[OPLIN 4cast] OPLIN 4cast #415: Encryption by default

Editor editor at oplin.org
Wed Dec 10 10:30:09 EST 2014 

Email not displaying correctly? View it in your browser. 
<http://www.oplin.org/4cast/>
OPLIN 4Cast

OPLIN 4cast #415: Encryption by default
December 10th, 2014

keyIt seems like every day brings news of another major Internet hack, 
some so huge and cunning that they are blamed on government-sponsored 
"armies" of hackers. According to one recent report 
<http://readwrite.com/2014/12/04/cybersecurity-corporate-networks-ransomware-cyberattack>, 
82% of U.S. companies were hit last year by at least one online attack, 
and though libraries may think nobody would bother to attack them, they, 
too, are increasingly coming under attack. And there is also almost 
daily news of surveillance of Internet traffic (sometimes in preparation 
for a hack). No doubt about it, the Internet has become scary. Last 
month, to combat this trend, the Internet Architecture Board (IAB) 
recommended that most Internet traffic be encrypted by default, rather 
than using encryption only in special circumstances.

  * Q&A: Internet encryption as the new normal
    <http://www.darkreading.com/perimeter/qanda-internet-encryption-as-the-new-normal/d/d-id/1317783?_mc=NWC_EDT_STUB>
    (Dark Reading | Kelly Jackson Higgins) "The Internet Architecture
    Board (IAB), which oversees the Internet's architecture, protocols,
    and standards efforts, officially called last month for encryption
    to be deployed throughout the protocol stack as a way to lock down
    the privacy and security of information exchange. It was a bold and
    important statement from the IAB, and it likely will be the general
    blueprint for new protocol efforts by the Internet Engineering Task
    Force (IETF), which creates the protocol specifications that run the
    Internet and devices and systems connected to it."
  * IAB statement on Internet confidentiality
    <https://mailarchive.ietf.org/arch/msg/ietf-announce/ObCNmWcsFPNTIdMX5fmbuJoKFR8>
    (IETF mail archive | Russ Housley) "The IAB urges protocol designers
    to design for confidential operation by default. We strongly
    encourage developers to include encryption in their implementations,
    and to make them encrypted by default. We similarly encourage
    network and service operators to deploy encryption where it is not
    yet deployed, and we urge firewall policy administrators to permit
    encrypted traffic. We believe that each of these changes will help
    restore the trust users must have in the Internet."
  * IAB urges designers to make encryption the default
    <http://threatpost.com/iab-urges-designers-to-make-encryption-the-default/109404>
    (Threatpost | Dennis Fisher) "The statement by the IAB is a direct
    response to the events of the last couple of years and the
    revelations by Edward Snowden
    <https://threatpost.com/edward-snowden-and-the-death-of-nuance/103902>
    of the NSA's massive surveillance on the Internet. Internet
    companies and technology vendors have responded to the NSA
    revelations by increasing their use of encryption, especially on
    links between data centers. But the Internet itself was not designed
    with security in mind. Rather, openness and interoperability were
    the main goals of the network's designers. The IAB believes that
    ubiquitous encryption can help address the shortcomings of the
    original design and protect users from attackers and surveillance."
  * Internet Society commends Internet Architecture Board recommendation
    on encryption-by-default for the Internet
    <http://www.internetsociety.org/news/internet-society-commends-internet-architecture-board-recommendation-encryption-default>
    (The Internet Society) "Like the IAB, the ISOC Board of Trustees
    recognizes that implementing this aspiration raises a number of
    practical issues and technical challenges. In addition to network
    management, intrusion detection, and spam prevention, we expect
    there will be economic and policy challenges. As the organizational
    home for the IETF, the Internet Society will take an active role in
    facilitating and participating in the conversations required to
    address these challenges going forward."

*/Articles from Ohio Web Library <http://ohioweblibrary.org>:/*

  * Internet governance overview.
    <http://web.a.ebscohost.com/pov/detail/detail?sid=67efe237-70f6-4884-8374-0a3ade55a699%40sessionmgr4001&vid=0&hid=4214&bdata=JnNpdGU9cG92LWxpdmU%3d#db=pwh&AN=96230932>
    (/Congressional Digest/, June 2014, p2-5)
  * Future-proof encryption.
    <http://eds.b.ebscohost.com/ehost/detail/detail?sid=3bec8fc7-b0e1-41b4-b1f6-397d361094ab%40sessionmgr198&vid=0&hid=113&bdata=JnNpdGU9ZWhvc3QtbGl2ZQ%3d%3d#db=buh&AN=91736498>
    (/Communications of the ACM/, Nov. 2013, p12-14 | Gregory Mone)
  * Export controls for tech companies: The basics and the pitfalls of
    U.S. encryption controls.
    <http://eds.b.ebscohost.com/ehost/detail/detail?sid=e7d3edcd-8a1d-415b-bf1d-d84d5e3cb18a%40sessionmgr110&vid=0&hid=113&bdata=JnNpdGU9ZWhvc3QtbGl2ZQ%3d%3d#db=buh&AN=98040111>
    (/Journal of Internet Law/, Sept. 2014, p1-12 | John R. Shane and
    Lori E. Scheetz)

------------------------------------------------------------------------
The */OPLIN 4cast/* is a weekly compilation of recent headlines, topics, 
and trends that could impact public libraries. You can subscribe to it 
in a variety of ways, such as:

  * *RSS feed.* You can receive the OPLIN 4cast via RSS feed by
    subscribing to the following URL:
    http://www.oplin.org/4cast/index.php/?feed=rss2.
  * *Live Bookmark.* If you're using the Firefox web browser, you can go
    to the 4cast website (http://www.oplin.org/4cast/) and click on the
    orange "radio wave" icon on the right side of the address bar. In
    Internet Explorer 7, click on the same icon to view or subscribe to
    the 4cast RSS feed.
  * *E-mail.* You can have the OPLIN 4cast delivered via e-mail (a'la
    OPLINlist and OPLINtech) by subscribing to the 4cast mailing list at
    http://mail.oplin.org/mailman/listinfo/OPLIN4cast.


OPLIN 4Cast
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20141210/64703b87/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: kubrickheader.jpg
Type: image/jpeg
Size: 38379 bytes
Desc: not available
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20141210/64703b87/attachment-0003.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: key.png
Type: image/png
Size: 11963 bytes
Desc: not available
URL: <http://lists.oplin.org/pipermail/oplin4cast/attachments/20141210/64703b87/attachment-0003.png>

More information about the OPLIN4cast mailing list