, че дори и в Европа, за скиори. Морето не е най-доброто за летуване – плажовете са претъпкани, курортите са толкова гъсто застроени, че ги прави непривлекателни. Но най-важното е, че хората не осигуряват онова високо качество на обслужването, което би привлякло туристите с много пари. У нас идват непретенциозни туристи, които могат да хапват мазни банички и твърда царевица. Но това е само за туризма, можем да говорим много и за качеството на пътищата, липсата на здравно обслужване и т.н., и т.н.

Ако аз самичък мога да кажа как да се промени тази бедност, щях да настоявам да се промени Конституцията и да се върна в България, за да се боря за премиерския пост. Не, трябват общи усилия, за да се намери вярното решение за страната. Може би и служебният кабинет ще е в състояние да организира обсъждането на тези теми. Но в края на краищата, народът ще трябва да избере кое управление предпочита – това, което имаха до момента и им доведе една от най-тежките морални кризи, или онова, което ще им осигури развитието на страната по такъв начин, че хората ще станат по-отговорни за своята собствена съдба. Крайно време е след 24 г. демократично развитие да се разбере, че

трябва да се мисли преди изборите, а не след тях. След тях е късно!

В този ред на мисли не забравяйте, че когато гласувате, водени от чувствата, а не от разума си, обикновено избирате уникално прости политици. Спомнете си за Симеон, когото избрахте независимо от това, че от официалната му биография липсваха над 30 г., а Борисов го избрахте независимо от това, че в биографията му имаше бизнес с хора, които бяха разстреляни показно по софийските улици.

- Най-смешното от последните четири години? Има ли случка или ситуация, която искрено ви развесели?

- За титлата “клоун на кабинета” в предишното управление се конкурират много кандидати – като започнем от Цветанов (моя предпочитан победител), та минем през недоразуменията, станали министри или депутати… И ситуациите, в които се веселихме, обикновено са свързани с техни изказвания. Вземете което и да е неписано изказване на г-н Цветанов, опитайте се да го прочетете или разберете, ако го гледате в YouTube, и си сложете ръка на сърцето: разбрахте ли каквото и да е от казаното? Изречения, които нямат връзка помежду си, купешки думи, използвани не там, където им е мястото…

Да не говорим за онзи случай, в който му се наложи да гони една муха, която бръмчеше около него в студиото на бТВ и той се сърдеше (за сравнение – когато в аналогичен случай една муха пречеше на Барак Обама по време на интервю, той просто я хвана с ръка). Но някак си не ми е весело, когато си спомня за патоса, за плюнките от устата му, когато обявяваше хората за престъпници.

Липсата на държавност не може да бъде смешна.

Leaving a comment is a great way to interact with an article, its author and the broader public. But who shold be liable if the comment is derogatory? (c) Kettemann, 2011Should Google (or other Internet plattform providers) be held liable for content uploaded by users? 

Yes, said an Italian tribunal - even the managers can we held personally liable. No, said an Italian higher court. 
Yes, said a British court, if they do not react immediately. 
We see: the question of publisher's liability is a tricky one. Should it lie with the blogger or the company that provides a blogging plattform? 
Italian courts (briefly) allow personal (criminal) liability for online content
In September 2006 an individual posted a a video on Google videos that showed the taunting of a disabled child by other children. The video was online for three months before being removed by Google. The authors of the video were prosecuted (after Google provided identifying information), but so were four executives of Google for, as an article in the International Journal of Law and Information Technology  has it, “defamation and violation of data protection rules” in the form of “co-participation” and for illicitly processing personal and health data for profit." 
The Tribunale di Milano in 2010 (case no. 1972/2010) passed suspended prison sentences for three of the executives for the data protection violations. The tribunal did not find any guilt regarding co-participation in defamation as the current Italian legislation did not provide for Internet Service Providers’ liability for negligence in regarding delayed removal of postings. 
After outspoken criticism of the decision, an appeals court, on 21 December 2012, reversed the convictions and acquitted the three men. It argued, inter alia, that “[t]he possibility must be ruled out that a service provider, which offers active hosting can carry out effective, pre-emptive checks of the entire content uploaded by its users. […] An obligation for the Internet company to prevent the defamatory event would impose on the same company a pre-emptive filter on all the data uploaded on the network, which would alter its own functionality.”Or, as Reuters put it in the title of an article reporting on the published judgement on 27 February 2013: "Google not expected to check every upload says Italian court". Such a pre-emptive filtering system would not only alter the network’s functionality but also violate freedom of expression, at least if such a system was imposed by a state, as the European Court of Justice ruled in SABAM v. Netlog NV (16 February 2012), C-360/10.
If some Google executives could  breath a sigh of relief, others had to worry. 
UK courts confirm publisher's liability for Google
On 14 February 2013, the Court of Appeal of England and Wales ruled, in Payam Tamiz v. Google Inc., that Google can be held liable for comments published on Blogger, its online blogging platform, unless it reacts immediately to a complaint.
The appeals judgment reversed a 2012 ruling which had considered, in line with international jurisprudence, that an Internet platform should not be treated as a publisher. 
Google had received complaints regarding certain comments on a blog post and had forwarded them on to the blogger who waited five weeks to delete them. The British NGO Article 19 considered the judgment to be a “serious step back for free speech online”
The judgment means, in effect, that the notice and takedown system is strengthened. This system encourages content hosts, such as Google (but also individual bloggers who have activated their commentary function) to immediately delete even potentially defamatory material immediately after having been notified even if the material is not illegal at all. 

