International Telecommunication Union   ITU
 
 
Site Map Contact us Print Version
 Thursday, August 04, 2005

From the Washington Post: To keep criminal hackers at bay, VeriSign, keeper of the master Internet address book, has been throwing mind-boggling amounts of money and computing firepower at security. VeriSign considers 2004 "the turning point" in the conflict because the bad guys exhibited such dramatic leaps in creativity, sophistication and focus.

 

Thursday, August 04, 2005 4:31:47 PM (W. Europe Standard Time, UTC+01:00)  #     | 

The Korean Ministry of Information and Communication announced yesterday it will adopt new measures in December to reduce the circulation of spam e-mail. The ministry's plan is designed to prevent the delivery of spam messages with fake sender information. Under the ministry's Sender Policy Framework, participating portal sites will share e-mail server information.

For the full article click here.

Thursday, August 04, 2005 1:35:16 PM (W. Europe Standard Time, UTC+01:00)  #     | 

From the list of presentations (check for update):

Thursday, August 04, 2005 11:22:12 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, August 03, 2005

Dan Kaminsky of DoxPara Research has posted the presentation Black OPs of TCP/IP 2005 (PowerPoint) which he made at Black Hat 2005 which includes his probes of the global Internet DNS infrastructure. The results demonstrate a number of weaknesses in the DNS. In particular, almost 10% of the DNS 2.5 million name servers are potentially subject to cache poisoning which permits hijacking network traffic. Also see the related article on CNET.

Wednesday, August 03, 2005 9:02:10 PM (W. Europe Standard Time, UTC+01:00)  #     | 

Net criminals 'customise' attacks: Criminal gangs have become more astute in phishing attacks. Net criminals and hackers are increasingly targeting their attacks at specific organisations, research shows. Worse hit, according to a worldwide survey by IBM, are government departments, financial services, manufacturing and healthcare. Of the 237 million security attacks in the first half of 2005, 137 million were aimed at these four areas. Spam is becoming less attractive as criminals focus on fraud, identity theft and extortion. This has meant a decrease in the ratio of spam to legitimate e-mail from 83% in January to 67% in June.

From BBC News, IBM press release - Global Business Security Index via Ewan Sutherland's weblog.

Wednesday, August 03, 2005 8:07:15 PM (W. Europe Standard Time, UTC+01:00)  #     | 

Alex Shipp, Senior Anti-Virus Technologist at MessageLabs comments:

 "The banking system in South American countries has a higher take-up of internet banking than the banking experience we're used to in the US or Europe. This makes online banks a prime target for the high-tech gangs operating in the region who can get rich quick by selectively targeting local economic interests."

For the full article click here.

Wednesday, August 03, 2005 5:18:54 PM (W. Europe Standard Time, UTC+01:00)  #     | 

In a survey to test whether top e-tailers are allowing consumers to opt out of receiving promotional or marketing messages, the FTC has determined that 89 percent of the online merchants it tested are honoring requests to halt future mailings.

The study showed a high rate of compliance with the CAN-SPAM opt-out provisions. All of the e-tailers who sent e-mail to the FTC accounts provided clear notice of recipients’ right to opt out of receiving future mail and provided recipients with an opt-out mechanism. Eighty nine percent of the e-tailers honored all three of the opt-out requests made by FTC staff and 93 percent complied with opt-out requests for at least some accounts.

For the full report (PDF), click here.

Wednesday, August 03, 2005 10:17:14 AM (W. Europe Standard Time, UTC+01:00)  #     | 

Phishing emails go formal - New method hides the true web address: Researchers have discovered a new method used by criminals to hide the location of phishing websites in email messages. The technique uses a form that sends the users to phishing websites after they have pushed a button. Traditionally phishers employ a link in the body of the email message, security watchdog, the SANS Internet Storm Centre has warned. Forms are commonly used by websites to allow users to send information back to the sites, for instance to enter user names and passwords for log ins. A phishing email tries to lure the recipient to a website that the message claims is from a trusted organisation like a bank or credit card company. The aim of the message is to steal confidential information such as login names and passwords.

From VNUnet, SANS Internet Storm Center - diary via Ewan Sutherland's weblog.

Wednesday, August 03, 2005 10:11:16 AM (W. Europe Standard Time, UTC+01:00)  #     | 

The Australian Communications Industry Forum (ACIF) has announced it is bringing together a number of Australian industry leaders to advise on convergence issues.

The new ACIF Convergence Group will advise on the best way to tackle issues relating to Voice over Internet Protocol (VoIP), Next Generation Networks (NGN), content and other associated areas.

ACIF’s chief executive officer, Anne Hurley, who chairs the new group, explained that the convergence of multiple technologies was blurring the boundaries of the various regulatory regimes and creating new challenges which the industry needed to address.

Wednesday, August 03, 2005 9:46:05 AM (W. Europe Standard Time, UTC+01:00)  #     | 

John Levine, Chair, IRTF Antispam Research Group (ASRG) writes in his weblog that the anti-spam Sender Policy Framework (SPF) email authentication scheme is losing market mindshare.