This can have negative chilling effects. According to Article 19, this creates a situation where intermediaries will be more likel to censor "perfectly legitimate speech". 

(I'm not sure I agree with the notion of "legitimate" speech. I'd call the speech just 'perfectly legal'). 
Indeed, the ruling is bad news for free speech online, but - given the circumstances of the case (the connection to an election, the long period of five weeks without deletion of the comment) - probably not surprising. 
Future judgements will most likely draw a finer line. 
The negative implications of intermediaries being more likely to censor perfectly legitimate speech" is no new fear - and definitely not one connected only to this judgement. 
Intermediaries have always censored perfectly legitimate speech because of a variety of reasons, notably because they want a clean, safe and happy plattform on which users stay long, pay attention to ads and, ideally, also spend money. 
The trend, though, is worrying. 
And what is further worrying is the divergence between judgements even within Europe, which is bound to the European Convention on Human Rights and (for almost all EU states) the Fundamental Rights Charter. 
Strasbourg might want to have its say. And it can. 
For more on that, wait for the next posting.
And by the way: Comments are, as usual, enabled.

As attack vectors go, very few are as significant as obtaining the ability to insert bespoke code in to an application and have it automatically execute upon "inaccessible" backend systems. In the Web application arena, SQL Injection vulnerabilities are often the scariest threat that developers and system administrators come face to face with (albeit way too regularly). In fact the OWASP Top-10 list of Web threats lists SQL Injection in first place.

This "in the wild" SQL Injection attempt was based upon the premise that video cameras are actively monitoring traffic on a road, reading license plates, and issuing driver warnings, tickets or fines as deemed appropriate by local law enforcement.
(Click to Enlarge)More often than not, when security professionals discuss SQL Injection threats and attack vectors, they focus upon the Web application context. So it was with a bit of fun last week when I came across a photo of a slightly unorthodox SQL Injection attempt — that of someone attempting to subvert a traffic monitoring system by crafting a rather novel vehicle license plate.

My original tweet got retweeted a couple of thousand of times — which just goes to show how many security nerds there are out there in the twitterverse.

This "in the wild" SQL Injection attempt was based upon the premise that video cameras are actively monitoring traffic on a road, reading license plates, and issuing driver warnings, tickets or fines as deemed appropriate by local law enforcement.

At some point the video captures of the passing vehicle's license plate must be converted to text and stored — almost certainly in some kind of backend database. The hope of the hacker that devised this attack was that the process would be vulnerable to SQL Injection — and crafted a simple SQL statement that could potentially cause the backend database to drop (i.e. "delete") the table containing all of the license plate information.

Whether or not this particular attempt worked, I have no idea (probably not if I have to guess an outcome); but it does help nicely to raise attention to this category of vulnerability.

As surveillance systems become more capable — digitally storing information, distilling meta-data from image captures, and sharing observation data between systems — it opens many new doors for mischievous and malicious attack.

The physical nature of these systems, coupled with the complexities of integration with legacy monitoring and reporting systems, often makes them open to attacks that would be classed as fairly simple in the world of Web application security.

A common failure of system developers is to assume that the physical constraints of the data acquisition process are less flexible than they are. For example, if you're developing a traffic monitoring system it's easy to assume that license plates are a fixed size and shape, and can only contain 10 alphanumeric characters. Meanwhile, the developers of the third-party image processing code had no such assumptions and will digitize any image. It reminds me a little of the story in which reuse of some object-oriented code a decade ago resulted in Kangaroos firing Stinger missiles during a military training simulation.

While the image above is amusing, I've encountered similar problems before when physical tracking systems integrate with digital backend processes — opening the door to embarrassing and fraudulent events. For example, in the past I've encountered similar SQL Injection vulnerabilities within systems such as:

• Toll booths reading RFID tags mounted on vehicle windshields — where the tag readers would accept up to 2k of data from each tag (even though the system was only expecting a 16 digit number).
• Credit card readers that would accept pre-paid cards with negative balances — which resulted in the backend database crediting the wrong accounts.
• RFID inventory tracking systems — where a specially crafted RFID token could automatically remove all record of the previous hours' worth of inventory logging information from the database allowing criminals to "disappear" with entire truckloads of goods.
• Luggage barcode scanners within an airport — where specially crafted barcodes placed upon the baggage would be automatically conferred the status of "manually checked by security personnel" within the backend tracking database.
• Shipping container RFID inventory trackers — where SQL statements could be embedded to adjust fields within the backend database to alter Custom and Excise tracking information.

Unlike the process of hunting for SQL Injection vulnerabilities within Internet accessible Web applications, you can't just point an automated vulnerability scanner at the application and have at it. Assessing the security of complex physical monitoring systems is generally not a trivial task and requires some innovative approaches. Experience goes a long way.

Written by Gunter Ollmann, Chief Technology Officer at IOActive

Follow CircleID on Twitter

More under: Security

The results of an excellent study made, for reasons that will become clear, by an anonymous author reaches this conclusion:

So, how big is the Internet?
That depends on how you count. 420 Million pingable IPs + 36 Million more that had one or more ports open, making 450 Million that were definitely in use and reachable from the rest of the Internet. 141 Million IPs were firewalled, so they could count as "in use". Together this would be 591 Million used IPs. 729 Million more IPs just had reverse DNS records. If you added those, it would make for a total of 1.3 Billion used IP addresses. The other 2.3 Billion addresses showed no sign of usage.

Notice that, of the roughly 4 billion possible IPv4 addresses, less than half appear to be "owned" by somebody and only 591 million appear to be active.

The problem is, to make the study, the author created a botnet — that is he wrote a small program that took advantage of insecure devices to enlist additional machines to help in the study. What is amazing (if you are not a security researcher) is the extent to which he was able to coop insecure devices testing only four name/password combinations, e.g. root:root, admin:admin and both without passwords.

This is very valuable research and it was apparently done without causing anyone any harm. None-the-less, the US government has treated this kind of research as a crime in the past even before all the cyber security laws of the past decade. So I hope this researcher anonymity holds.

Written by Brough Turner, Founder & CTO at netBlazr

Follow CircleID on Twitter

More under: Web

The first round of Initial Evaluation results has been released exactly on schedule. On March 23, ICANN announced that 27 out of 30 new gTLD applications reviewed this round passed Initial Evaluation. The remaining three applicants are still marked as in Initial Evaluation. For more details see, '27 Applicants Passed Initial Evaluation in the First Round' via www.GetNewTLDs.com.

Follow CircleID on Twitter

More under: ICANN, Top-Level Domains

The Writing's On The Wall

Well it is not new that the US has always maintained that the Internet should be a tax free zone as per the US Congress's Tax Freedom Act 1998 (authored by Representative Christopher Cox and Senator Ron Wyden and signed into law on October 21 1998 by then President Clinton) which following expiry continued to be reauthorized and its most recent re-authorization (legal speak for extension) was in October 2007 where this has been extended till 2014. It is unclear whether there will be another extension post 2014. There is a moratorium on new taxes on e-commerce, and the taxing of internet access via the Tax Freedom Act. Whilst the US Congress's Tax Freedom Act 1998 bars federal, state and local governments from taxing Internet access and from imposing discriminatory Internet only taxes such as bit taxes, bandwidth taxes and email taxes, it also bars multiple taxes on electronic commerce. It does not exempt sales made on the Internet from taxation, as these may be taxed at the same state and local sales tax rate as non Internet sales.

New Bill in the House

With the introduction of the US Marketplace Fairness Act in 2013 in both the Senate and the House of Representatives will make for some interesting discussions and lobbying at the Hill. Whilst the Bill in its current form acknowledges the exemptions that are currently in place — the manner in which discussions play out by the manner in which both Senators and Representatives are having reflect a change in atmospheric pressure — which in my mind is significant.

In 1998 the US Senate voted 96-2 to approve the Tax Freedom Act and the mere fact that the new Bill has 28 Co Sponsors and in the House of Reps, there are 47 co sponsors is indicative of either a shift in paradigm or that State coffers are screaming to be filled.

The S.336 Marketplace Fairness Act of 2013 introduced on February 14 day, 2013 and sponsored by US Senator Michael Enzi [R-WY] There are 28 co-sponsors (21D, 6R, 1I).

There is a prognosis that the Bill might not get past the Committee and 0% chance of getting enacted.

The H.R.684: Marketplace Fairness Act of 2013 introduced on February 14, 2013 and sponsored by US Rep. Steve Womack [R-AR3] had 47 cosponsors (25D, 22R). There is a prognosis that it has a 28% chance of getting past the committee and 11% chance of getting enacted.

To Tax or Not to Tax

The term 'electronic commerce' (e commerce) means any transaction conducted over the Internet or through Internet access, comprising the sale, lease, license, offer, or delivery of property, goods, services, or information, whether or not for consideration, and includes the provision of Internet access.

As early as 2000, the problems of tax free e commerce was discussed during the first E Commerce Roundtable meeting in Washington D.C. If e-commerce proceeds untaxed, it would mean that state treasuries would face an eroding tax base. States within the United States of America rely on sales tax for approximately 25-40% of their revenue. As such there is a trade-off or opportunity cost as other taxes may have to increase to make up for the deficit caused by tax-free e-commerce.