In a recent talk at an ITU Cybersecurity Event, Mr. Levine gave a presentation entitled The Limits of Security Technology: Lessons from the Spam Wars. In his talk, he asked the audience to reflect carefully as to how technology fits in to the overall solution. He stressed that technology can be morally and politically neutral but we need to decide exactly what it is that we want. For example, an ultimate solution to spam could impact on issues such as anonymous speech, whether we wanted virtual or physical identities, or closed or open systems. These were all tradeoffs that needed to be considered.

Wednesday, August 03, 2005 8:42:59 AM (W. Europe Standard Time, UTC+01:00)  #     | 

China mobile phone subscribers totals 363 million: China had 363.2 million mobile phone subscribers and 337.4 million fixed-line telephone subscribers as of the end of June, accounting for 28% and 26% of its current population, according to statistics published by China’s Ministry of Information Industry (MII). For Internet-access services, China had 31.7 million broadband subscribers, of which 21.9 million (69.1%) used xDSL.

From DigiTimes via Ewan Sutherland's weblog.

Wednesday, August 03, 2005 6:31:45 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, August 02, 2005
 Monday, August 01, 2005

Geoff Huston, APNIC, in the ISP Column for August 2005, has authored an article entitled Exploring Autonomous System Numbers. It examines Autonomous System (AS) Numbers and the role they play in Internet routing and discusses the near-term exhaustion of the unallocated pool of AS numbers in an expected 2010 timeframe. The article also discusses a necessary transition of increasing the AS number field size in the Border Gateway Protocol (BGP) inter-domain route protocol (from 2 to 4 bytes as defined in this current draft).

Monday, August 01, 2005 2:31:12 PM (W. Europe Standard Time, UTC+01:00)  #     | 
 Sunday, July 31, 2005

The Italian Communications Authority (AGCOM) has issued a consultation on its planned policy and regulatory approach to VoIP. See Consultazione pubblica concernente proposte di interventi regolamentari in merito alla fornitura di servizi VOIP. It includes a discussion of a distinct numbering block for VoIP as well as the imposition of requirements for emergency services.

Via Ewan Sutherland's weblog.

Sunday, July 31, 2005 11:32:20 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, July 29, 2005

New Zealand's Information Technology Minister David Cunliffe has tabled the Unsolicited Electronic Messages Bill, which will prevent the mass-marketing of emails and text messages to unsubscribed receivers. The Marketing Association's Chief Executive Keith Norris says while they support the bill, it won't change company practice, as they have had a permission-based code for five years.

Norris also says only 10% of spam originates in New Zealand and the bill is aimed at reinforcing international law.

Click here for the full article

Friday, July 29, 2005 9:49:13 PM (W. Europe Standard Time, UTC+01:00)  #     | 

"Just weeks after a Nigerian court convicted a woman in a massive e-mail scam case, the African nation will discuss spam and cybercrime solutions at a national seminar on economic crime. The four-day event, which begins Aug. 6, will take place at the Abuja headquarters of the Economic and Financial Crimes Commission, a government-sanctioned agency created in 2003 to "crack down on fraudsters," according to its Web site. Jonathan Rusch, the U.S. Department of Justice's special counsel for fraud prevention, is scheduled to speak on the last day of the conference about transnational "challenges in investigating and prosecuting telemarketing fraud, spamming and identity theft." A panel on cybercrime and national security is slated to follow his remarks."

Article accessed through fergie's blog.
Friday, July 29, 2005 9:34:51 PM (W. Europe Standard Time, UTC+01:00)  #     | 

The China Internet Network Information Center (CNNIC) has released its 16th China Internet Survey Report last week. According to the report, through the end of June 2005, China had 103 million Internet users, up 18.4 percent year on year. The number increased by nine million from January. Broadband users increased 23.8 percent year on year to 53 million, according to CNNIC. The number of computers in China connected to the Internet hit 45.6 million, said the report, up 25.6 percent year on year.

Friday, July 29, 2005 11:10:59 AM (W. Europe Standard Time, UTC+01:00)  #     | 

The final version of a paper commissioned by the ITU entitled A Comparative Analysis of Spam Laws: The Quest for a Model Law (PDF) has been released. The paper was authored by Derek E. Bambauer, John G. Palfrey, Jr., and David E. Abrams, Berkman Center for Internet & Society, Harvard Law School, for the ITU WSIS Thematic Meeting on Cybersecurity held in Geneva, 28 June - 1 July 2005.

Executive Summary

Spam presents a significant challenge to users, Internet service providers, states, and legal systems worldwide. The costs of spam are significant and growing, and the increasing volume of spam threatens to destroy the utility of electronic mail communications.

The Chairman’s Report from the ITU WSIS Thematic Meeting on Countering Spam in July 2004 emphasized the importance of a multi-faceted approach to solving the problem of spam and named legal governance as one of the necessary means. Our paper focuses on the potential nature of the legal regulation of spam, specifically the importance of harmonizing regulations in the form of a model spam law. We agree with the Chairman that the law is only one means towards this end and we urge regulators to incorporate other modes of control into their efforts, including technical methods, market-based means, and norm-based modalities.