The deficit caused by tax free e-commerce means that other taxes may be subjected to increase and also potential funding may be siphoned away from other priority areas. Traditional firms or businesses who do not trade electronically are at a disadvantage as they are forced to collect sales tax at the register. This is why it is sometimes cheaper to purchase a pair of boots online than if you were to walk into a traditional store.

One of the issues that was discussed in the E commerce round table meeting was the widening of the digital divide where people without credit cards or Internet access may be forced to shoulder the burden of sales tax.

E Commerce is blossoming

Global business-to-consumer e-commerce sales will pass the 1 trillion euro ($1.25 trillion) mark by 2013, and the total number of Internet users will increase to approximately 3.5 billion from around 2.2 billion at the end of 2011, according to a new report by the Interactive Media in Retail Group (IMRG), a U.K. online retail trade organization as reported by Internet Retailer dot com . The study estimates that business-to-consumer e-commerce sales in 2011 increased to 690 billion euros ($961 billion), an increase of close to 20% from a year earlier.

According to that study, the US remains the world's largest single market as far as e commerce goes. The same study highlighted that with China's phenomenal growth rates that it is speculated to surpass the United States in this regard shortly.

The US Department of Commerce reported that Total Retail Sales from the fourth quarter of 2012 was estimated at $1,105.8 billion which is an increase of 4% from the third quarter of the same year.

Only Time Will Tell

Whether the US Marketplace Fairness Act will eventually get passed and enacted is something that only time will tell but the timing is certainly interesting.

Written by Salanieta Tamanikaiwaimaro, Director of Pasifika Nexus

Follow CircleID on Twitter

More under: Internet Governance, Law, Policy & Regulation

Going back in time can lead to
 interesting insights. Be it on the 
challenges facing the Internet or the 
advantages of growing a beard.In my research for a book on Freedom of Expression and the Internet that I’m co-authoring for the Council of Europe, I came across an article published 20 years ago that takes us back in time: 

Philip Elmer-Dewitt, First Nation in Cyberspace. Twenty million strong and adding a million new users a month, the Internet is suddenly the place to be, TIME International, 6 December 1993, no. 49, available online thanks to – of all – the chemistry department at FU Berlin.

In 1993, Time magazine ran an article on the emergence of the Internet. It seems to come from a completely different world. “Suddenly the Internet is the place to be,” Time writes,
“American college students are queuing up outside computing centers to get online. Executives are ordering new business cards that show off their Internet addresses. Millions of people around the world are logging on to tap into libraries […]. Even the U.S. President and Vice President have their own Internet accounts.”Imagine that: Students are queuing up to get online. Today they will be angry if the WLAN is slow. And they will only queue up to get new devices to go online.

What we consider today to be one of the key features of the Internet, namely the ubiquity of information and its uncoordinated, decentralized provision of information was a major issue 20 years ago. Time again:
“But the Internet is not ready for prime time. There are no TV Guides to sort through the 5,000 discussion groups or the 2,500 electronic newsletters or the tens of thousands of computers with files to share.”
Oh dear: there is no one ‘guide’ to the Internet.

Back in 1993, Companies were not yet active online: The Internet, as Time wrote 
“will have to go through some radical changes before it can join the world of commerce. […] It does not take kindly to unsolicited advertisements; use electronic mail to promote your product and you are likely to be inundated with hate mail […] ‘It's a perfect Marxist state, where almost nobody does any business,' says [University of Pennsylvania information science professor] Farber.’ But at some point that will have to change.”As we all know, this has indeed changed substantially. Now, everybody does business online. And hate mail is no longer sent to spammers; indeed, they would probably appreciate that as it would signal that a spammed e-mail account was active.

Yet all was not well in 1993’s Internet: Early on the Internet contained speech that was deemed problematic:
“People […] may be in for a shock. Unlike the family-oriented commercial services, which censor messages they find offensive, the Internet imposes no restrictions. Anybody can start a discussion on any topic and say anything.”Imagine that: Anybody can say anything. We know, of course, that is it not true. Laws (e.g. against hate speech) that apply offline also apply online. They may just be more difficult to enforce.

But even twenty years later this general right of anybody to “start a discussion on any topic and say anything” remains at the center of the right to freedom of expression online. A lot has changed in two decades, but free speech continues to fuel the Internet as a catalyst for human rights.

The Internet, as far as it can be personalized as ‘The Internet’, supports human rights protection online through its foundational principles, including net neutrality, the open architecture of the network and the end-to-end principle. As Internet activist John Gilmore put it in the Time article: “The Net interprets censorship as damage and routes around it”.

A growing number of states apply national policies to the Internet that limit Internet freedom and destroy in part or in whole the potential of the Internet as a catalyst for change and for reaching a higher level of human rights protection.

In retrospect, 1993 – though it was two years after the introduction of the World Wide Web in 1991 – seems like a long time ago. But we should pay attention: We do not know what the future holds.

The speed in which the Internet develops intensifies; a version of Moore’s Law is applicable not only to data processing but to data availability as well. We do not how what challenges will exist for freedom of expression in one year, five years or 20 years.

What four lessons can be draw from the Time article.

1. The technological innovations of the future are impossible to predict. 
2. What seems exciting, revolutionary and new can – in retrospect – look tiny, puny and unimportant. 
3. To understand the key challenges of today, it makes sense to go back in time. 
4. Technologies change, but law lasts. 

The standards developed by the European Court of Human Rights (and it institutional predecessor, the Commission) over more than 60 years hold true today and will hold true, with some adaptions, tomorrow. The key of that standard is the commitment to safeguarding freedom of expression and accepting only interferences when they are legal, pursue a legitimate goal and are necessary and proportionate with regard to the goal pursued.
As a post-script: If you liked the Time article, you’ll love this interview, also from 20+ years ago, with Isaac Asimov, who talks in glowing terms about the potential of the Internet. Everyone can have access to all human knowledge, he says. “Every student has his or her private school and it belongs to them. […] They can be dictators of what they want to study.” 
If I had only known that back in 1993, sitting in school at 10, fidgeting because I was looking forward to soccer practice.

Two approaches can be taken towards the development of Fiber to the Home (FttH). One is all about its commercial potential — the sale of the most awesome commercial applications in relation to video entertainment, gaming and TV. The other is a perhaps more sophisticated approach — from the perspective of social and economic development.

Of course the two are not mutually exclusive. Those who successfully follow the commercial route create an infrastructure over which those other social and economic applications will eventually be carried as well. This is quite a legitimate route, but the reality is that most people in this situation will say 'the FttH entertainment applications are absolutely awesome, but totally useless'. In other words, nice to have but it is highly unlikely that people will pay for them.

We basically see this with such commercial FttH deployments around the world. Commercial FttH subscriptions cost consumers well over $100 per month, and at such a price penetration in developed countries will reach no more than approximately 20%. That will not be sufficient mass to launch other social and economic applications over such a network.

If we are serious about those national benefits we will have to treat FttH differently — not just as another telecoms network, but as national infrastructure. However the all-powerful telcos will fight such an approach tooth and nail, since that would make their network a utility. They are used to extracting premium prices based on their vertically-integrated monopolies and they are in no mood to relinquish this. Simply looking at the amount of money telcos spend on lobbying reveals that they do not want to see government making any changes to their lucrative money-making schemes.

It will be interesting to see what Google Fibre in Kansas City will do. Its price is more affordable (around $75) but it is still operating on that 'awesome entertainment' level. Will it be able to attract sufficient customers to eventually create that broader infrastructure that will be used by a far greater range of applications? We estimate that it would be able to achieve around 40% penetration, and if it could move past 'awesome but useless' that could grow to 60%. By that time sufficient mass would have been created to move to the next stage. So, all very doable over, let us say, a five-year period.

The good thing is that if any company can create such a breakthrough development it is Google. It is not a telco. It simply wants to prove the business case — that FttH makes business sense. If it can prove the commercial success of Ftth it is more likely that other telcos will follow. There is no way Google on its own can fibre the USA, let alone the world. So its role in relation to Google Fibre is to extend the global FttH footprint by example, as that would allow it to increase the number of next-gen applications and service. With its dominant position in this market the spill-over from that is many times larger than the financial gains the company can make running a FttH network.

Written by Paul Budde, Managing Director of Paul Budde Communication

Follow CircleID on Twitter

More under: Access Providers, Broadband

The involvement of stakeholders in normative processeshas an impact on the legitimacy of their outcome.There is an interesting iscussion going on on a list I am a member of on the true meaning of multistakeholderism and its relationship to legitimacy.

In a post, Mike Gurstein set out to defend multistakeholder processes as a framework of decision-making, but not a means to -necessarily - increase legitimacy.

He writes: "Multistakeholder processes could and should enhance democracy by increasing opportunities for effective participation by those most directly impacted by decisions and particularly those at the grassroots who so often are voiceless in these processes""To do this means shifting away from multistakeholderism as a “means of legitimation” to being one among many strategies for making democracy more workable in this era of enhanced communications, enhanced interactivity and accelerated change."While I agree with Mike on the importance of enhancing democratic participation in the development of norms, I feel that the legitimating dimension of multistakeholder processes may be underestimated.
I've written on the relationship of multistakeholderism and legitimacy at length in my recent book, but I'll restart my points here. Building on Thomas M. Franck, The Power of Legitimacy Among Nations (Oxford: Oxford University Press, 1990), I argue that how legitimate a norm can be is to be measured according by referring to its determinacy (ascertainable normative content), symbolic validation through an authority figure, coherence, and adherence to a broader system of rules.
These legitimacy criteria can be refined and regrouped for application with regard to the law of Internet Governance. 
I've suggested in my thesis that an International Internet norm is legitimate if it meets a formal and a material legitimacy requirement:- formally, it needs to be symbolically validated through its emergence in a multi-stakeholder process (the input and throughput dimension of legitimacy),- materially, it needs to be determinate enough for its purpose (thus allowing for non-binding instruments), cohere with the Internet’s core principles and be consonant with the values of Internet Governance, and adhere systematically to the broader normative system of Internet Governance (the output dimension of legitimacy). Multistakeholderism provides for a strong legitimation base for norms flowing out of representative and inclusive normation processes because of the triad of legitimating sources: the three key stakeholder groups (states, the private sector, and civil society).