Spam uniquely challenges regulation because it easily transverses borders. The sender of a message, the server that transmits it, and the recipient who reads it may be located in three different states, all of which are under unique legal governance. If spam laws are not aligned in these states, enforcement will suffer because the very differences between spam laws may mean that a violation in one state is a permissible action in another. Moreover, spammers have an incentive to locate operations in places with less regulation, and the opportunity to states to create a domestic spam hosting market may engage them in a race to the bottom.

Harmonizing laws that regulate spam offers considerable benefits, insofar as a model law could assist in establishing a framework for cross-border enforcement collaboration. To those enforcing the regulation of spam, harmonization as a model law effort offers: clear guidelines, easy adoption, enhanced enforcement, stronger norms, fewer havens for spammers, and the increased sharing of best practices. If such regulators then agree that harmonization can aid legal regimes intent on curbing spam, they must initially address four critical tasks: defining prohibited content, setting default rules for contacting recipients, harmonizing existing laws, and enforcing such rules effectively. This legal approach must be concurrently matched by efforts that employ other modes of regulation, such as technical measures, user education, and market-based approaches.

Our analysis of existing spam legislation gathered by the ITU Strategy and Policy Unit evaluated these laws’ elements to determine whether they were commonly included or not, and whether provisions were uniformly implemented or varying when present. Our research documents seven instances in which extant laws strongly converge: a focus on commercial content, the mandatory disclosure of sender/advertiser/routing, bans on fraudulent or misleading content, bans on automated collection or generation of recipient addresses, the permission to contact recipients where there is an existing relationship, the requirement to allow recipients to refuse future messages, and a mix of graduated civil and criminal liability. Also documented are five key areas of disagreement which are vital to a harmonized spam law but which have evaded consensus thus far: a prior consent requirement for contacting recipients, a designated enforcer, label requirements for spam messages, the definition of spam (whether it is limited to e-mail communication, or includes other applications, such as SMS), and the jurisdictional reach of the system’s spam laws. Naturally, a harmonization effort must tackle and narrow these zones of divergence in order to succeed.

Spam laws, whether harmonized or not, are at best only part of the solution to the spam problem and must be developed in concert with technical, market, and norms-based tools if the scourge of spam is to be substantially reduced. Efforts to harmonize the legal regulation of spam can serve as one effective means to solving the unique challenges spam presents. A model spam law is possible to develop, despite the many differences among the world’s spam laws.

Friday, July 29, 2005 10:00:40 AM (W. Europe Standard Time, UTC+01:00)  #     | 

Announced today on the WSIS web site is that the second Informal Consultation Meeting on Internet Governance (open to all stakeholders) will take place at the United Nations (Palais des Nations), Geneva, on 6 September 2005. Further details will be available in due time here.

Friday, July 29, 2005 9:44:10 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Thursday, July 28, 2005

Stakeholders, EU Member States, regional and local authorities have been invited to read the Digital Divide Report and express their views on policy measures needed to bring high-speed internet access to Europe’s under-served areas until Friday 16th September 2005. Herewith European Commission opened a public debate on closing the broadband gap in European Union.

The presented Digital Divide Report proposes two policy orientations:

• strengthening national broadband strategies as part of the Commission’s growth and jobs strategy and of the Commissioner Reding’s new i2010 Roadmap;

• improving the exchange of best practices, inter alia by gathering and sharing information on broadband deployment projects and tenders.

To join debate click here.

To read the "Digital Divide Forum Report: Broadband Access and Public Support in Under-served Areas" click here.

Thursday, July 28, 2005 6:00:28 PM (W. Europe Standard Time, UTC+01:00)  #     | 

Presentations in a July 2005 ICANN GAC roundtable discussion:

  • Root Server Anycast System (root server operators) provides an update of DNS root-server anycast status (103-worldwide with more planned for 2005) and the statement that root server anycast deployment is a "tremendous success".
  • Assorted Slides (Daniel Karrenberg, RIPE NCC) provides views on deploying DNSSEC on the root server system and the Working Group on Internet Governance (WGIG) final report comments that the "Lack of formal relationship with root server operators" is a public policy issue relevant to Internet governance. It is stated that this is "wrong" and "not a way to solve the issues about who edits the [root] zone file."
Thursday, July 28, 2005 2:51:02 PM (W. Europe Standard Time, UTC+01:00)  #     | 

Under a recent regulatory measure authorized by the European Commission, France Télécom will be required to provide, for a transitional period, market players with wholesale nationwide high-speed access to France’s telecoms network.

"This regulatory measure, proposed by the French national regulatory authority for electronic communications, ARCEP, was authorised today (27 July 2005) by the European Commission. The measure will apply until competing network operators have built a sufficiently wide backbone network and a large enough customer base to enable them to invest further in regional high-speed ('broadband') services, such as access to the web and services connecting subscribers’ premises to the network ('local loops']). The Commission asked ARCEP to review this market again within a year to fully take account of new market developments which could enhance competition in the wholesale nationwide broadband market in France."

"The measures proposed by the French telecom regulator ARCEP aims at "opening up competition to supply wholesale broadband in the French market. It includes products of the 'Option 5 nationale'-type already supplied by France Télécom to alternative network operators and ISPs. This product enables competing market players to provide retail services directly to end-users. It complements the two other types of wholesale broadband access regulation, namely unbundling of local loops and regional bitstream products, which were previously assessed by the Commission."

"France Télécom’s market shares, its capacity to supply the whole range of broadband products at both wholesale and retail level, its size and its control of the local infrastructure, led ARCEP to conclude that France Télécom is dominant on the wholesale nation-wide broadband access market. ARCEP considers that competition in this market will be facilitated if France Telecom is obliged, inter alia, to ensure internal accounting transparency between its wholesale 'network' branch and its retail 'ISP' entity as the recent reintegration of Wanadoo into France Telecom may have potential consequences on retail competition."

See EC press release here.

Click here for further information.

Thursday, July 28, 2005 12:11:37 PM (W. Europe Standard Time, UTC+01:00)  #     | 

The Internet Governance Project, an interdisciplinary consortium of academics with scholarly and practical expertise in international governance, Internet policy, and information and communication technology, has published a concept paper entitled The Future US Role in Internet Governance: 7 Points in Response to the U.S. Commerce Dept.’s “Statement of Principles”.

Thursday, July 28, 2005 9:26:52 AM (W. Europe Standard Time, UTC+01:00)  #     | 

According to this article relating to a recent event at Supercomm, while carriers and manufacturers aggressively press for the convergence of infrastructures, applications and services over next-generation network (NGN) technologies on a worldwide basis, there are many policy issues in regulation, public safety and security the United States and other national/international bodies are addressing on NGN implementations.

The various next-gen activities and challenges among U.S. and global policy makers were explored and outlined during a number of exhibit-booth lecture sessions sponsored by ATIS - a technical planning-and-standards- development organization with more than 350 participating companies - at the recent Supercomm exposition in Chicago.

Anthony M. Rutkowski, vice president for regulatory affairs and standards at VeriSign, said the Internet-inspired NGN terminology began to take greater shape within the telecom community during the 2000-04 timeframe, and it has come to "represent an omnibus array of activities and products emerging from a constellation of standards, regulatory and professional bodies worldwide," with significant NGN-related activities oriented around a real need facing providers and regulators worldwide.

Thursday, July 28, 2005 9:03:55 AM (W. Europe Standard Time, UTC+01:00)  #     | 

The US-based Alliance for Telecommunications Industry Solutions (ATIS) and Telephony have collaborated on a special 16-page supplement exploring and explaining the critical elements of their Next Generation Network standardization efforts.

Thursday, July 28, 2005 8:40:37 AM (W. Europe Standard Time, UTC+01:00)  #     | 

From Business Communications Review: IMS 101: What You Need To Know Now.

"Out of the wireless standards consortium called 3rd Generation Partnership Project (3GPP) comes a slow-growing and complicated collection of carrier network functions and processes that collectively are referred to as IMS, which stands for the IP (or Internet) Multimedia Subsystem. The IMS standards promise an operator-friendly environment for real-time, packet-based calls and services that not only will preserve traditional carrier controls over user signaling and usage-based billing, but also will generate new revenue via deep packet inspection of protocols, URI and content. IMS was conceived for the evolution of cellular telephony networks, but the benefits of user signaling and billing controls have attracted the endorsement and involvement of wireline network operators and standards makers, including the European Telecommunications Standards Institute (ETSI), the U.S.-based Alliance for Telecommunications Industry Solutions (ATIS) and the UN-sponsored International Telecommunication Union (ITU). In the U.S., cable multiple systems operators (MSOs) are also showing interest in IMS as part of the recent CableLabs PacketCable initiative, and network operators recently approached the WiMAX Forum's Network Working Group, asking that IMS be included in its forthcoming reference architecture."

From Ewan Sutherlands weblog.

Thursday, July 28, 2005 7:32:20 AM (W. Europe Standard Time, UTC+01:00)  #     | 

Apples and Oranges: Problems in the Analysis of Comparative Regulatory Governance by Martin MINOGUE

Interest in regulation as a mode of governance is now a central feature of the literature on regulation in developed economies. Extending this area of study to developing and transitional economies gives rise to problems in comparative analysis which are explored in this paper. Four categories of problem are considered:

  • The problem of contested concepts, arising in part from the intervention in the traditionally economic literature of disciplines such as law and political science
  • The problem of scope, which remains ambiguous because of the difficulty of separating out regulation from the normal range of state activities
  • The problem of comparisons, in which cross-sectoral or cross-national studies display familiar weaknesses
  • The problem of measurement, where quantitative studies too often rely on weak data and untested assumptions, and qualitative studies are rarely in evidence

The paper emphasises the crucial significance of legal, political and administrative structures in determining the design, implementation and outcomes of regulatory reforms, and brings into sharp focus the analytical problems set out above in relation to the application of this approach to regulation in developing countries, in particular in relation to the notion of ‘independent’ regulation.