Multistakeholderism as an approach is thus the best approximation of an ideal discourse we have. And an ideal discourse on norms is what we should strive for, because the norms developed in such a discourse, are legitimate in light of the criteria developed above. 

One example for that approach (and the consequences of ignoring it) is ACTA.
One of the main arguments brought forth by civil society against ACTA was that it was debated in secret without civil society involvement. The European Commission argues that this was untrue, but it was - also due to  reasons of EU competence -  mainly a Commission- and state-led exercise. 
I conclude in my book that any multistakeholder approach must ensure equilibrium between the actors and their normative inputs to the greatest extent possible. Therefore, the provision of clear procedural rules on how different stakeholders can contribute is necessary. Developing this on an international level is one of the more important challenges international law will face in the years to come.
By now, Internet Governance Law has developed to a point where individuals have a heightened expectation of legitimacy. There is an expectation of consultation with stakeholder groups; and there are – in certain areas of norm production – corresponding commitments to multistakeholderism by governments. These go back to the World Summit on the Information Society and have been reified in the declarations of rights and principles. 
Even though the European Commission was able to show that it had consulted other stakeholders (but barely so) and that the European Parliament was involved (to a limited degree) in the review of the results of ACTA negotiations, this was not perceived to be enough by certain civil society forces who organized, motivated by the emotionalizing power of an envisaged ‘assault’ on the Internet, a powerful movement against ACTA. This campaign ultimately let the norm entrepreneurs – states – to hold back from signing and ratifying ACTA. That ACTA included certain multistakeholder elements, though it was led by the Commission and thus could only demand technocratic-rational legitimation, did not sufficiently allow for an actualization of the expectation of legitimacy with regard to the normative output.
The implication for international treaty negotiations is this: There is a certain consonance between the post-interposition character of a regime and the level of multistakeholder participation expected by the community. The more individual-centric a regime traditionally is (or the greater individuals feel their involvement should be), the higher the level of multistakeholder participation must be provided for, for both forces to be in consonance. In civil society’s view, the result of the ACTA negotiations exhibited legitimatory dissonance. 
The integration of all stakeholders is essential for discovering, in the pre-normative phase, the challenges that regulatory attempts need to overcome and the regulatory demand they set out to answer. The multi-stakeholder approach, therefore, to which the international community is firmly committed with regard to Internet Governance law, has serious implications for the way in which international treaties should (and will) be negotiated in the future. 

I believe in multistakeholder processes. I think along with my community informatics colleagues, that decisions should be made as close to those impacted as possible. I think that those impacted by decisions should be involved in those decisions. I think that multistakeholder processes potentially provide a means for the otherwise voiceless to have a voice in broader policy and programme decisions.

Can social media users request anonymity from
social media companies? A German Data
Protection Office thinks so. (c) Kettemann 2011Wolfgang Benedek an I have been invited to write a book for the Council of Europe on "Freedom of Expression and the Internet". As we have were finalizing the manuscript I was struck again by the breadth of human rights challenges online. It seems that every day brings new decisions, new directions, new answers (but also new questions). 

In the few days since we've handed in our manuscript, for instance, new developments happened in the French #UnBonJuif case and Microsoft followed Google and Twitter to release its transparency report on law enforcement requests.

Privacy on social networks is valued deeply by some and considered superflouos by others (or at least their carless approach to personal data lets you think that). 
The NY Times reported with regard to Skype that 
"In 4,713 cases last year, Microsoft disclosed administrative details of Skype accounts — like a user’s Skype ID, name, e-mail address and billing information, as well as call detail records if a person subscribed to a Skype service that connects to a telephone number. But Microsoft said it had released no content from Skype transmissions last year. It has said that the peer-to-peer nature of Skype’s Internet conversations means the company does not store and has no access to past conversations."This leads to the question how we can protect our privacy in social networks. One approach is anonymity or pseudonymity. Social media services providers dislike both, because they make interacting with users (and personalizing ads) more difficult. For them, an identifiable user is a more valuable user.
But Facebook's real name policy als leads to interesting legal questions, especially since the  regional data protection office of the German state of Schleswig-Holstein started an initiative to safeguarding freedom of expression online  
Back in December 2012, the Office ordered Facebook change its real name policy and allow for the use of pseudonyms. 
The Office based its arguments on para. 13 (6) of the German Telemediengesetz (TMG; Telemedia Act) which obliges online service providers “to enable the anonymous or pseudonymous use of telecommunications media […], as far as technically possible and reasonable”. (my translation)According to the Office, the German legislation is compliant with European law and serves to protect “in particular the fundamental right to freedom of expression on the Internet”. 
Though identify theft and abuse of social networks is a problem, the real name obligation does not prevent them effectively. Therefore, the Office concluded, “[t]o ensure the data subjects' rights and data protection law in general, the real name obligation must be immediately abandoned by Facebook”. 
Facebook did not go down without a fight.
Two months after the decisions by the Data Protection Office, on 14 February 2013, the Upper Administrative Court of the German state of Schleswig-Holstein agreed to suspend the ruling of the Office on the grounds that German data protection law was not applicable as the relevant collection of data takes place in Ireland (where Facebook Ltd. is incorporated)
The Office announced that it would appeal against the suspension.
The two decisions raise the larger issue of how international Internet companies should react to different standards in national and regional decisions and legislation. It is important to clarify that certain standards have to be met and that international human rights commitment, and especially commitment to freedom of expression online are respected. It also raises the question how to ensure that an authoritative standard of interpretation of freedom of expression, as developed by the ECtHR, can be translated for the local and regional offices and judiciaries.
As I wrote earlier, human rights-related developments online happen quickly. A great overview is provided by the Internet & Jurisdiction project. Both their annual report 2012 and the  summary of the key trends they see emerging is worth reading.