From Centre on Regulation and Competition and http://3wan.net/v-web/b2/index.php?p=6101&c=1

Thursday, July 28, 2005 7:06:23 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, July 27, 2005

Israel’s Knesset (or parliament) has passed a law to fight against spam, imposing fines and strict regulations on people who send unsolicited email, junk faxes, and spam text messages.

“State intervention was necessary in order to prevent the continued impingement on the public’s privacy,” said Israeli Communications Minister Dalia Itzik, who initiated the legislation. Unlike the United States’ CAN-SPAM Law, the Israeli law bars the sending of spam unless the recipient gives his or her prior consent".

For the full article click here.

Wednesday, July 27, 2005 6:29:43 PM (W. Europe Standard Time, UTC+01:00)  #     | 

InternetNZ announced the release of its ENUM Personal User Agent prototype source code under an Open Source BSD Licence to encourage developer support of an ENUM initiative in New Zealand. The system integrates with Asterisk, an Open Source PBX.

Wednesday, July 27, 2005 12:24:23 PM (W. Europe Standard Time, UTC+01:00)  #     | 

From the ITU-T Newslog: The Focus Group on Next Generation Networks (FGNGN) has recently completed a technical report that will hand back some elements of network management to the customer.

The document is an approved deliverable of the group that will be submitted to FGNGN’s parent within ITU-T, Study Group 13, for further consideration as a candidate ITU-T product (e.g. Recommendation, supplement, handbook, etc.). It outlines a framework for customer manageable IP networks (CMIP).

CMIP will give end users the ability to manage network elements and resources, such as bandwidth and storage.

Using a menu driven system CMIP will allow end-users to split bandwidth, dedicating, for instance, 1 Mbps to file sharing, .5 Mbps to instant messaging and e-mail, and .5 Mbps to web browsing.

Service providers will benefit by being able to offer this ability as value-add to their Internet service offerings, and will also be able to better provision network resources for services, such as web browsing, VoIP, and peer to peer (P2P), given the increased knowledge of exactly how users are using their bandwidth.

Wednesday, July 27, 2005 10:31:53 AM (W. Europe Standard Time, UTC+01:00)  #     | 

Skype has announced beta support for some toll free numbers, including:

  • France: +33 800, +33 805, +33 809
  • Poland: +48 800
  • UK: +44 500, +44 800, +44 808
  • USA: +1 800, +1 866, +1 877, +1 888

From Skype via Ewan Sutherland's weblog.

Wednesday, July 27, 2005 10:17:50 AM (W. Europe Standard Time, UTC+01:00)  #     | 

The World Bank, Global Information & Communication Technologies Department, released the new discussion paper by Jérôme Bezzina on "Interconnection Challenges in a Converging Environment: Policy Implications for African Telecommunications Regulators".

The purpose of this paper is to show how interconnection regimes can be adapted to the African specificities in a context of convergence and increased competition. It analyzes how interconnection regulation in Africa has been defined at the onset of the convergence phenomenon (i.e., FTM substitution), and explores the issues related to new technologies (for example Internet protocol [IP] telephony) and interconnection regulation policies.

The publication is available here.

Wednesday, July 27, 2005 6:41:16 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, July 26, 2005

Roger Darlington writes about the UK's Ofcom, (the UK regulator for communications industries, with responsibilities across television, radio, telecommunications and wireless communications services), and its recently published Annual Report for 2004/5. He highlights a few points:

  • In his Chairman's Message, David Currie writes: "Ofcom operates with a bias against intervention. We are fully aware that regulatory intercession comes with a price tag attached; the resulting cost to industry invariably yields added cost to the consumer. As such, we firmly believe that targeted deregulation is in the public interest and will seek to pursue this wherever possible."
  • In his Chief Executive's Report, Stephen Carter states: "Unnecessary regulation imposes costs on business, stifles innovation and provides a barrier to market entry - as a consequence, increasing prices and diminishing choice for consumers. Therefore, as a matter of operating principle and in line with our statutory mandate, it is our ambition to be a deregulating regulator wherever feasible.
  • The Communications Act 2003 requires that Ofcom's activities should be proportionate and targeted only at cases in which action is needed; the Act also encourages Ofcom to seek, promote and facilitate opportunities for self-regulation. Ofcom's own regulatory principles state that in all of our work we will operate under a bias against intervention, with a commitment to seek the least intrusive regulatory mechanisms to achieve our policy objectives.
  • In operational terms, as a matter of mandatory internal process, proposals from the Executive to the Ofcom Board are required to contain a full analysis of the 'do nothing' deregulatory option in response to market developments."
  • This is all very well, but regulation should not necessarily be seen as a bad thing, rather as a reasonable cost of doing business in a market which has profound impacts on the consumer. As Colette Bowe - Chairman of the independent Consumer Panel which advises Ofcom - put it in her foreward to the first Panel Annual Report "We are convinced that a freer market in communications should be able to deliver better prices and more innovation. But this process needs to be driven by clear, up-to-date information that is readily, cheaply and easily available. So we watch very carefully Ofcoms stated intention to adopt a light touch in regulation. A light touch in correcting market failure may be the wrong touch. We expect Ofcom to be ready and able to intervene in markets where they are not performing in the interests of consumers."
Tuesday, July 26, 2005 4:34:52 PM (W. Europe Standard Time, UTC+01:00)  #     | 

Spectrum licensing and spectrum commons - where to draw the line by Martin CAVE.