One of the good things about participating in the meetings of the UN Broadband Commission for Digital Development is seeing the amazing impact our industry has on the daily lives of literally billions of people. While everybody — including us — is talking about healthcare, education and the great applications that are becoming available in these sectors, the real revolution is taking place at a much lower level.

If one looks in particular at those who live below the extreme poverty line of $1.25 per day then e-health and e-education are certainly not the first applications that reach these people. The most fundamental change happens when people get access to communications — thus extending their network beyond neighbours, who are probably living below the poverty line as well, and so are unable to do much to lift the community out of its misery. In the 1990s Broadband Commissioner Muhammad Yunus through his Grameen Bank initiative showed that a simple mobile phone (2G) in a Bangladesh village, and, by extension, in any other village operating below the poverty line, can lift the local economy by 20%. This technology gives access to data, and people can make calls to find out what is the best market to go to today to sell the fish they just caught, or find out what the market price is for their wheat (not just the price that their middleman is quoting).

Access to facts is liberating people, and with facts they can start improving their lives. Once people know something, it cannot be taken away from them and therefore will create a lasting change. People will use that knowledge, data and information to make social and economic improvements.

On a larger scale the same thing happens when access is obtained to facts that go beyond what the local politicians are providing, or hiding. The Arab Spring is a good example here. While its end result is not yet clear there is no way back once people have the facts; again, this is a very liberating experience and will ultimately lead to improving people's lives and lifestyles.

Another of the Broadband Commissioners, Dr Mohamed Ibrahim, the founder of Celtel in Africa, is a staunch supporter of the movement 'one.org'. This grassroots, non-political organisation is concentrating on eradicating extreme poverty and statistics are showing that this could be possible before 2030.

Extreme poverty has already declined and this trend is accelerating. In 1990 43% of the global population fell into the category of extreme poverty; by 2000 this had dropped to 33%; and by 2010 it had dropped further, to 21%. Interestingly, the fastest acceleration of this trend is taking place in most of the poorest countries in Africa.

Rock star and activist Bono stated in a recent TED presentation that the major obstacles to this process of acceleration are inertia, loss of momentum and corruption. The silver lining here, especially in relation to the latter, is that again technology is a driving force for change. With access to communications and facts it becomes much easier to expose corruption. Technology makes it easier to create a more transparent society and, while corruption will never be stamped out altogether, extreme corruption will be greatly reduced.

It is great to work with the Broadband Commission to develop projects and programs, using our technologies, to ensure that the social and economic processes accelerate these positive developments, creating greater equality. The high ranking of those involved makes it possible to get these messages across at the highest levels of government and the highest level governance of the international organisations addressing these issues.

Written by Paul Budde, Managing Director of Paul Budde Communication

Follow CircleID on Twitter

More under: Access Providers, Broadband

Във връзка с наближаващите избори, от екипа с асове на PR-а в ГЕРБ показват на Бойко проекта на изборния лозунг на ГЕРБ: “Бог, България, Бойко”
- Не искам да налагам своето мнение – казва Бойко, – но за мен е очевидно, че една от тези думи е излишна. За да е всичко демократично, организирайте експертна комисия.
- Слушам, г-н Борисов!
- И не забравяйте да включите в нея повече атеисти…

A policy change now being considered by the European IP address registry RIPE-NCC would completely eliminate needs assessments as an eligibility criterion for acquiring IPv4 number blocks. If successful, policy proposal 2013-3 would liberalize the allocation and use of IPv4 number blocks, and open the door to a much more efficient and predictable market for [...]

Tallinn Manual on the International Law Applicable to Cyber Warfare
Paperback / ISBN:9781107613775
Publication date: March 2013The newly released handbook applies the practice of international law with respect to electronic warfare. The Tallinn Manual on the International Law Applicable to Cyber Warfare — named for the Estonian capital where it was compiled — was created at the behest of the NATO Co-operative Cyber Defence Centre of Excellence, a NATO think tank. It takes current rules on battlefield behaviour, such as the 1868 St Petersburg Declaration and the 1949 Geneva Convention, to the internet, occasionally in unexpected ways.