A paper prepared for the International Workshop on Wireless Communication Policies and Prospects: A Global Perspective, USC, October 8-9, 2004.

From USC Annenberg School of Communications via Ewan Sutherland's weblog.

Tuesday, July 26, 2005 4:33:06 PM (W. Europe Standard Time, UTC+01:00)  #     | 
Tuesday, July 26, 2005 3:44:24 PM (W. Europe Standard Time, UTC+01:00)  #     | 

The East African Centre for Open Source Software (EACOSS) is a specialised Free and Open Source Software training centre focusing on the East African region. Their mission is to promote the use and access to Free and Open Source Software in the East African community and contribute to the development through empowering people with skills to use ICT. The centre was founded in April 2004 and opened its doors in August 2004 on Port Bell Road in Nakawa - Kampala Uganda. The training center is located at the premises of Uganda Institute of Information and Communication Technology.

As part of their OSS Training programme, they have released an Introduction to Computers and Computer Literacy based on OSS.

Tuesday, July 26, 2005 12:03:01 PM (W. Europe Standard Time, UTC+01:00)  #     | 

The mozilla.org team has announced changes to Firefox regarding Internationalized Domain Names (IDN) to deal with homograph spoofing attacks.

  • "We have implemented a TLD whitelist system, which currently contains 21 TLDs for which we correctly display IDN domain names in the UI (user interface). Any IDN domain name in a non-whitelisted TLD displays as punycode. This is a security feature and so there is no user interface for adding or removing TLDs.
  • Any registry which wishes to be added to the whitelist should follow the instructions on that page. In terms of what constitutes a homograph, we are being guided by the Unicode Consortium's confusables list at http://www.unicode.org/draft/reports/tr36/data/confusables.txt and by common sense. Our policy in this area is still somewhat in flux - in particular, we are not yet sure whether we should require that registries to consider two characters which differ only in accent (sometimes by the shade of a single pixel at normal font sizes) as homographic. In the mean time, we strongly advise that registries do this.
  • We have implemented a character blacklist, which will soon contain 'DIVISION SLASH' (U+2215) and 'FRACTION SLASH' (U+2044). After that, we may extend it to forbid more characters which may be used to spoof URL punctuation. https://bugzilla.mozilla.org/show_bug.cgi?id=301694
  • This is not meant to prejudice the outcome of the current IAB-IDN discussions on potentially reducing the number of characters permitted in IDN, but we feel the danger posed by the use of such characters in 3rd and 4th level domains is great enough to require an immediate ban. Any domain name which contains one or more of these characters displays as punycode.
  • We wish to thank Opera Software for their help in creating the initial whitelist and providing suggestions for the character blacklist."
Tuesday, July 26, 2005 11:32:08 AM (W. Europe Standard Time, UTC+01:00)  #     | 

A very good article entitled Telecom: Conflict of Motives by Tom Nolle in the June 2005 issue of BCR Magazine discusses how the future of networking is often seen too simplistically as a fundamental conflict between "the Internet" and "the telcos". 

  • "The Internet supporters have a notion of good public policy: Anything over IP is unregulated. However, “unregulated” means free market dynamics will prevail, and so this position is actually self-defeating. What’s needed is a constructive open debate on what regulatory policy should be..."
  • "Proof point one is simple: “Prove that your concept of rampant innovation doesn’t necessarily mean free networks.” Somebody has to finance the network of the future."
  • "Proof point number two is more complicated: “Prove that revolutionary new opportunities are really opportunities and not just disruptions.” Pure research is wonderful and necessary, but when you talk about deploying worldwide infrastructure for services critical to the economic survival of many societies, you ought to be out of the experimenting phase."
  • Proof point number three is the most complicated of all: “Prove you won’t do it again.” We lied, as an industry. We lied to Wall Street, to Main Street, to regulators and to ourselves. The financial markets move on credibility. They will never understand this industry, our technology. They will have to take us at our word, and our word is no longer good. Every naïve comment about “profit,” every notion of “free” this or that, only validates the financial view that the best thing this industry can do is hunker down and control costs. Who better to do that than the “conservative” common carriers?
Tuesday, July 26, 2005 11:07:44 AM (W. Europe Standard Time, UTC+01:00)  #     | 

Tuesday, July 26, 2005 10:44:11 AM (W. Europe Standard Time, UTC+01:00)  #     | 

Korea's Chosun Ilbo has an article on how competition is heating up in deployment of Korea's national NGN project which is called the Broadband convergence Network (BcN). BcN is the fusion of communication, broadcasting and the Internet, is a next-generation information network that the Korean government is pushing to complete by 2010 as part of its national IT 839 Strategy.

Tuesday, July 26, 2005 10:11:02 AM (W. Europe Standard Time, UTC+01:00)  #     | 

BCR Magazine has an editorial entitled Monetizing the Internet:

"I won’t pretend that John Waclawsky’s article in this month’s issue (“IMS 101: What You Need To Know Now”) is easy going. There are a lot of protocol acronyms and stuff about standards bodies that might tempt you to turn the page. Don’t.

Waclawsky’s article has everything to do with what the public networks, wireline and wireless, are likely to become over the next few years. It deals with the IP/Internet Multimedia Subsystem or IMS, the standards set that began in the wireless world but is likely to become the foundation of a comprehensive vision that the International Telecommunication Union (ITU) calls the Next Generation Network or NGN.

What’s remarkable about Waclawsky’s article, to me anyway, is its conclusion. If you’ve followed his past articles for BCR (see “Closed Architectures, Closed Systems And Closed Minds,” October 2004, and “Where Do System Standards Go From Here?” March 2005), you know that Waclawsky is not kindly disposed toward these overarching, carrier-driven standards efforts. He’s highly skeptical of attempts to, as he puts it in this month’s article, “monetize the Internet.” He uses the current article to critique the IMS and related efforts, and finds much wanting.

Yet his bottom line is this: “In spite of the drawbacks and delays, it seems one or more variations of IMS could become the norm for all broadband access.” This forecast cannot be made with any relish."

More....

Tuesday, July 26, 2005 9:58:30 AM (W. Europe Standard Time, UTC+01:00)  #     | 

The ITU Council has approved that the theme for World Telecommunication Day 2006 (May 17) be Promoting Global Cybersecurity.

Here is the background of this decision as contained in the proposal to ITU Council:

The United Nations General Assembly adopted, in 2002, a resolution entitled UNGA Resolution 57/239: Creation of a global culture of cybersecurity, calling for international organizations to consider measures to foster a global culture of cybersecurity and invited Member States to develop throughout their societies a culture of cybersecurity in the application and use of information technologies. The General Assembly also stressed the necessity to facilitate the transfer of information technology and capacity-building to developing countries, in order to help them to take measures in cybersecurity.

The ITU Plenipotentiary in 2002 adopted Resolution 130: Strengthening the role of ITU in information and communication network security, instructing the Secretary General and the Directors of the Bureaux to intensify work within existing ITU study groups and inviting ITU Member States and Sector Members to participate actively in the ongoing work of the relevant ITU study groups.

In 2004, a second resolution, UNGA Resolution 58/199: Creation of a global culture of cybersecurity and the protection of critical information infrastructure, was adopted by the United Nations on the global culture of cybersecurity and the protection of critical information infrastructure. The General Assembly, through this Resolution, encouraged Member States, regional and international organizations that have developed strategies to deal with cybersecurity and the protection of critical information infrastructures to share their best practices and measures that could assist other Member States in their efforts to facilitate the achievement of cybersecurity; it also stressed the necessity for enhanced efforts to close the digital divide, to achieve universal access to information and communication technologies and to protect critical information infrastructures by facilitating the transfer of information technology and capacity-building, in particular to developing countries so that all States may benefit fully from information and communication technologies for their socio-economic development.

In 2004, the World Telecommunication Standardization Assembly (WTSA) adopted Resolution 50 on Cybersecurity, requesting the ITU-T to continue to raise awareness, of the need to defend information and communication systems against the threat of cyberattack, and continue to promote cooperation among appropriate entities in order to enhance exchange of technical information in the field of information and communication network security.

In accordance with PP Resolution 130 and WTSA Resolution 50, it was proposed that ITU should take a lead role in promoting a global cybersecurity campaign. The vehicle of World Telecommunication Day can be used to build an awareness campaign in support of this objective. In implementing this campaign, ITU would work in close cooperation with organizations involved in global cybersecurity issues, including the European Network and Information Security Agency, the Organization for Economic Cooperation and Development as well as other national, regional and international interested entities.

Tuesday, July 26, 2005 9:48:46 AM (W. Europe Standard Time, UTC+01:00)  #     | 

Light Reading says it is IMS Crunch Time:

"After a dizzying ascent from minor-league 3G standards initiative to major-league NGN architecture, IMS is clearly ready for prime time. But what is it, exactly, that it’s called upon to deliver? To answer that question, we need to remind ourselves what the standards-setters set out to achieve."

Tuesday, July 26, 2005 8:32:00 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, July 25, 2005

Press Release: The International Telecommunication Union (ITU), the United Nations specialized agency for telecommunications, and infoDev, a multi-donor programme focusing on information and communication technologies (ICT) for development, today launched a new online Regulation Toolkit designed to address the complex regulatory challenges emerging from a rapidly evolving ICT industry.

An update and expansion of infoDev’s influential print publication Telecom Regulators’ Handbook (issued in 2000), the new web-based toolkit is aimed at national and regional regulatory agencies, ICT policy-makers, and other stakeholders with an active interest in ICT regulation. Nearly 140 countries worldwide now have a national regulatory authority, with the vast majority having been put in place during the last 10 years. These relatively new authorities, many of which have been established as part of a broader programme of national ICT liberalization, have a strong need for reliable and impartial information on regulatory issues and best practice.