"The product of a three-year project by twenty renowned international law scholars and practitioners, the Tallinn Manual identifies the international law applicable to cyber warfare and sets out ninety-five 'black-letter rules' governing such conflicts. It addresses topics including sovereignty, State responsibility, the jus ad bellum, international humanitarian law, and the law of neutrality. An extensive commentary accompanies each rule, which sets forth the rule's basis in treaty and customary law, explains how the group of experts interpreted applicable norms in the cyber context, and outlines any disagreements within the group as to each rule's application."

Related Links:
First cyber war manual released The Age, Mar.20.2013
Tallinn Manual on the International Law Applicable to Cyber Warfare Cambridge University Press

Follow CircleID on Twitter

More under: Cyberattack, Law, Policy & Regulation

In advanced circles discussing future forms of governance and particularly governance structures in areas impinging on or being impinged upon by the Internet, one of the most widely discussed and promoted is that of Multistakeholderism (MSism).

Sender Address Validation and Authentication (SAVA) is the silver bullet. It will send to Cyberia all dark forces that make us shiver when we make a purchase on the internet, pose a threat to our very identities and have made DDoS a feared acronym.

Some of you will remember the heated debates when Calling Line Identification (CLID) was first introduced in telephony. Libertarians of all stripes called passionately to ban such an evil tool threatening our most precious civil liberties like the impunity of calling home from the bar, pretending to be still at work or with a customer. Today everybody welcomes the decline of crank and obscene calls even if telemarketers can continue to be a nuisance. Will SAVA be for the internet what CLID was for telephony?

One of the beauties and at the same time a source of potential vulnerability of the internet design is that it forwards packets connectionless, hop by hop, based on the destination address. This has proven a cornerstone of the amazing resiliency and scalability of the internet. The flip side is that this makes the blue box offspring, address spoofing more prevalent. From making occasional free calls in the 'telephony era', internet address spoofing now substitutes legitimate source addresses to fraudulently obtain personal information from unsuspecting end-users or wreak havoc flooding network hosts, DNS systems and even networks with DDoS attacks. So much so that a number of ISP's now offer 'scrubbing services' to their customers. Zacks Investment sees Cyber Security firms as a major investment opportunity. This is surely a growing and lucrative market segment; I might follow their advise.

SAVA was first presented at an IEEE conference in 2007 and subsequently proposed as a RFC to the IETF in 2008 with Tsinghua University of Beijing as lead author. The paper addressed the need for source address verification on the access network, intra-AS within a network, and inter-AS between networks across BGP boundaries. This led to the creation of a quite active IETF working group called SAVI to tackle the subject. An informational draft issued this February provides a good overview of a variety of 'attack vectors' and threats. How fast some of these RFC will be completed and approved and, more importantly, implemented remains however an open question.

China has reported that it is experimenting with a SAVA implementation in its CNGI (China Next Generation Internet) IPv6 only based R&E network, in no less than the United Kingdom's prestigious Philosophical Transactions of the Royal Society. This has in turn triggered some activity in the blogosphere ranging from more factual to a bit more alarming. Concluding yet again that China is light years ahead of the United States in IPv6 deployment remains questionable however. While CNGI has without question been the benchmark for native IPv6 deployment for many years in a Research and Education Networking environment, China has been really lagging so far in the commercial deployment of IPv6. They obviously bide their time.

While some will argue that SAVA would undermine their civil liberties and individual freedom especially when they prefer anonymity in whatever they are doing on the internet and others will see it as another step to big brother watching us, the need for better security is undeniable and even more urgent as we accelerate towards a mobile broadband data environment. IDC predicts that, this year, smartphone sales will for the first time surpass feature phones. Mobile operators enjoy usage based services and billing; to correctly identify the source will always remain essential to revenue generation and corporate wellbeing. And what would the impact be of a DDoS attack choking a major LTE network?

Major ISP's and mobile operators might want to track SAVA more closely; ça va ou ça va pas?

Written by Yves Poppe, Director, Business Development IP Strategy at Tata Communications

Follow CircleID on Twitter

More under: DDoS, DNS Security, IPv6, Security

Google today announced that its "Public DNS" service is now performing DNSSEC validation. Yunhong Gu, Team Lead for Google Public DNS, in post today wrote:

"We launched Google Public DNS three years ago to help make the Internet faster and more secure.Today, we are taking a major step towards this security goal: we now fully support DNSSEC (Domain Name System Security Extensions) validation on our Google Public DNS resolvers. Previously, we accepted and forwarded DNSSEC-formatted messages but did not perform validation. With this new security feature, we can better protect people from DNS-based attacks and make DNS more secure overall by identifying and rejecting invalid responses from DNSSEC-protected domains."

Follow CircleID on Twitter

More under: DNS, DNS Security, Security