"Today’s regulators and policy makers — especially those in the developing world — are seeking practical advice and concrete best practice guidelines to help grow their national ICT markets," said Hamadoun I. Touré, Director of ITU’s Telecommunication Development Bureau (BDT). "The new ICT Regulation Toolkit responds to this demand by providing a first-class product on policy and regulation."

Conceived as a permanently evolving resource, the toolkit consists of a series of modules on key regulatory issues in the rapidly converging ICT sector. The first module, which went live today, deals with the authorization of telecommunication services. It addresses such issues as different authorization approaches and practices, and competitive licensing processes. It also highlights recent trends toward lighter authorization and licensing practices that reduce barriers to market entry.

Monday, July 25, 2005 3:11:53 PM (W. Europe Standard Time, UTC+01:00)  #     | 

The 2005 E-Crime Watch survey was conducted by CSO magazine in cooperation with the U.S. Secret Service and Carnegie Mellon University Software Engineering Institute’s CERT® Coordination Center. The research was conducted to unearth electronic crime fighting trends and techniques, including best practices and emerging trends. Respondents’ answers are based on the 2004 calendar year. A similar version of this survey was also conducted in 2004 with corresponding answers from the 2003 calendar year. Trending data is provided where relevant.

From CERT

Monday, July 25, 2005 12:06:17 PM (W. Europe Standard Time, UTC+01:00)  #     | 

The International Privacy Regime by Tim WU

"Privacy has joined one of many areas of law understandable only by reference to the results of overlapping and conflicting national agendas. What has emerged as the de facto international regime is complex. Yet based on a few simplifying principles, we can nonetheless do much to understand it and predict its operation. First, the idea that self-regulation by the internet community will be the driving force in privacy protection must be laid to rest. The experience of the last decade shows that nation-states, powerful nation-states in particular, drive the system of international privacy. The final mix of privacy protection that the world's citizens receive is disproportionately dictated by the choices and preferences of powerful nation-states and their respective effects on giant and small targets. Second, traditional conflicts analysis can help explain and predict the future course of privacy analysis. Privacy regulation can be understood as a species of information regulation to which companies and individuals will respond in predictable ways. The analysis here shows an international privacy system that has fractured into three distinct regulatory patterns. Mainstream privacy, or transactional privacy, has become dominated by the rule of the most restrictive state, a pattern familiar to other areas like the world's regulation of competition (antitrust). Conversely, the problem of information theft has been pushed by the international system toward a kind of a race to the bottom, or to the least restrictive rule. Most akin to international piracy (the kind on boats), it is a familiar problem to international law that will nonetheless take considerable political will to reverse. And finally, while there is a potential for the international system to influence how governments handle the privacy information of their own citizens, the direct collision of interests have limited the extent to which governments police one another."

From SSRN via weblog of Ewan Sutherland.

Monday, July 25, 2005 10:35:33 AM (W. Europe Standard Time, UTC+01:00)  #     | 

"Romanian CDMA operator Zapp has launched a pre-paid mobile broadband internet access service, the first of its type in the country, according to its press release. The Zapp Internet Express Card package includes a modem and a card allowing the user 40 hours of web surfing within six months of activation at a total cost of USD175. Once the initial surf time is up, the user can purchase pre-paid cards of various denominations, starting at USD10 for seven hours."

Click here to view the article featured in TeleGeography.

Article was accessed through Ewan Sutherland's weblog.

Monday, July 25, 2005 10:35:10 AM (W. Europe Standard Time, UTC+01:00)  #     | 

The Anti-Spyware Coalition proposed a standardized definition of "spyware" on July 12, 2005. The definition, which is open for public comment until August 12, is intended to serve as the foundation for a more unified approach to tackling the spyware problem. In addition to defining spyware, the coalition's first public document also offers uniform definitions of other commonly used terms like "adware" and "cookie," and offers tips for users to avoid downloading unwanted programs.

For more information, see the full article.

For comments on the Anti-Spyware Coalition definitions, click here.

Monday, July 25, 2005 9:26:29 AM (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, July 22, 2005

Yahoo and Cisco have teamed up in an effort to reduce the amount of junk email reaching users' inboxes.

The firms have announced a specification called DomainKeys Identified Mail (DKIM) that they hope will become a web standard. DKIM combines Yahoo's DomainKeys and Cisco's Identified Internet Mail authentication technologies.

For the full article click here.

Friday, July 22, 2005 7:16:00 PM (W. Europe Standard Time, UTC+01:00)  #     | 

Following the release of the report from the Working Group on Internet Governance, according to a Decision of PrepCom-2 all governments and other stakeholders are invited to submit written comments and proposals on Internet Governance to wsis-contributions@itu.int by 15 August 2005. Thereafter, a compilation of these contributions will be forwarded to PrepCom-3, which will be held 19-30 September 2005, together with the report of the WGIG.

Friday, July 22, 2005 5:09:01 PM (W. Europe Standard Time, UTC+01:00)  #     |